The real problem with the "hidden" menu items wasn't the "Lets learn and adapt to the user" factor. Hidden menus do not learn and adapt to the user.
All this does is say "If there's something that you want to do that isn't your normal activity, you will NEVER find it. Since the tech person that comes over is, by definition doing something that you don't normally do, they will have trouble finding what it takes to fix it".
Adapting to the user? Not by removing controls that will be needed tomorrow that haven't been used this week.
... and in those years, I got a virus/spyware exactly once: by stupidly going to a keygen site my friend suggested, which was full of malware. The rest of the time, I was fine.
Now here is the key question: Why should you have to know that a site is safe BEFORE you go there? Why should you have to have someone else pre-browse the internet for safety?
Another reason for a gravity well? Ultimately, you want to grow food, and have room to spread out. Both of which require a large surface area.
Now, rings of gas ("Integral Trees"), rings of ground ("RingWorld"), and other ideas have been proposed in science fiction. But until then, you really need a natural gravity well to give you the room to live, breed, and feed.
If you read these posts you would think that the average slashdotter was planning to overthrow one (or more likely all) governments on a regular basis.
I've been trying to overthrow the federal government of the U.S. every 4 years since Raygun came in.
Then what do you think of Puzzle Pirates? Free trial over there is infinite, and the game is free to download and play. (Subscription servers -- fixed fee per month -- restrict what you can do, and the pay-as-you-go servers -- fee based on activities -- have stronger restrictions, but lower incremental unlocking costs).
It has good game play, very few technical issues, but it doesn't have the popularity of WoW.
(Personally, I love the economy game over there, despite the issues involved.)
Internet Explorer -- Must be a tool for exploring the internet. Oh, wait -- it only displays web pages, and doesn't follow the web standards.
SQL Server Management Studio -- Perhaps a program for managing SQL servers.
Photoshop -- Lets you order photos online? You know, shop for photos?
Windows Mail -- Sends mail to and from windows users.
Windows Live Messenger -- No clue. Send messages to "Windows live", whatever that is.
Remote Desktop Connection -- Connect your desktop with another? Oh, so if they put something on their desktop, it appears on my desktop as well? Neat -- sharing files and programs on the desktop. Right?
Adobe Acrobat Reader -- Something that reads acrobatic acts and displays?
As much as I do stuff things into ~/Applications as a rule, I've found that some things will install themselves into/Applications.
Also, ~/Applications did not work with everything; there were times that programs placed there were not found. (Although that might have just been several revisions ago).
But keep in mind: The person above me was saying that "Well behaved apps are designed to store into the system directory". Even when a.dmg install file is distributed, you often will see a link to the system/Applications, rather than a link to ~/Applications. (Hmm, now that I think about it, does Finder support the concept of a non-constant target for an alias?)
I think you have a solution in search of a problem. After decades of using more than one OS over the life of a machine, after seeing OS upgrades crash and burn and needing to be uninstalled, after seeing multiple times a need to install a second OS install for one reason or another, then I'd say that it's more a case of "I grew up with this disaster on microsoft windows, I don't know yet that Apple's OSX won't have similar problems, and I'd rather be safe than sorry." Besides, isn't rule #1: "Run both systems and make sure the new one will work correctly before abandoning the old system"?
The fundamental idea -- "This stuff is stuff from the company, and is unaltered; that stuff is the stuff that I've done on my system, and it 100% separate", is an idea that really, REALLY makes upgrades simple. Or different kernels/distributions. Or...
... And this is perfectly understandable if you look at the tutorial sites out there. Take for example the number 3 result for a google search for "php mysql". It gives the following code, with a short mumble in the precursor about addslashes:
Alright, I know this will sound like something that was suggested before. But why do we -- in 2008 -- have languages where all sorts of context information is thrown away, everything is flattened into a plain string, and that string is all that matters?
Why does "mysql_query()" take a flat text string, and not a printf style control string and a list of arguments? Suddenly, even if the arguments contain special control characters, NOTHING HAPPENS -- everything is tokenized separately, and has some context.
Don't like varargs? Don't like non-parameterizable stuff? Ok, how about some standard routine that builds up a tagged string, (I'm thinking something like RTF or XML), so that your "Bobby Tables" name is clearly tagged as a strange looking name.
