Oh come on! This is Internet101 stuff that anyone can do. I run a private VPN at home using a little Raspberry Pi server (used to be a Mac mini, but trying to go all open source) before my browser traffic even goes out the cable modem. That way even my ISP doesn't know where the traffic is coming from.
I love how when someone says "I'm a socialist" the right-winger brings up Venezuela. But when someone says "let's have single-payer healthcare like all of Europe", suddenly the right-winger says, "that's socialism".
Well... The DEA was interfering with medical MJ dispensaries, but had the courts shut them down. And law enforcement is pretty keen to keep the MJ laws enforced (even in places where the laws have gotten much looser). If local law enforcement in CA or CO had a notion that a grower or dispensary was shipping directly across state lines, then there would be busts (probably involving the feds). In CO a big dispensary lost their license for selling over the limit to people. MJ law enforcement has typically been carried out by state and local law enforcement, except in cases where DEA or FBI were called in because the investigation crossed state lines or had federal implications. So I'd say the Feds are doing the "right" thing in the case of MJ -- they enforce what they can and what makes sense given their resources.
And when it comes to enforcing laws around immigration, states can't make laws regarding that topic and different localities seem to have different priorities when it comes to directing their own law enforcement agents to enforce federal laws. So why should my state or local police care about enforcing a federal only law? I don't pay them to enforce those laws, after all... I pay the federal government to do that. Which they do... not sure I understand their approach all the time.
In both cases, this whole "lobby to change the law" meme is just stupid. It would rely on the USA having free and fair elections. Which we don't.
The browser fingerprint my Firefox 58 on Windows 10 gives is certainly different than what Silk on my Fire tablet gives. Which makes it totally useless for figuring out that I'm the same person using both browsers. On the other hand, the fact that I access the same Amazon shopping cart from both browsers... dead giveaway.
Cookies are still going to be critical to any user tracking, I'd think. It's just that advertisers won't be relying on their OWN cookies to do the work. Because if they set a cookie on each browser and platform you use, they then have to figure out how to correlate all *your* cookies after the fact. And if you're logging into your same GMail account at work, at home, on your phone, on a tablet, etc, it's better for them to figure out a way to latch onto that. But Google is still going to be using a cookie as part of authenticating you... at least until whatever client/server framework they're using replaces cookies with something else that does the same thing. But the nice thing about cookies from a web framework perspective is that their already part of the standard request/response cycle.
Um, did you even watch "revenge of the nerds"? They went on a panty raid and set up a video remote system so they could spy on sorority sisters in their bedrooms. Then there's the part where the nerd had sex with the pretty girl and she asked if all nerds were as good (at sex) and he says something about how jocks spend so much time thinking about sports and all nerds think about is sex.
I think you're missing my larger point. It's bass-ackwards to be installing a piece of closed-source software with the ability to watch all my browsing in order to protect my privacy.
Gee, just what I wanted to prevent people from tracking me is to have yet another add-on that has access to every web page I visit! Gotta love Ghostery's one-click setup, "Share my analytics and Human Web data to improve Ghostery’s performance." This doesn't make me want to tighten my tinfoil hat at all!
Standalone video chat device == $20 web cam for the PC, or the built-in one on any newish laptop. Or the built in cams on pretty much any tablet these days. An Amazon Fire 8" comes in a two pack for $100 and does Skype just fine. In fact, the larger Fire 10" has a hands-free Alexa option that sort of makes the Echo line seem redundant, and that runs at $150. I wouldn't touch a Facebook device to do this stuff with a 10 foot pole-- especially at the $500 price point the article cites. I mean, if it came free in a Happy Meal, then maybe.
Actually, if Google wants to help, instead of creating a walled garden and special formats, perhaps they could track load times for pages and page load overhead and just weight results based on that data point. That would differentiate Google's results from their competitors without confusing the issue, while also rewarding web sites that take the time to worry about performance.
Abso-fucking-lutely would rather have websites just use Google Analytics over 17 rando shit trackers. With Google I have the ability to go look at how I'm being tracked and there's only one site to block if I want to try to opt out of being tracked. With 17 crap sites plugging garbage in, I'm going to have slow renders, weird errors, and no way in hell of ever figuring out who has a piece of my information pie.
