Difficult to identify, catch, jurisdiction problems in foreign countries...
The manufacturers who sell insecure shit woth hard coded / staic default passwords on the hand should be fined steeply
Selling it the black market is only half the part, not getting caught is the important part. More damage a exploit can cause Groupon ( i.e. higher the value on the market) more the chances law enforcement will be knocking on your door.
Companies like Groupon face a higher risk from dissatisfied(or the dumb ones exposed to phishing/social engineering ) employees leaking information than from external exploits, so they are screwed anyway if white hats/employees start acting in bad faith. They are counting on good faith of majority of the players and possibility of punishment via law enforcement to save them.
It might be 5 minute effort for a single application, for someone who is spending is whole time testing dozens of applications everyday, tweaking,refining the scripts etc. It might be a full time job for an in house expert and he will cost lot more than a bounty program.
No he is saying experts will still participate in programs because it is not too much effort and possibility of a payday will keep them in the program, despite poor track record of these companies.
Obviously you would loose the best experts who will spend the time and have the expertise to find the most obscure vulnerabilities. If those researchers where not interested at all in the program ( too small bounty for the effort, groupon track record etc) then Groupon losses nothing by having stingy payment policies.
If I commit a crime and the evidence is in a Hilton hotel room in the UK nobody expects Hilton
Everybody however expects U.S. police to go the U.K. police and courts who will check if it was a crime in the U.K. in the first place then ask the U.K. Hilton to hand over the data, aka due process .
If tracking cash transactions were as easy as you make them out to be, every illegal laundering from drugs to arms would have been long shut down.
a unique serial number is not personally identifiable by itself. Cash is far more anonymous than bitcoin, yes people can theoretically track it, with bitcoin EVERY transaction is by definition recorded. With cash some transactions maybe recorded, retailers do not necessarily record the serial number of every bill of each transaction, while that is certainly possible it is still not common place. Even if all were tracked in the U.S. there are still plenty of holes in your graph, making it difficult to every get anywhere near full picture, primarily due to the nature of U.S. currency. Plenty of people in the world use $ as their medium of exchange, these people who feds have very little control over and can do little to track either.
This is BS, Crypto-currency has very little to do transaction privacy or central control.
if you are worried about privacy of transaction then use cash!.. does a $100 bill hold any "personally identifiable information" barring some trace DNA or fingerprints? central entity controlling has nothing to do with privacy of transactions. cash is controlled by a central entity, yet it is near anonymous. Not being governed by a central entity is a stupid reason for alternative currency.
If you want use anything that has no value on its own as money be it paper (cash), plastic, or Hashes as a store of value, then you will have to trust someone to enforce it. Otherwise you are going to have volatility, and people losing money in scams just look at the ones happening in bitcoin.
Netflix Ultra HD requires 25 Mbps per stream. Also that 105 Mbps is basically the connection between his house and the ISP. The actual speeds you will get depends on where the data is, and the peering agreements, Netflix's of-quoted data on comcast before and after their deal is itself good example
you don't know how much you are influenced doesn't mean you are not influenced, From your own example : Napoleon pretty much enforced the Metric system, the influence might be slightly less if you are from U.S. it is still enormous.
1. They develop and maintain the marketplace
2. They process your transaction, run the payment gateway that interacts with dozens of banks in 100+ countries. they process transactions to the developers as well
3. Pay their transaction fees to banks and VISA/MC
4. Develop and maintain the SDK, and IDE etc that help the developers build the app in the first place
5. Keep your personal credit card info safe ( Then again, Perhaps not:( )
6. You may use your data plan but apple still has to host the files on their servers, considering the amount of free apps downloaded, the deployment costs are certainly non trivial
7. Most importantly ensure significant user base is there for the developer to sell to, through marketing strategies like cross subsidy( sell you cheap phone, and recoup in app purchases)
All this of course does not mean they have to charge 30% margin, but certainly the cost is not trivial.
