Google doesn't (as far as I know) sell user information to advertisers. They exclusively use their own analytics; all an advertiser can do is submit their target demographics and keywords, and let Google do the math.
s/Google/Facebook/ and that's true. Anybody with a Facebook account can create an advertising account and see what any advertiser sees for targeting options. Try it out, it's eye-opening. You can only provide ads to Facebook users through Facebook. Here's one step further from the company's 10-K filing with the SEC:
We generate a substantial majority of our revenue from advertising. The loss of marketers, or reduction in spending by marketers with Facebook, could seriously harm our business. The substantial majority of our revenue is currently generated from third parties advertising on Facebook. For 2013, 2012, and 2011, advertising accounted for 89% , 84% and 85%, respectively, of our revenue.
We generate the substantial majority of our revenue from selling advertising placements to marketers.
In 2013, developers received more than $2.1 billion from transactions enabled by our Payments infrastructure. While mobile applications can also integrate with Facebook, mobile applications do not process transactions using our Payments infrastructure.
(*.3 = 630 million).
If I compare that to Facebook's income statement, that leaves 235 million (3% of revenue) in loose change revenue. So basically, Facebook isn't running around making money except by selling ad placement. Fair disclaimers: I work for Facebook as a backend engineer for nearly a year now. I pulled all these numbers from the publicly available 10-K report.
I think that Facebook has matured into better respecting privacy from its early days through the years before I started there and I'm very happy with seeing how things are treated internally. I'm further certain that the idea of Facebook selling personally identifiable information about its users would massively undermine the point of having an advertising delivery platform. The attitude of everybody I'm around is about trying to make something that enriches the world.
Because I'd put something behind the modem and rate-limit, filter, or otherwise alter the traffic. The quality of the service still isn't guaranteed without some agreement.
Well, let's explain it right: the compare function uses a variable type cast that paired with certain compiler flags will improperly reduce a larger number storage to an 8 bit interger. memcmp returns 0 when there's a match, any other value otherwise. When some larger number is interpreted as a character and that number is mod(256), then you get a zero when you truncate the leading numbers.
Since the hashing function in MySQL has some variable used every time, you get a different number every time that returns a mismatch. 1 in 256 of those mismatches gets reduced to a number that is represented by a zero... which is appropriate to the cast function, but causes issues when used with memcmp.
3. There has been, up until 2008, and attitude in the U.S. that any college degree is good enough. My state only graduated 40,000 people from community colleges/trade schools this year. Everyone with higher aspirations just went to a 4 year school. To do less is to view oneself as a failure(and employers do too).
There has been too much emphasis on college degrees, I think. This idea that everybody should start with getting a degree out of school seems to lead to many folks with a load of debt who may not be in the field that suits them at the end of the degree. Further, a degree in CS seems to have little correlation with the ability to effectively program. I'm sure there exist some programs that might relate to other fields of IT, but I don't personally know of any that properly convey the skills required for other IT disciplines.
Latency depends on your destination. It is limited by the speed of light, and governed by how lousy the link itself is. It's how you sometimes get stories like the 500 mile emailFor some reference points:
Often times your first hop on DSL will be slower... my own network right now shows 40ms to my ISP's gateway. 300ms is my ping time from Maine in the US to Australia.
Another helpful source of references are looking glass servers that will let you drop right into another provider's system and see ping times from their perspective.
Re:Linux security or trust
on
GitHub Hacked
·
· Score: 4, Informative
This was brought up when kernel.org was compromised last year. The decentralized nature of git makes that really hard to sneak by, especially if you use the kind of process controls that the Linux kernel uses. Legitimate commits go through maintainers, and maintainers will definitely flip if they see code pulls into their repository that they didn't commit. Some deeper discussion about how you can't just sneak things into the past history is here: http://security.stackexchange.com/a/6771/836
Hell, I joined the Ops team at Shmoocon this year without any credentials or signup. I tell you that isn't part of their plan. http://storyinmemo.com/?p=48
I spent a day at my first DEFCON missing my badge and managed to keep going all over the conference. Every year at DEFCON I make it a point to get into a guest-listed party that I didn't have access to. Why would RSA be different? I guarantee the DEFCON goons care more and the RSA ticket funds aren't going to making the conference more secure.