You sound like some sort of communist. Or worse, a European. Probably Surrender Monkey. But your English is pretty good and nobody outside America speaks English that well. Shit. I don't know.
Seriously, though, the real problem in America isn't the level of the political debates. It's how the votes are counted and the offices awarded. Gerrymandering and the electoral college do a lot of damage to the Republic. The whole system is set up to help the states be equal in their say in the Federal government, but the states are nowhere near equal in terms of their populations. Instead of protecting the minority populations of the small states from the tyranny of the majority, we've given small states the ability to have an outsized say in matters of national importance, which leads to the more old-fashioned tyranny, that of small privileged groups of people over the larger majority. We either need to see people like Trump as obvious evidence of the harm of having more than a bare minimum of national government or we need to get rid of a legacy political system that was originally designed to keep just two competing teams trading off the top spots at the federal level.
Each time the pendulum swings, it swings further because the federal government is more and more centralized in its functions, larger, more embedded in local matters across the nation. Witness the current AG's push to bring back the Drug War on marijuana just as the populous state legalized the stuff for recreational use! Talk about big government taking away states' rights. But he wouldn't even be the AG if it weren't for the gerrymandering enshrined in the electoral college.
We don't have a large sample size, but the USA managed to go for over 100 years where the popular vote and the electoral college always matched in terms of who won the presidency. But now we've had two of them in 16 years. And this last one the margin was almost 3 million votes! That's crazy, right there. When a candidate loses by 2.2% of the votes, there is no way the Electoral College should be going against such a clear popular result. I mean, I sure wish my local city politics worked that way, where we could just draw a line around some lightly populated area and call it a representation district even though it's got a fraction of the population the rest of the city and give it an equal say relative to other neighborhoods with higher population densities. No one would stand for this at the city or state level, so why do we allow it at the federal level?
Because the market for Linux laptops is an order of magnitude less than the market for Windows laptops. Therefore I lose all kinds of economies of scale when it comes to the Linux laptops and I need to spread more overhead costs over fewer sales.
3.5 million Americans are employed as professional truck drivers and will be out of work when self-driving freight trucks hit the roads.
Truck drivers overwhelmingly vote Republican (http://verdantlabs.com/politics_of_professions/). The party that brought us the phrase "welfare queen" and that is currently working hand over fist to dismantle business regulation and social safety nets and kill the last of the unions off. If the free market puts them all out of work because technologists built a better mousetrap... that sounds like karma to me.
Most SQL libraries are serializing the text of the commands to send that to the server. Drop table is a perfectly valid part of a multiple command piece of SQL (especially if you might have a temp table as part of a sequence). The real security solution for SQL injection is two steps. First, sanitize user input before including it in SQL sent to the database. Second, set up correct permissions for what can be done via a connection that allows user-generated input to be included. The primary source of SQL injection vulnerabilities is the use of plain old string concatenation to form SQL commands and not sanitizing inputs, which allows the user to include malicious strings. Most SQL libraries have more sophisticated techniques for building commands that are much safer in the first place and don't require the programmer to be intimately familiar with how to safely sanitize inputs.
Kind of like the definition of insanity of doing the same thing and expecting a different outcome.
That is not the definition of insanity. Normally this "definition" is just inane, but in a discussion specifically centered around a cognitive disorder it seems almost irresponsible.
I think you mean the US government is a huge, sprawling bureaucracy. Because if it were a "democracy" it wouldn't be possible for the person with fewer votes to win the election. But in 2016, "the loser won" (to quote the loser who won).
As a flamboyant prima donna I take offense to this. I've worked with plenty of "senior" developers who couldn't code a light switch correctly, let alone make useful comments on my work.
All code should go through an automated scanner, though. On both the source side and the web client side.
Then, once it doesn't have any obvious flaws, it goes to QA, which-- unlike development-- should be staffed with hardcore types with lots of experience and no fear of pissing off developers, PMs, or management. I've seen a lot where QA is left to relatively junior, non-technical people who end up mostly smoke testing, rather than being capable of really hammering an application the ways users and attackers will.
Slashdot Mirror
Good luck avoiding those "relatively few instances" in a Perl script.
Oh come on! This is Internet101 stuff that anyone can do. I run a private VPN at home using a little Raspberry Pi server (used to be a Mac mini, but trying to go all open source) before my browser traffic even goes out the cable modem. That way even my ISP doesn't know where the traffic is coming from.