Very rarely the number of people directly employed makes the difference, If Microsoft is spending $1 Billion in the state, it will probably source significant % of components locally( usually part of any tax break agreement), that will generate lot of business for the local economy, the vendors will in turn will be ordering components, magnifying the effect on the economy, the state tax on all these other transactions will perhaps offset the breaks given to Microsoft.
On the other hand, paying 84 people for 6 years will do very little for the economy by itself
Different people are motivated by different things: security,money, or street cred,or just for fun, the reporter is under no ethical,legal or moral obligation to disclose to anyone in any manner; he is not the manufacturer it is not his fault the bug is there or his responsibility he did not built software/service using the buggy software that people paid for.
Preferential disclosure done which ever way is bad. Chances of black-hats getting hold of it becomes higher, if *some* special people know of it before others; what guarantee is there some dissatisfied employee won't leak it. what makes google, or Red Hat more special than Average Joe running his applications on top of OpenSSL with potentially compromised keys ?
Responsible disclosure has to be fully public; it ensures the manufactures fix it faster; there are vendors who fix zero-days only if they get exposed public exposure. just look at the way oracle fixes java zero days.
Them not being aware is not that this product looked like fluke's, it is do with the fact it is trademarked.. if you check there are dozens of products of similar design, they merely made the common sense assumption that since similar products where already there, there was no trademark protection.
Of course you can argue that they should check and double check before etc and they are at fault.. They are not denying that they are at fault merely saying is too costly for a smaill business to to check fully without an "Army of consultants or attorneys"
Another C2 user here.. sometimes i go on 5 day work trips without taking the charger with me....
All smartphones cheap or not, are like gas guzzling SUVs when it comes to battery life, most die at the end of the day, For me and am sure many other users the phone guaranteed to have juice at the end of the day is far more important than all other bells and whistles
Well it is true, hindu's do drink cow piss as you call it, they believe it has religious importance,and it is not just piss, eat dung too
https://en.wikipedia.org/wiki/...
It has something to do with cow being very holy i believe, more probably because historically the cow was such important part of the farmer's economy. Almost all Hindus will not eat beef and one of the flash points for hindu - muslim violence is the fact the muslims do. The alleged fact that beef was used in making bullets that soilders to bite before using was one the manifest causes of the 1857 mutiny https://en.wikipedia.org/wiki/...
The Mutiny was a result of various grievances. However the flashpoint was reached when the soldiers were asked to bite off the paper cartridges for their rifles which were greased with animal fat, namely beef and pork. This was, and is, against the religious beliefs of Hindus and Muslims, respectively.
Personally i find eating cow shit disgusting and not eating only beef quite amusing, but then again I am Hindu and a vegetarian.
I am not OP, but I since i think i am part of that audience.
Sure i don't have a 3 digit ID like you, I am fairly recent user, I comment rarely, my comments are barely interesting, but guess what? people like me are the vast majority of the users, most of them don't even have an account. I am happy that slashdot is trying to stay relevant and there are people like me still joining and visiting the site and it has not (yet) become a site of old men complaining about the good ol'days.
if the community is thinking that slashdot can continue being a viable new site by catering to links browsing sys admins from the 90's it is unrealistic.
It is not like dice is changing a winning formula, readership is dwindling, they have invested a lot of money, are they supposed to just sit and watch it all collapse? If you really want to make a difference and keep slashdot classic, offer to pay for it. if enough active community members do, they will keep it. Advertisement based business models need certain critical mass, slashdot is fast losing it.
Don't want to pay big bad DH anything? build your own news aggregator, there is enough unhappy with the beta people with serious talent and plenty of time on hands in this site. Do something useful and quit bitching about.
P.S Beta IS shitty, broken, very JS heavy etc etc,However #fuckbeta doesn't help either, giving constructive feedback is more meaningful? Dice may not listen/execute it, but at least it has better chance of working than #fuckbeta
i agree.. i did that last 2 times i got them.. You know what sucks bigger than beta? people constantly whining about them.. It is making the site unreadable worse than beta is doing..