Their cost / benefit for tightening things down would be basically nothing.
This has a very military / boot camp feel to it, and it is obviously have some sort of affect.
Students aren't required to go to the school, and the fines are relatively small. $5 seems enough to be discouraging to the students without breaking anybody's back.
More than anything, somebody is experimenting with a system, and education needs that. I don't know if it's right, but it's not a compulsory place to be and it's not wrong. Good on them.
Using it to knowingly misrepresent for fraud, even to a vending machine or kiosk, definitely isn't legal. I doubt advertising a tool as such is acceptable either.
* Cell phones in the US have a small pool of providers, especially the nation-wide crowd.
* They primarily operate with 2 year contracts, and it's hard to get a phone without one.
* There's a financial disincentive for buying a phone without a contract.
* Text message rates (for which there is very little data usage, being measured in bytes) have been increasing.
* Data plans have been increasing in price and providing tighter bandwidth restrictions at the same time.
I loathe AT&T, and I'm stuck with them. Competitive? I'd get out in a heartbeat if I felt I had somewhere to go. T-Mobile has been the closest saving grace to AT&T, so I really don't want to see that absorbed.
Thanks to the Fed did -- they did one right there.
Private PGP key printed out as a QR code and placed in a safety deposit box. Why? Because it's a durable medium and the electronics can't go bad. You can put it on a USB key too for convenience.
Publish your list encrypted with the public keypair of that somewhere your relatives know and can get to.
Bank will keep them from snooping by only letting them access your box with a death cert.
With what libraries and languages what you worked in C? Won't those change? If you're a games person, are you up on DX9? DX10? 11? Database backends? SQL? NOSQL? Have your version control skills expanded to match existing systems? Still using CVS? SVN? Git? "The Cloud"... have any of your applications been designed with that kind of focus in mind of starting and stopping at any point and being part of a model with dynamically changing resource allocations?
Evolving skills are a demonstration of the ability to continue tackling new problems. I personally don't care less what knowledge you're exhibiting as long as I see things that are on the leading edge still showing up on your resume.
I suppose I mis-stated myself. They have nothing special in the trade-secret sense; ostensibly nothing that can't be derived from looking at their website.
What the hell could EBay have possibly stolen from Craigslist? The site only charges for job postings in a few cities, and that's an easy and publicly declared business model. The webpages are statically generated on a periodic basis, and that's as dumb-down simple as it gets. Unless Ebay walked off with Craiglist's super-secret-neverf-get-spam-through implementation (which I don't think they have), I don't get it.
Craigslist is nothing special, just simplicity done right.
Besides the articles that were linked to, I'd also check out somebody's question of "Trustworthiness of kernel.org post attack" at http://security.stackexchange.com/q/6768/836 (the site is a cousin to stackoverflow.com).
Hell, I miss the days when the pilots would sometimes just leave the door open, and I'm a pretty young guy. It weirds me out whenever I get on a bus service that has the driver behind a plexiglass cage. I won't say the cockpit door isn't a reasonable security measure, but the bus thing is asinine.
I don't think box cutters were ever a credible threat. The thing we had all learned is that unless John McClane is involved, you'll be a few days late getting home and see another country should your plane get hijacked. Hijackers weren't resisted because nobody feared they were going to die -- why risk injury? Aware that the goal of the hijacking is death, there will always be enough motivated passengers on a plane to fight back with anything they have. You can hit pretty hard with a metal Macbook.
Before the September 2001 attack, you could have hijacked an airplane with a herring. While some hijackings still happen in modern day (http://en.wikipedia.org/wiki/List_of_aircraft_hijackings), it's more common for passengers to overpower hijacking attempts.
A Twin Otter is sent to medevac a fisherman from a Russian trawler to McMurdo. The victim of hammer blows by another crewmate, the incident perpetuates the hammer as the traditional weapon of choice for discerning Antarcticans who go apeshit.
