> you run out of stack pretty quickly Maybe in python. Other programming languages allow you to use a large stack, if you need to. And this isn't a bad thing. It may be a bad thing in python, because the call stack has overhead, but in C it is no bad thing.
I don't see this "trend". You find such instances, but it's definitely no trend. Where you find them, you often habe projects, which annoyed a lot of users first. There is a more aggressive mood, when users got no help and got their issues closed with "30 days no activity", because the devs didn't do anything about the well described issue, which is still in the product. This should of course NOT cause aggressive non-constructive behaviour, but humans are humans and sometimes this happens. If you want a nice productive community, you need to build a nice community. YOU are part of the community and in some kind of (soft) leader role. If you form the community, you get the community you want. If you just wait for an angry mob to form in your issues, you actually don't have a community, which could stop destructive members. You actually won't find a one-size-fits-all help. The only thing you can do is to keep calm and nice whatever happens. If YOU get triggered to be aggressive as well, the mood in your project will decline rapidly and the peaceful users will be scared away as well. And you have no point in being an example for others anymore. This said, you may need to ban some trolls from time to time, if they keep making trouble even when you and others try your best to help.
Mozilla is tackling the security of the OS, like buffer overflows, while the attackers are tackling the security of the web, like tracking users, using csrf and similiar stuff. Mozilla should start with tuning firefox for privacy. The typical problem with a buffer overflow is a crash. Even when they get user privileges, they won't find much interesting on most user's PCs. The interesting stuff happens in the Browser. The Webmail-Login is more valuable to the average user than the few files in his user profile. The Facebook Login worth more than the PC, which can be replaced by a tablet, when it becomes slow because of viruses. Of course this isn't true for every user, but for the majority. And mozilla should not stop fixing bugs and programming for security, but actually inventing a new programming language to fix potential issues arising from wrong usage of C is just overkill. Of course you can do it, if you have too much time, but then i point at the bugtracker with seven figure Bug-IDs.
For a really sophisticated solution, have a look into "ip rule", the "fwmark" option of iptables and matching cgroups.
The advantage: What is in a cgroup stays in a cgroup. Even when a program changes user, its process and children are still in the cgroup. Of course, who is able to control the cgroup(s) can reassign the processes. So you may consider root putting the process in a cgroup, which it cannot escape without root privileges.
Lately they stole the name Neon from the KDE distribution, now they steal the name GVFS from GNOME. Who's next? Stealing something from the cinnamon desktop? Or maybe Some eXtended Filemanager for windows CE (XFCE)?
Depends on your type of internet connection. Usual DSL setup with some router at the dsl port and your pc at a lan interface of the router (or tails in a vm, talking to the host via a NAT-network (default on most vm softwares)), a malware running as the restricted user would only get the LAN ips and the tor-exit ip (not by reading it, but by using some kind of whatismyip service or directly accessing some honeypot/pleaselogme url).
Make firefox and thunderbird great again. And ignore stuff like IoT or Firefox OS (they ignore it since some time now), etc.
The fail is to lay off people and then remove the additional projects. Keep the people, make them fix the thousands of bugs in the bugtracker. Firefox will finally be the best browser again.
Yep, this doesn't work for me either. And then it falls back either to traffic signs (works good) or house numbers (which usually loads like 10 new images when you clicked all correct numbers).
The original article quotes a facebook article, which speaks about reducing requests by using cache with long expire headers.
Their approach: expire header for one year, filename with a content hash. This means, facebook spams your browser cache with data, which will never be accessed again after they changed it, just to reduce the number of "if-modified" requests.
Hamsters may be the better choice, when you're having a rat allergy, because they have other ancestors:-). Btw. there is cannibalism (mostly of corpses) in rats as well.
Hamsters are no group animals. If you have them in a group, they either fuck or bite each other or fuck and then the female bites the male until it leaves. Dead animals are eaten, as hamsters do eat meat, if they get some and they care to get rid of dead corpses to avoid attracting enemies. This hasn't anything to do with a corn diet, which is common for golden hamsters as pets.
> almost all malware employs the use of "antis" which is a technique used to detect if the machine is physical or virtual [citatation needed]
some does, but i guess most doesn't. Many, because they don't care or because it can be non-trivial. And then the question is, which vms they can detect? vmware? Okay, i was using kvm, so the vmware and vbox detection is useless...
I would not trust on malware distrusting my vm for staying malware free.
Slashdot Mirror
Most modern C compilers, given certain constraints about return values.
> you run out of stack pretty quickly
Maybe in python. Other programming languages allow you to use a large stack, if you need to. And this isn't a bad thing. It may be a bad thing in python, because the call stack has overhead, but in C it is no bad thing.
Maybe if you use some new hipster frameworks. Real programmers know their constructs and when to use them.
I don't see this "trend". You find such instances, but it's definitely no trend.
Where you find them, you often habe projects, which annoyed a lot of users first. There is a more aggressive mood, when users got no help and got their issues closed with "30 days no activity", because the devs didn't do anything about the well described issue, which is still in the product.