I love how when someone says "I'm a socialist" the right-winger brings up Venezuela. But when someone says "let's have single-payer healthcare like all of Europe", suddenly the right-winger says, "that's socialism".
How would keeping my salary a secret from my coworkers aid me in tax evasion? The company reports what they paid me to the government.
Well... The DEA was interfering with medical MJ dispensaries, but had the courts shut them down. And law enforcement is pretty keen to keep the MJ laws enforced (even in places where the laws have gotten much looser). If local law enforcement in CA or CO had a notion that a grower or dispensary was shipping directly across state lines, then there would be busts (probably involving the feds). In CO a big dispensary lost their license for selling over the limit to people. MJ law enforcement has typically been carried out by state and local law enforcement, except in cases where DEA or FBI were called in because the investigation crossed state lines or had federal implications. So I'd say the Feds are doing the "right" thing in the case of MJ -- they enforce what they can and what makes sense given their resources.
And when it comes to enforcing laws around immigration, states can't make laws regarding that topic and different localities seem to have different priorities when it comes to directing their own law enforcement agents to enforce federal laws. So why should my state or local police care about enforcing a federal only law? I don't pay them to enforce those laws, after all... I pay the federal government to do that. Which they do... not sure I understand their approach all the time.
In both cases, this whole "lobby to change the law" meme is just stupid. It would rely on the USA having free and fair elections. Which we don't.
I'm not so much having a problem with military functions IF, it is legislated that these can NOT be used over US airspace on the general public.
Because if there's one thing you can absolutely trust, it's that the federal government and the military always follow the law.
The browser fingerprint my Firefox 58 on Windows 10 gives is certainly different than what Silk on my Fire tablet gives. Which makes it totally useless for figuring out that I'm the same person using both browsers. On the other hand, the fact that I access the same Amazon shopping cart from both browsers... dead giveaway.
Cookies are still going to be critical to any user tracking, I'd think. It's just that advertisers won't be relying on their OWN cookies to do the work. Because if they set a cookie on each browser and platform you use, they then have to figure out how to correlate all *your* cookies after the fact. And if you're logging into your same GMail account at work, at home, on your phone, on a tablet, etc, it's better for them to figure out a way to latch onto that. But Google is still going to be using a cookie as part of authenticating you... at least until whatever client/server framework they're using replaces cookies with something else that does the same thing. But the nice thing about cookies from a web framework perspective is that their already part of the standard request/response cycle.
Um, did you even watch "revenge of the nerds"? They went on a panty raid and set up a video remote system so they could spy on sorority sisters in their bedrooms. Then there's the part where the nerd had sex with the pretty girl and she asked if all nerds were as good (at sex) and he says something about how jocks spend so much time thinking about sports and all nerds think about is sex.
The original floppy floppies were 8". Just sayin'. :)
I think you're missing my larger point. It's bass-ackwards to be installing a piece of closed-source software with the ability to watch all my browsing in order to protect my privacy.
Gee, just what I wanted to prevent people from tracking me is to have yet another add-on that has access to every web page I visit! Gotta love Ghostery's one-click setup, "Share my analytics and Human Web data to improve Ghostery’s performance." This doesn't make me want to tighten my tinfoil hat at all!
Standalone video chat device == $20 web cam for the PC, or the built-in one on any newish laptop. Or the built in cams on pretty much any tablet these days. An Amazon Fire 8" comes in a two pack for $100 and does Skype just fine. In fact, the larger Fire 10" has a hands-free Alexa option that sort of makes the Echo line seem redundant, and that runs at $150. I wouldn't touch a Facebook device to do this stuff with a 10 foot pole-- especially at the $500 price point the article cites. I mean, if it came free in a Happy Meal, then maybe.
Actually, if Google wants to help, instead of creating a walled garden and special formats, perhaps they could track load times for pages and page load overhead and just weight results based on that data point. That would differentiate Google's results from their competitors without confusing the issue, while also rewarding web sites that take the time to worry about performance.
Abso-fucking-lutely would rather have websites just use Google Analytics over 17 rando shit trackers. With Google I have the ability to go look at how I'm being tracked and there's only one site to block if I want to try to opt out of being tracked. With 17 crap sites plugging garbage in, I'm going to have slow renders, weird errors, and no way in hell of ever figuring out who has a piece of my information pie.