Slashdot Mirror
Google doesn't (as far as I know) sell user information to advertisers. They exclusively use their own analytics; all an advertiser can do is submit their target demographics and keywords, and let Google do the math.
s/Google/Facebook/ and that's true. Anybody with a Facebook account can create an advertising account and see what any advertiser sees for targeting options. Try it out, it's eye-opening. You can only provide ads to Facebook users through Facebook. Here's one step further from the company's 10-K filing with the SEC:
We generate a substantial majority of our revenue from advertising. The loss of marketers, or reduction in spending by marketers with Facebook, could seriously harm our business. The substantial majority of our revenue is currently generated from third parties advertising on Facebook. For 2013, 2012, and 2011, advertising accounted for 89% , 84% and 85%, respectively, of our revenue.
We generate the substantial majority of our revenue from selling advertising placements to marketers.
In 2013, developers received more than $2.1 billion from transactions enabled by our Payments infrastructure. While mobile applications can also integrate with Facebook, mobile applications do not process transactions using our Payments infrastructure.
(*.3 = 630 million).
If I compare that to Facebook's income statement, that leaves 235 million (3% of revenue) in loose change revenue. So basically, Facebook isn't running around making money except by selling ad placement. Fair disclaimers: I work for Facebook as a backend engineer for nearly a year now. I pulled all these numbers from the publicly available 10-K report.
I think that Facebook has matured into better respecting privacy from its early days through the years before I started there and I'm very happy with seeing how things are treated internally. I'm further certain that the idea of Facebook selling personally identifiable information about its users would massively undermine the point of having an advertising delivery platform. The attitude of everybody I'm around is about trying to make something that enriches the world.
Your assumption is that you'll give me hardware and I won't alter it or use a software radio to MITM my own equipment. Neither of those is a safe bet.
Because I'd put something behind the modem and rate-limit, filter, or otherwise alter the traffic. The quality of the service still isn't guaranteed without some agreement.
Well, let's explain it right: the compare function uses a variable type cast that paired with certain compiler flags will improperly reduce a larger number storage to an 8 bit interger. memcmp returns 0 when there's a match, any other value otherwise. When some larger number is interpreted as a character and that number is mod(256), then you get a zero when you truncate the leading numbers.
Since the hashing function in MySQL has some variable used every time, you get a different number every time that returns a mismatch. 1 in 256 of those mismatches gets reduced to a number that is represented by a zero... which is appropriate to the cast function, but causes issues when used with memcmp.
There has been too much emphasis on college degrees, I think. This idea that everybody should start with getting a degree out of school seems to lead to many folks with a load of debt who may not be in the field that suits them at the end of the degree. Further, a degree in CS seems to have little correlation with the ability to effectively program. I'm sure there exist some programs that might relate to other fields of IT, but I don't personally know of any that properly convey the skills required for other IT disciplines.
Latency depends on your destination. It is limited by the speed of light, and governed by how lousy the link itself is. It's how you sometimes get stories like the 500 mile emailFor some reference points:
A map of expected United States latency from some place in Texas.
Often times your first hop on DSL will be slower... my own network right now shows 40ms to my ISP's gateway. 300ms is my ping time from Maine in the US to Australia.
Another helpful source of references are looking glass servers that will let you drop right into another provider's system and see ping times from their perspective.
This was brought up when kernel.org was compromised last year. The decentralized nature of git makes that really hard to sneak by, especially if you use the kind of process controls that the Linux kernel uses. Legitimate commits go through maintainers, and maintainers will definitely flip if they see code pulls into their repository that they didn't commit. Some deeper discussion about how you can't just sneak things into the past history is here: http://security.stackexchange.com/a/6771/836
Hell, I joined the Ops team at Shmoocon this year without any credentials or signup. I tell you that isn't part of their plan. http://storyinmemo.com/?p=48
I spent a day at my first DEFCON missing my badge and managed to keep going all over the conference. Every year at DEFCON I make it a point to get into a guest-listed party that I didn't have access to. Why would RSA be different? I guarantee the DEFCON goons care more and the RSA ticket funds aren't going to making the conference more secure.
Their cost / benefit for tightening things down would be basically nothing.
As this school is not part of the public school system, there are other public schools as an alternative for the student to attend.
Compulsion to attend a school is different from compulsion to attend this school.
This has a very military / boot camp feel to it, and it is obviously have some sort of affect.
Students aren't required to go to the school, and the fines are relatively small. $5 seems enough to be discouraging to the students without breaking anybody's back.