This should of course NOT cause aggressive non-constructive behaviour, but humans are humans and sometimes this happens. If you want a nice productive community, you need to build a nice community. YOU are part of the community and in some kind of (soft) leader role. If you form the community, you get the community you want. If you just wait for an angry mob to form in your issues, you actually don't have a community, which could stop destructive members.
You actually won't find a one-size-fits-all help. The only thing you can do is to keep calm and nice whatever happens. If YOU get triggered to be aggressive as well, the mood in your project will decline rapidly and the peaceful users will be scared away as well. And you have no point in being an example for others anymore.
This said, you may need to ban some trolls from time to time, if they keep making trouble even when you and others try your best to help.
Nope. You may be talking about svn (are they using svn?), but i am talking about bugzilla.mozilla.org
Mozilla is tackling the security of the OS, like buffer overflows, while the attackers are tackling the security of the web, like tracking users, using csrf and similiar stuff.
Mozilla should start with tuning firefox for privacy. The typical problem with a buffer overflow is a crash. Even when they get user privileges, they won't find much interesting on most user's PCs. The interesting stuff happens in the Browser. The Webmail-Login is more valuable to the average user than the few files in his user profile. The Facebook Login worth more than the PC, which can be replaced by a tablet, when it becomes slow because of viruses.
Of course this isn't true for every user, but for the majority. And mozilla should not stop fixing bugs and programming for security, but actually inventing a new programming language to fix potential issues arising from wrong usage of C is just overkill. Of course you can do it, if you have too much time, but then i point at the bugtracker with seven figure Bug-IDs.
Too large company to keep the overview ... and external names? Who cares ...
For a really sophisticated solution, have a look into "ip rule", the "fwmark" option of iptables and matching cgroups.
The advantage: What is in a cgroup stays in a cgroup. Even when a program changes user, its process and children are still in the cgroup.
Of course, who is able to control the cgroup(s) can reassign the processes. So you may consider root putting the process in a cgroup, which it cannot escape without root privileges.
Lately they stole the name Neon from the KDE distribution, now they steal the name GVFS from GNOME. Who's next? Stealing something from the cinnamon desktop? Or maybe Some eXtended Filemanager for windows CE (XFCE)?
Depends on your type of internet connection.
Usual DSL setup with some router at the dsl port and your pc at a lan interface of the router (or tails in a vm, talking to the host via a NAT-network (default on most vm softwares)), a malware running as the restricted user would only get the LAN ips and the tor-exit ip (not by reading it, but by using some kind of whatismyip service or directly accessing some honeypot/pleaselogme url).
I don't think its illegal to download a file with a kitten. So they may log the ips, but what do they want to sue the user for?
> stop using IE (physically break it)
I am not sure, you know what physically means.
useful workaround:
iptables -A OUTPUT -m user --uid vpnuser -d 127.0.0.1 --dport 9050 -j ACCEPT
iptables -A OUTPUT -m user --uid vpnuser -j REJECT
and tor running as another user.
tails in a vm would have prevented this.
tails is about disallowing non-tor connections for the primary user.
Make firefox and thunderbird great again.
And ignore stuff like IoT or Firefox OS (they ignore it since some time now), etc.
The fail is to lay off people and then remove the additional projects.
Keep the people, make them fix the thousands of bugs in the bugtracker. Firefox will finally be the best browser again.
The ars article even seems to lack the link to the primary source.
So stop linking secondary sources here!
Yep, this doesn't work for me either. And then it falls back either to traffic signs (works good) or house numbers (which usually loads like 10 new images when you clicked all correct numbers).
> Twitter is introducing a long requested featur
No. This wasn't requested by most of the users.
An edit function, which is still missing, is requested since years.
try about:mozilla
Who needs to watch porn obviously does not have a fucking-privilege.
The original article quotes a facebook article, which speaks about reducing requests by using cache with long expire headers.
Their approach: expire header for one year, filename with a content hash.
This means, facebook spams your browser cache with data, which will never be accessed again after they changed it, just to reduce the number of "if-modified" requests.
Hamsters may be the better choice, when you're having a rat allergy, because they have other ancestors :-).
Btw. there is cannibalism (mostly of corpses) in rats as well.
Hamsters are no group animals. If you have them in a group, they either fuck or bite each other or fuck and then the female bites the male until it leaves. Dead animals are eaten, as hamsters do eat meat, if they get some and they care to get rid of dead corpses to avoid attracting enemies.
This hasn't anything to do with a corn diet, which is common for golden hamsters as pets.
When you're drunk, you're too drunk to judge a random driver. So better call a taxi.
> almost all malware employs the use of "antis" which is a technique used to detect if the machine is physical or virtual
[citatation needed]
some does, but i guess most doesn't. Many, because they don't care or because it can be non-trivial. And then the question is, which vms they can detect? vmware? Okay, i was using kvm, so the vmware and vbox detection is useless ...
I would not trust on malware distrusting my vm for staying malware free.