Slashdot Mirror
Difficult to identify, catch, jurisdiction problems in foreign countries... The manufacturers who sell insecure shit woth hard coded / staic default passwords on the hand should be fined steeply
OP said filing does not absolve you. That is true, Also any absolution usually can happen after the company has no assets left to pay its debt with.
under what law?
If you owned a Patek, you won't be riding the subway in the first place :P
Selling it the black market is only half the part, not getting caught is the important part. More damage a exploit can cause Groupon ( i.e. higher the value on the market) more the chances law enforcement will be knocking on your door.
Companies like Groupon face a higher risk from dissatisfied(or the dumb ones exposed to phishing/social engineering ) employees leaking information than from external exploits, so they are screwed anyway if white hats/employees start acting in bad faith. They are counting on good faith of majority of the players and possibility of punishment via law enforcement to save them.
It might be 5 minute effort for a single application, for someone who is spending is whole time testing dozens of applications everyday, tweaking,refining the scripts etc. It might be a full time job for an in house expert and he will cost lot more than a bounty program.
No he is saying experts will still participate in programs because it is not too much effort and possibility of a payday will keep them in the program, despite poor track record of these companies.
Obviously you would loose the best experts who will spend the time and have the expertise to find the most obscure vulnerabilities. If those researchers where not interested at all in the program ( too small bounty for the effort, groupon track record etc) then Groupon losses nothing by having stingy payment policies.
It was released on 2nd September.. Been more than 28 days already
If I commit a crime and the evidence is in a Hilton hotel room in the UK nobody expects Hilton
Everybody however expects U.S. police to go the U.K. police and courts who will check if it was a crime in the U.K. in the first place then ask the U.K. Hilton to hand over the data, aka due process .
If tracking cash transactions were as easy as you make them out to be, every illegal laundering from drugs to arms would have been long shut down.
a unique serial number is not personally identifiable by itself. Cash is far more anonymous than bitcoin, yes people can theoretically track it, with bitcoin EVERY transaction is by definition recorded. With cash some transactions maybe recorded, retailers do not necessarily record the serial number of every bill of each transaction, while that is certainly possible it is still not common place. Even if all were tracked in the U.S. there are still plenty of holes in your graph, making it difficult to every get anywhere near full picture, primarily due to the nature of U.S. currency. Plenty of people in the world use $ as their medium of exchange, these people who feds have very little control over and can do little to track either.
This is BS, Crypto-currency has very little to do transaction privacy or central control.
if you are worried about privacy of transaction then use cash! .. does a $100 bill hold any "personally identifiable information" barring some trace DNA or fingerprints? central entity controlling has nothing to do with privacy of transactions. cash is controlled by a central entity, yet it is near anonymous. Not being governed by a central entity is a stupid reason for alternative currency.
If you want use anything that has no value on its own as money be it paper (cash), plastic, or Hashes as a store of value, then you will have to trust someone to enforce it. Otherwise you are going to have volatility, and people losing money in scams just look at the ones happening in bitcoin.
U.S. did this 25 years ago https://en.wikipedia.org/wiki/...
I am broke / I have only this much cash / I cannot afford it despite your "attractive" financing / My wife/girlfriend/partner won't allow me to..
Netflix Ultra HD requires 25 Mbps per stream. Also that 105 Mbps is basically the connection between his house and the ISP. The actual speeds you will get depends on where the data is, and the peering agreements, Netflix's of-quoted data on comcast before and after their deal is itself good example
you don't know how much you are influenced doesn't mean you are not influenced, From your own example : Napoleon pretty much enforced the Metric system, the influence might be slightly less if you are from U.S. it is still enormous.
1. They develop and maintain the marketplace :( )
2. They process your transaction, run the payment gateway that interacts with dozens of banks in 100+ countries. they process transactions to the developers as well
3. Pay their transaction fees to banks and VISA/MC
4. Develop and maintain the SDK, and IDE etc that help the developers build the app in the first place
5. Keep your personal credit card info safe ( Then again, Perhaps not
6. You may use your data plan but apple still has to host the files on their servers, considering the amount of free apps downloaded, the deployment costs are certainly non trivial
7. Most importantly ensure significant user base is there for the developer to sell to, through marketing strategies like cross subsidy( sell you cheap phone, and recoup in app purchases)
All this of course does not mean they have to charge 30% margin, but certainly the cost is not trivial.