You sound like some sort of communist. Or worse, a European. Probably Surrender Monkey. But your English is pretty good and nobody outside America speaks English that well. Shit. I don't know.
Seriously, though, the real problem in America isn't the level of the political debates. It's how the votes are counted and the offices awarded. Gerrymandering and the electoral college do a lot of damage to the Republic. The whole system is set up to help the states be equal in their say in the Federal government, but the states are nowhere near equal in terms of their populations. Instead of protecting the minority populations of the small states from the tyranny of the majority, we've given small states the ability to have an outsized say in matters of national importance, which leads to the more old-fashioned tyranny, that of small privileged groups of people over the larger majority. We either need to see people like Trump as obvious evidence of the harm of having more than a bare minimum of national government or we need to get rid of a legacy political system that was originally designed to keep just two competing teams trading off the top spots at the federal level.
Each time the pendulum swings, it swings further because the federal government is more and more centralized in its functions, larger, more embedded in local matters across the nation. Witness the current AG's push to bring back the Drug War on marijuana just as the populous state legalized the stuff for recreational use! Talk about big government taking away states' rights. But he wouldn't even be the AG if it weren't for the gerrymandering enshrined in the electoral college.
We don't have a large sample size, but the USA managed to go for over 100 years where the popular vote and the electoral college always matched in terms of who won the presidency. But now we've had two of them in 16 years. And this last one the margin was almost 3 million votes! That's crazy, right there. When a candidate loses by 2.2% of the votes, there is no way the Electoral College should be going against such a clear popular result. I mean, I sure wish my local city politics worked that way, where we could just draw a line around some lightly populated area and call it a representation district even though it's got a fraction of the population the rest of the city and give it an equal say relative to other neighborhoods with higher population densities. No one would stand for this at the city or state level, so why do we allow it at the federal level?
Because the market for Linux laptops is an order of magnitude less than the market for Windows laptops. Therefore I lose all kinds of economies of scale when it comes to the Linux laptops and I need to spread more overhead costs over fewer sales.
3.5 million Americans are employed as professional truck drivers and will be out of work when self-driving freight trucks hit the roads.
Truck drivers overwhelmingly vote Republican (http://verdantlabs.com/politics_of_professions/). The party that brought us the phrase "welfare queen" and that is currently working hand over fist to dismantle business regulation and social safety nets and kill the last of the unions off. If the free market puts them all out of work because technologists built a better mousetrap... that sounds like karma to me.
Not enough. Full on seppuku is the only way past this type of shame.
Most SQL libraries are serializing the text of the commands to send that to the server. Drop table is a perfectly valid part of a multiple command piece of SQL (especially if you might have a temp table as part of a sequence). The real security solution for SQL injection is two steps. First, sanitize user input before including it in SQL sent to the database. Second, set up correct permissions for what can be done via a connection that allows user-generated input to be included. The primary source of SQL injection vulnerabilities is the use of plain old string concatenation to form SQL commands and not sanitizing inputs, which allows the user to include malicious strings. Most SQL libraries have more sophisticated techniques for building commands that are much safer in the first place and don't require the programmer to be intimately familiar with how to safely sanitize inputs.
Kind of like the definition of insanity of doing the same thing and expecting a different outcome.
That is not the definition of insanity. Normally this "definition" is just inane, but in a discussion specifically centered around a cognitive disorder it seems almost irresponsible.
I think you mean the US government is a huge, sprawling bureaucracy. Because if it were a "democracy" it wouldn't be possible for the person with fewer votes to win the election. But in 2016, "the loser won" (to quote the loser who won).
Thank you.
As a flamboyant prima donna I take offense to this. I've worked with plenty of "senior" developers who couldn't code a light switch correctly, let alone make useful comments on my work.
All code should go through an automated scanner, though. On both the source side and the web client side.
Then, once it doesn't have any obvious flaws, it goes to QA, which-- unlike development-- should be staffed with hardcore types with lots of experience and no fear of pissing off developers, PMs, or management. I've seen a lot where QA is left to relatively junior, non-technical people who end up mostly smoke testing, rather than being capable of really hammering an application the ways users and attackers will.
Soon to be replaced with /r/watchsubredditsdie