More than anything, somebody is experimenting with a system, and education needs that. I don't know if it's right, but it's not a compulsory place to be and it's not wrong. Good on them.
Using it to knowingly misrepresent for fraud, even to a vending machine or kiosk, definitely isn't legal. I doubt advertising a tool as such is acceptable either.
Europe.
Bite me, AT&T. Auto repair is competitive.
* Cell phones in the US have a small pool of providers, especially the nation-wide crowd.
* They primarily operate with 2 year contracts, and it's hard to get a phone without one.
* There's a financial disincentive for buying a phone without a contract.
* Text message rates (for which there is very little data usage, being measured in bytes) have been increasing.
* Data plans have been increasing in price and providing tighter bandwidth restrictions at the same time.
I loathe AT&T, and I'm stuck with them. Competitive? I'd get out in a heartbeat if I felt I had somewhere to go. T-Mobile has been the closest saving grace to AT&T, so I really don't want to see that absorbed.
Thanks to the Fed did -- they did one right there.
... "there" isn't a mixup on their part. Honestly, it'd be great if the Slashdot API reacted in the same year that I clicked on preview.
Does this story come with any indication that their isn't a mixup on Netflix's part?
With what libraries and languages what you worked in C? Won't those change? If you're a games person, are you up on DX9? DX10? 11? Database backends? SQL? NOSQL? Have your version control skills expanded to match existing systems? Still using CVS? SVN? Git? "The Cloud" ... have any of your applications been designed with that kind of focus in mind of starting and stopping at any point and being part of a model with dynamically changing resource allocations?
Evolving skills are a demonstration of the ability to continue tackling new problems. I personally don't care less what knowledge you're exhibiting as long as I see things that are on the leading edge still showing up on your resume.
I suppose I mis-stated myself. They have nothing special in the trade-secret sense; ostensibly nothing that can't be derived from looking at their website.
What the hell could EBay have possibly stolen from Craigslist? The site only charges for job postings in a few cities, and that's an easy and publicly declared business model. The webpages are statically generated on a periodic basis, and that's as dumb-down simple as it gets. Unless Ebay walked off with Craiglist's super-secret-neverf-get-spam-through implementation (which I don't think they have), I don't get it.
Craigslist is nothing special, just simplicity done right.
There has been a lot of push at the recent DEFCON conferences, and associated conversation since, to look at alternatives to the current CA system. Moxie Marlinspike has been pushing a remote-view notary system called which is currently a Firefox plug, and Dan Kaminsky has been pushing for DNSSEC.
There has been an awful lot of discussion about the technical details of SSL certificates on the Security StackExchange (Stack Overflow cousin) website, including the related blog post I penned: A Risk-Based Look at Fixing the Certificate Authority Problem.
Besides the articles that were linked to, I'd also check out somebody's question of "Trustworthiness of kernel.org post attack" at http://security.stackexchange.com/q/6768/836 (the site is a cousin to stackoverflow.com).
Hell, I miss the days when the pilots would sometimes just leave the door open, and I'm a pretty young guy. It weirds me out whenever I get on a bus service that has the driver behind a plexiglass cage. I won't say the cockpit door isn't a reasonable security measure, but the bus thing is asinine.
I don't think box cutters were ever a credible threat. The thing we had all learned is that unless John McClane is involved, you'll be a few days late getting home and see another country should your plane get hijacked. Hijackers weren't resisted because nobody feared they were going to die -- why risk injury? Aware that the goal of the hijacking is death, there will always be enough motivated passengers on a plane to fight back with anything they have. You can hit pretty hard with a metal Macbook.
Before the September 2001 attack, you could have hijacked an airplane with a herring. While some hijackings still happen in modern day (http://en.wikipedia.org/wiki/List_of_aircraft_hijackings), it's more common for passengers to overpower hijacking attempts.
The question mentioned the US specifically, so it was a US-specific answer.
Federal law prohibits websites from collecting personal information from anyone under the age of 13.
A Twin Otter is sent to medevac a fisherman from a Russian trawler to McMurdo. The victim of hammer blows by another crewmate, the incident perpetuates the hammer as the traditional weapon of choice for discerning Antarcticans who go apeshit.
http://www.bigdeadplace.com/state_of_the_station.html