Asking every program to do umpteen thousand validations on input is like asking every network program to do umpteen thousand validations on the output of "GetHostByName()" because your underlying DNS software is subject to cache pollution, or worse, "attacker.com has IP address 192.168.2.75, which just happens to be the address of our database server". Or umpteen thousand checks on "What files are you allowed to access?".
We solved this in unix land with things like set-gid (so that special programs could update stuff for you that you could not update yourself), or access() (so that set-uid root programs could check what was a legal operation).
Yet it seems that everywhere else, we still have the same idea: Rather than just have a single standard subroutine call, or even better, a sane way to define what a single term/token is, everyone has to write from scratch.
Would that tutorial really have been hard to re-write as
"Here is an OS upgrade that is designed to make it easy to write browsers with full functionality. However, if you want to use this upgrade in your program, you have to distribute it -- you can't assume that the user has it. And, if you distribute this OS upgrade, then you must also distribute our browser for us. Finally, if you premake systems, you have to include this upgrade, our browser, and its icon on the desktop"
In other words, you have to give our product top billing, and you have to do our distribution work for us.
well/Applications is for everyone. your supposed to install it there. Any where else and your app is misbehaving anyways. And why is that, anyways? What about "~/Applications"?
You shouldn't have to be an admin to install a web browser, word processor , or spreadsheet. You should only be an admin if your installing it for everyone. Exactly. Why can't I install a personal program in ~/Applications?
For that matter, why is it/Applications? Why should ANY user -- root or otherwise -- be expected to install stuff in a system directory?
Why not have/System/Applications (for apple supplied stuff),/Network/Applications,/Local/Applications, and ~/Applications?
And lets go further. Since a problem with Windows is the whole "only one/Program Files per partition => only one operating system install per partition", why not have a concept of OS version/instance specific applications?/Local/OSKey/Applications?
Seriously: 1. Anything from Apple should be in an "Apple only" directory (/System for anything GUI related). 2. All of these --/Network,/Local, ~/ -- have subdirectories that identify os-version-specific stuff.
You've still got to do some work --/bin and/etc, for example -- but now you're on the road to being able to multiboot a drive.
The goals should be to focus on the most effective methods of converting physical substance into harnessed energy, not the fantasy of "clean" energy. Think of all the people who bought or promote electric vehicles claiming they are "clean". That idea is beyond stupid. The energy has to be created somewhere then distributed. All distribution systems have loss. They might be "cleaner" at the point of use but they are not gross clean.
The cleanest energy would be something like wind or water power. They're not efficient and they can't power wheeled vehicles sufficiently. That leaves the concept of combustion in some form. Little pebble reactors in vehicles? Forget it. That leaves the process of a controlled burn. What is the best substance to burn considering infrastructure, portability and energy return aspects? Hydrocarbon. That's all there is to it. Alright, so your reasonable post says that you either burn hydrocarbon in your car, or produce energy elsewhere, transport it to the car, and store it there. Battery powered versus combustion powered. (Side note: I hate the term "Electric vehicle". Most are really Battery assisted gas powered vehicles; some are battery powered, recharged by electic plug.)
The question to ask is: What's better for the environment -- lots and lots of small scale combustion engines that have no choice but to burn hydrocarbons, or a battery that takes energy from the electric grid in whatever form the electric grid wants to use -- wind, water, solar, etc.
Yes, there's transmission loss. But it doesn't have to be hydrocarbon burn. And if it is, it can be a large scale operation, that operates at better efficiencies / less waste.
Years and years ago, instead of batteries, sci fi books talked about putting a flywheel into cars to store energy when you hit the brakes. Today we've got batteries that do it. For hybrids, that's all that has changed, and for true electrics, the old engine is gone.
I don't want an electric because it's "clean". I want one because it's "cleaner" and "cheaper".
If you have that much of a problem reading smaller, high-resolution displays, get your eyes checked and get glasses. And this right here is the problem.
I can read 9 point printed text nicely. You know, the stuff that has about 600-1200 DPI effective resolution?
On the computer, it seems that asking for "12 point" fonts actually gives me N pixels. Higher resolution doesn't give me sharper letters, it gives me smaller letters.