Very rarely the number of people directly employed makes the difference, If Microsoft is spending $1 Billion in the state, it will probably source significant % of components locally( usually part of any tax break agreement), that will generate lot of business for the local economy, the vendors will in turn will be ordering components, magnifying the effect on the economy, the state tax on all these other transactions will perhaps offset the breaks given to Microsoft.
On the other hand, paying 84 people for 6 years will do very little for the economy by itself
Different people are motivated by different things: security,money, or street cred,or just for fun, the reporter is under no ethical,legal or moral obligation to disclose to anyone in any manner; he is not the manufacturer it is not his fault the bug is there or his responsibility he did not built software/service using the buggy software that people paid for.
Preferential disclosure done which ever way is bad. Chances of black-hats getting hold of it becomes higher, if *some* special people know of it before others; what guarantee is there some dissatisfied employee won't leak it. what makes google, or Red Hat more special than Average Joe running his applications on top of OpenSSL with potentially compromised keys ?
Responsible disclosure has to be fully public; it ensures the manufactures fix it faster; there are vendors who fix zero-days only if they get exposed public exposure. just look at the way oracle fixes java zero days.
since when is news is about what impacts the most number of people ?
Them not being aware is not that this product looked like fluke's, it is do with the fact it is trademarked.. if you check there are dozens of products of similar design, they merely made the common sense assumption that since similar products where already there, there was no trademark protection.
Of course you can argue that they should check and double check before etc and they are at fault.. They are not denying that they are at fault merely saying is too costly for a smaill business to to check fully without an "Army of consultants or attorneys"
Another C2 user here.. sometimes i go on 5 day work trips without taking the charger with me....
All smartphones cheap or not, are like gas guzzling SUVs when it comes to battery life, most die at the end of the day, For me and am sure many other users the phone guaranteed to have juice at the end of the day is far more important than all other bells and whistles
Don't they know wikipedia exists?
Do you know that conservapedia exists?
http://www.conservapedia.com/
Which one is correct? Teach the controversy!
Do you know uncyclopedia exists? http://uncyclopedia.wikia.com/...
The Mutiny was a result of various grievances. However the flashpoint was reached when the soldiers were asked to bite off the paper cartridges for their rifles which were greased with animal fat, namely beef and pork. This was, and is, against the religious beliefs of Hindus and Muslims, respectively.
Personally i find eating cow shit disgusting and not eating only beef quite amusing, but then again I am Hindu and a vegetarian.
I am not OP, but I since i think i am part of that audience.
Sure i don't have a 3 digit ID like you, I am fairly recent user, I comment rarely, my comments are barely interesting, but guess what? people like me are the vast majority of the users, most of them don't even have an account. I am happy that slashdot is trying to stay relevant and there are people like me still joining and visiting the site and it has not (yet) become a site of old men complaining about the good ol'days.
if the community is thinking that slashdot can continue being a viable new site by catering to links browsing sys admins from the 90's it is unrealistic.
It is not like dice is changing a winning formula, readership is dwindling, they have invested a lot of money, are they supposed to just sit and watch it all collapse? If you really want to make a difference and keep slashdot classic, offer to pay for it. if enough active community members do, they will keep it. Advertisement based business models need certain critical mass, slashdot is fast losing it.
Don't want to pay big bad DH anything? build your own news aggregator, there is enough unhappy with the beta people with serious talent and plenty of time on hands in this site. Do something useful and quit bitching about.
P.S Beta IS shitty, broken, very JS heavy etc etc,However #fuckbeta doesn't help either, giving constructive feedback is more meaningful? Dice may not listen/execute it, but at least it has better chance of working than #fuckbeta
i agree.. i did that last 2 times i got them.. You know what sucks bigger than beta? people constantly whining about them.. It is making the site unreadable worse than beta is doing..