Imagine if you had a 720 DPI display, and that same "higher resolution == smaller" operation went on. How tiny would the letter be?
Well, you'd obviously have to make them 10 times as big as your 72 DPI display.
And that's the issue. Imagine trying to read printed text that is 1/10th the size of what you currently read.
At 72 DPI, I can see a piece of paper on screen in "real life size". But I still want a 25% magnification just because the resolution is bad. And at 92 DPI, I can't get "real size" because everyone seems to assume that "DPI" and "Pixel count" are somehow directly related.
===
Windowing systems -- and computer graphic systems in general -- need four different measurement units. Raw pixels, Raw inches, logical pixels, logical inches. Very few things need to use the raw values. Most things will want to do layout based on logical inches -- which will turn out to be different pixel counts based on screen hardware resolution, and user's scaling preferences. Some things (graphics, primarily) will want to use logical pixels, but that's usually a disaster -- how many web pages (for example) won't display properly because a graphic's display size is specified in pixels, and the user has told FireFox to use a readable minimum size, throwing off the pixel count of the text?
Window managers probably want the logical pixels. Device level stuff probably wants the raw stuff.
===
Your statement "get your eyes checked and get glasses" is elitist. I wear glasses. I have horrible astigmatism that cannot be fully corrected. I get eye strain from a day on the monitor on small text. You sound like the type of people who say "Hey, the developers are all young people with perfect eyesight, so they are perfectly OK making everything usable only by people with perfect eyesight". That's kinda like saying "Hey, our developers have ADD and/or ADHD, so they like having newer, flashier, fancier, eye-catching graphics that are different every release. Gee, the rest of the public must feel the same way".
> Is it that hard to unmaximize a web browser, resize it to half the screen width, and put another page into a second window?
The real problem is the whole "web layout" issue. You don't have web pages present information in a "information dump" that you can then set as you want.
Ideally, I would use a half-width window, and I'd have my text across the whole half width.
Instead, each web site thinks it knows the answer to layout -- usually the left half of the page is wasted white space, because a web site wants to arbitrarily alter how things will be displayed. After all, it's "CSS", and that's the purest wave of the future, right?
Not to mention all the sites that assume "X" pixels of space -- usually 800, forgetting the scroll bar (pet peeve), and so only look right with one particular window width.
If you could actually fix this -- make web sites actually give you the content, and you apply the layout that you want -- then having a half-width window might make sense.
But for that to work, you'd need to override CSS on a per-site, or per-page basis. And every system I've seen at best lets you use a single CSS style sheet for your entire browsing, without taking into account that you need different settings on different sites, and sometimes on different pages within the same site.
Not to mention that I haven't seen a web browser yet that will give you the "starting CSS" page of the page you are viewing as a place to get started. You know, so you don't start from scratch, but can start by modifying the CSS that describes what you are looking at.
Gaak. As a general rule, if I have a page that is laid out in a table, then if I see a one row, three column table, I want column 2, column 3, column 1, in that order, untabled. 95%+ of the time. Give me a firefox plugin that does that, and 90% or more of my layout concerns are solved.
(And usually, that applies even if it's a three row table, where the first and third row are a single element).
1. Any TCP handshake includes a challenge/response. TCP already includes a "random number" -- the sequence number. Take it, apply a secret key, and that result is included in the handshake response (handshake packet 2 to verify the destination host, and packet 3 to potentially verify the originator of the conversation).
2. The public key is placed in the DNS.
If you can control the mapping from "domain.com" to "133.233.111.2", then you can place the expected public key there.
If you are hijacking,
Oh, phoo. This prevents "Attacker.com" from listing "192.168.1.5" as an attack on an internal server, but it does nothing to stop a full DNS hijack by the ISP.
Anyone got a solution other than requiring SSL sockets / https? Just imagine a site that is suddenly presenting a new certificate, that still verifies, but is issued by the same DNS that was responsible for the hijack.
(Hmm... Security basics question here. You ask the site for proof of ID, and that proof of ID includes a "who to ask to verify this proof". So you verify with the very person that the fake certificate tells you to verify with, and it naturally passes. It can't be that easy to break SSL/https:, so what am I missing?)
As much as I like Tor, and run a Tor node, Tor is not the answer.
Tor exposes you to horrible MITM attacks.
Tor is a piece of the puzzle. You need exit guards to protect against nasty MITM exit nodes. The combination of both entry guards AND exit guards means you only have one random node, which makes it too easy to track a communication (Person X is talking to site Y), without adding a 4th hop, and slowing Tor down even more.
You need to have encrypted communication being the norm. Far too many systems will generate a custom page for the end user, but not send that page via HTTPS:.
Even slashdot lets you stay logged in with a cookie, and generates user specific pages, sent over plain HTTP. We've seen XSS ways for people to steal your gmail password, even when you log into gmail with HTTPS:; how hard would it be to grab slashdot passwords?
And think of all the PhPBBS and other BBS systems where your login information is sent in plain text over HTTP:
What would be the CPU load increase to encrypt every web page transmission? Some sites have tried it, and said that they could not handle it.
And the whole "encryption key" problem / host you are talking to problem. Or did you notice that if you go to "https://www.gmail.com", you'll get a warning that some other host is actually doing the communication? It's not an easy problem to solve.
I haven't even gotten to the whole "Is the address I got from my DNS server really the right address" issue. I thought that was solved, and done, until I saw an article where it said that "attacker.com"'s DNS could return any IP address it wanted, including an intranet address, letting scripts get into internal databases if they knew what they were doing.
Sorry, I'm rambling. Yes, Tor helps -- specifically, it prevents a trivial examination of what you are talking to, and it makes it impossible to tell if a communication leaving your site is from you, or just routed through you. It's useless against an NSA-level attack, it forces you to reveal passwords and cookies to exit nodes (hence the need for exit guards), and exposes you to MITM attacks.
Tor is good for two uses: 1. No cookies, no passwords, just be anonymous, and don't log in. 2. When using SSL, hide the "who you talk with" (which is exposed in SSL).
And, my own use: 3. With exit guards, turn the "trivial snooping on what you do" into something less trivial, but still doable.
Not perfect. Just a little harder step for the spooks. Won't stop anyone that actually wants me, but it will stop the "random fishing expeditions".
YPP's "launch from the web page"'s current version uses application local storage to hold the game program and data files. Yes, it asks you if you trust the publisher.
I haven't seen it ask for unlimited computer access in many versions.
Let me try to give a different look at homeopathy.
"Like cures like, when diluted": Apply potential problem item to water that has bacteria in it. Any bacteria that survives is able to deal with that harmful stuff. Said bacteria might be able to deal with the harmful stuff in the body.
"Water memory" in this case is nothing more than the changes in the bacterial population caused by the stuff.
If you start with a high dosage, then all the bacteria will be killed off. You need to start with a low enough dosage that some good stuff will survive.
Now, with this viewpoint/approach, what can we tell, and why can we predict that normal "double blind" tests must fail? (And, how to run a double blind test that won't)
First, you want a control group that is made with distilled water, diluted to the point of "nothing". That should have no effect.
Second, you want to get "active" groups -- many, not just one -- based on water from many different locations. Different parts of the world have different local microscopic populations. There might not be something around here that will survive the nasty stuff, but there might be something that lives in the waters over there.
Thirdly, your "pauses" between dilutions needs to be long enough for the microscopic stuff to reproduce. Ultimately, you want, after the first injection of "bad stuff" into the water, for only (or almost only) the survivable microscopic stuff to be left, and it will want to reproduce until it dominates the water. That might be 3 or 4 generations of replication / cell division / etc. Then, you dilute it. Now you need to wait for that new water to become dominated.
Note that at this stage, the idea is that a creature that dominates the landscape has the best chance to spread and dominate the next/larger landscape. Any ecological niche that was previously occupied by another creature will have been emptied, giving this survivor a chance to spread, and dominate a new niche. There's probably a better explanation/description that I'm not aware of.
Repeat, until you have a testable dosage.
Now, what is going on?
It's not, as people like to set up strawmen: Oh, look, this water is somehow magical. We ran some poison through it, and now it's "different", and somehow special water. Lets test it. Oh, wow, we started with pure water, poisoned it, diluted it with more pure water, and sure enough, we have pure water.
Rather, think more like this: We took biologically active water. We poisoned most of the stuff in it. Something survived. Lets cultivate this survivor, and see if it can neutralize the poison in other locations.
Now, how does it survive? I know of two ways, a biologist might know more ways.
#1. It just isn't affected by it. It survives, but it doesn't do us any good. #2. It produces something that neutralizes it. Good. This is the stuff we want.
Homeopathy, done right, is all about a way to manufacture #2. And if people stopped trying to set up strawmen, to attack, and actually looked at "How might this work", they might see something as obvious -- patently obvious -- as this.
Yes, patently obvious. This is the sort of thing that the U.S. Patent office might grant a patent to, even though it is obvious.
Now, I noticed that James Randall was mentioned in this thread. I've tried to contact his skeptic.org group, because, supposedly, they have a reward for anyone that can give a credible basis for homeopathy. Yet I've never managed to get through to anyone over there.
Michael Gersten
p.s. And don't even start to mention the whole "immunization" aspect. Start with a badly weakened, low dosage of a nasty bacteria. Body fights it off, and is ready for the real thing. Like cures Like.
Slashdot Mirror
I seriously need to know more about this "The credit card companies all just got reamed for similar".
I may have to take my credit card company to court for this very thing.
Completely
Ordered
Levitating
Bug
Extremely
Resistent to
Treatment
I don't like "Completely Ordered", and I can't see what makes a good pig reference in C.O. Anyone able to improve this?
The real problem with the "hidden" menu items wasn't the "Lets learn and adapt to the user" factor. Hidden menus do not learn and adapt to the user.
All this does is say "If there's something that you want to do that isn't your normal activity, you will NEVER find it. Since the tech person that comes over is, by definition doing something that you don't normally do, they will have trouble finding what it takes to fix it".
Adapting to the user? Not by removing controls that will be needed tomorrow that haven't been used this week.
... and in those years, I got a virus/spyware exactly once: by stupidly going to a keygen site my friend suggested, which was full of malware. The rest of the time, I was fine.
Now here is the key question: Why should you have to know that a site is safe BEFORE you go there? Why should you have to have someone else pre-browse the internet for safety?
Another reason for a gravity well? Ultimately, you want to grow food, and have room to spread out. Both of which require a large surface area.
Now, rings of gas ("Integral Trees"), rings of ground ("RingWorld"), and other ideas have been proposed in science fiction. But until then, you really need a natural gravity well to give you the room to live, breed, and feed.
If you read these posts you would think that the average slashdotter was planning to overthrow one (or more likely all) governments on a regular basis.
I've been trying to overthrow the federal government of the U.S. every 4 years since Raygun came in.
You?
Then what do you think of Puzzle Pirates? Free trial over there is infinite, and the game is free to download and play. (Subscription servers -- fixed fee per month -- restrict what you can do, and the pay-as-you-go servers -- fee based on activities -- have stronger restrictions, but lower incremental unlocking costs).
It has good game play, very few technical issues, but it doesn't have the popularity of WoW.
(Personally, I love the economy game over there, despite the issues involved.)
Internet Explorer -- Must be a tool for exploring the internet. Oh, wait -- it only displays web pages, and doesn't follow the web standards.
SQL Server Management Studio -- Perhaps a program for managing SQL servers.
Photoshop -- Lets you order photos online? You know, shop for photos?
Windows Mail -- Sends mail to and from windows users.
Windows Live Messenger -- No clue. Send messages to "Windows live", whatever that is.
Remote Desktop Connection -- Connect your desktop with another? Oh, so if they put something on their desktop, it appears on my desktop as well? Neat -- sharing files and programs on the desktop. Right?
Adobe Acrobat Reader -- Something that reads acrobatic acts and displays?
Alright, I'll take you up on that. I couldn't find your email address, so I have to post here.
Can you help me get a blog set up? Thanks.
Also, ~/Applications did not work with everything; there were times that programs placed there were not found. (Although that might have just been several revisions ago).
But keep in mind: The person above me was saying that "Well behaved apps are designed to store into the system directory". Even when a
The fundamental idea -- "This stuff is stuff from the company, and is unaltered; that stuff is the stuff that I've done on my system, and it 100% separate", is an idea that really, REALLY makes upgrades simple. Or different kernels/distributions. Or
But that island of stability doesn't include 115. Think of the alien tech :-)
...And this is perfectly understandable if you look at the tutorial sites out there. Take for example the number 3 result for a google search for "php mysql". It gives the following code, with a short mumble in the precursor about addslashes:
Alright, I know this will sound like something that was suggested before. But why do we -- in 2008 -- have languages where all sorts of context information is thrown away, everything is flattened into a plain string, and that string is all that matters?
Why does "mysql_query()" take a flat text string, and not a printf style control string and a list of arguments? Suddenly, even if the arguments contain special control characters, NOTHING HAPPENS -- everything is tokenized separately, and has some context.
Don't like varargs? Don't like non-parameterizable stuff? Ok, how about some standard routine that builds up a tagged string, (I'm thinking something like RTF or XML), so that your "Bobby Tables" name is clearly tagged as a strange looking name.
Asking every program to do umpteen thousand validations on input is like asking every network program to do umpteen thousand validations on the output of "GetHostByName()" because your underlying DNS software is subject to cache pollution, or worse, "attacker.com has IP address 192.168.2.75, which just happens to be the address of our database server". Or umpteen thousand checks on "What files are you allowed to access?".
We solved this in unix land with things like set-gid (so that special programs could update stuff for you that you could not update yourself), or access() (so that set-uid root programs could check what was a legal operation).
Yet it seems that everywhere else, we still have the same idea: Rather than just have a single standard subroutine call, or even better, a sane way to define what a single term/token is, everyone has to write from scratch.
Would that tutorial really have been hard to re-write as
$username = $_POST['username'];
$password = $_POST['password'];
$username = safetoken($username);
$password = safetoken($password);
$query = "INSERT INTO user (host, user, password, select_priv, insert_priv, update_ priv) VALUES ('localhost', '$username', PASSWORD('$password'), 'Y', 'Y', 'Y')";
mysql_query_with_safetokens($query);
One call to turn an arbitrary string into something that is properly escaped.
One new call to say "Hey, de-escape the string before you operate, but don't change your tokenizing boundaries because of the de-escaping".
My memory is that Microsoft said,
"Here is an OS upgrade that is designed to make it easy to write browsers with full functionality. However, if you want to use this upgrade in your program, you have to distribute it -- you can't assume that the user has it. And, if you distribute this OS upgrade, then you must also distribute our browser for us. Finally, if you premake systems, you have to include this upgrade, our browser, and its icon on the desktop"
In other words, you have to give our product top billing, and you have to do our distribution work for us.
For that matter, why is it
Why not have
And lets go further. Since a problem with Windows is the whole "only one
Seriously:
1. Anything from Apple should be in an "Apple only" directory (/System for anything GUI related).
2. All of these --
You've still got to do some work --
The cleanest energy would be something like wind or water power. They're not efficient and they can't power wheeled vehicles sufficiently. That leaves the concept of combustion in some form. Little pebble reactors in vehicles? Forget it. That leaves the process of a controlled burn. What is the best substance to burn considering infrastructure, portability and energy return aspects? Hydrocarbon. That's all there is to it. Alright, so your reasonable post says that you either burn hydrocarbon in your car, or produce energy elsewhere, transport it to the car, and store it there. Battery powered versus combustion powered. (Side note: I hate the term "Electric vehicle". Most are really Battery assisted gas powered vehicles; some are battery powered, recharged by electic plug.)
The question to ask is: What's better for the environment -- lots and lots of small scale combustion engines that have no choice but to burn hydrocarbons, or a battery that takes energy from the electric grid in whatever form the electric grid wants to use -- wind, water, solar, etc.
Yes, there's transmission loss. But it doesn't have to be hydrocarbon burn. And if it is, it can be a large scale operation, that operates at better efficiencies / less waste.
Years and years ago, instead of batteries, sci fi books talked about putting a flywheel into cars to store energy when you hit the brakes. Today we've got batteries that do it. For hybrids, that's all that has changed, and for true electrics, the old engine is gone.
I don't want an electric because it's "clean". I want one because it's "cleaner" and "cheaper".
If you have that much of a problem reading smaller, high-resolution displays, get your eyes checked and get glasses. And this right here is the problem.
I can read 9 point printed text nicely. You know, the stuff that has about 600-1200 DPI effective resolution?
On the computer, it seems that asking for "12 point" fonts actually gives me N pixels. Higher resolution doesn't give me sharper letters, it gives me smaller letters.
Imagine if you had a 720 DPI display, and that same "higher resolution == smaller" operation went on. How tiny would the letter be?
Well, you'd obviously have to make them 10 times as big as your 72 DPI display.
And that's the issue. Imagine trying to read printed text that is 1/10th the size of what you currently read.
At 72 DPI, I can see a piece of paper on screen in "real life size". But I still want a 25% magnification just because the resolution is bad. And at 92 DPI, I can't get "real size" because everyone seems to assume that "DPI" and "Pixel count" are somehow directly related.
===
Windowing systems -- and computer graphic systems in general -- need four different measurement units. Raw pixels, Raw inches, logical pixels, logical inches. Very few things need to use the raw values. Most things will want to do layout based on logical inches -- which will turn out to be different pixel counts based on screen hardware resolution, and user's scaling preferences. Some things (graphics, primarily) will want to use logical pixels, but that's usually a disaster -- how many web pages (for example) won't display properly because a graphic's display size is specified in pixels, and the user has told FireFox to use a readable minimum size, throwing off the pixel count of the text?
Window managers probably want the logical pixels. Device level stuff probably wants the raw stuff.
===
Your statement "get your eyes checked and get glasses" is elitist. I wear glasses. I have horrible astigmatism that cannot be fully corrected. I get eye strain from a day on the monitor on small text. You sound like the type of people who say "Hey, the developers are all young people with perfect eyesight, so they are perfectly OK making everything usable only by people with perfect eyesight". That's kinda like saying "Hey, our developers have ADD and/or ADHD, so they like having newer, flashier, fancier, eye-catching graphics that are different every release. Gee, the rest of the public must feel the same way".
> Is it that hard to unmaximize a web browser, resize it to half the screen width, and put another page into a second window?
The real problem is the whole "web layout" issue. You don't have web pages present information in a "information dump" that you can then set as you want.
Ideally, I would use a half-width window, and I'd have my text across the whole half width.
Instead, each web site thinks it knows the answer to layout -- usually the left half of the page is wasted white space, because a web site wants to arbitrarily alter how things will be displayed. After all, it's "CSS", and that's the purest wave of the future, right?
Not to mention all the sites that assume "X" pixels of space -- usually 800, forgetting the scroll bar (pet peeve), and so only look right with one particular window width.
If you could actually fix this -- make web sites actually give you the content, and you apply the layout that you want -- then having a half-width window might make sense.
But for that to work, you'd need to override CSS on a per-site, or per-page basis. And every system I've seen at best lets you use a single CSS style sheet for your entire browsing, without taking into account that you need different settings on different sites, and sometimes on different pages within the same site.
Not to mention that I haven't seen a web browser yet that will give you the "starting CSS" page of the page you are viewing as a place to get started. You know, so you don't start from scratch, but can start by modifying the CSS that describes what you are looking at.
Gaak. As a general rule, if I have a page that is laid out in a table, then if I see a one row, three column table, I want column 2, column 3, column 1, in that order, untabled. 95%+ of the time. Give me a firefox plugin that does that, and 90% or more of my layout concerns are solved.
(And usually, that applies even if it's a three row table, where the first and third row are a single element).
Why not just take it over and use it for something constructive, like protein folding or something?
Oh, right -- because then we'd be breaking the law, and the botnet operators might sue us.
DNS is still subject to junk being given out.
Here's a potential solution:
1. Any TCP handshake includes a challenge/response. TCP already includes a "random number" -- the sequence number. Take it, apply a secret key, and that result is included in the handshake response (handshake packet 2 to verify the destination host, and packet 3 to potentially verify the originator of the conversation).
2. The public key is placed in the DNS.
If you can control the mapping from "domain.com" to "133.233.111.2", then you can place the expected public key there.
If you are hijacking,
Oh, phoo. This prevents "Attacker.com" from listing "192.168.1.5" as an attack on an internal server, but it does nothing to stop a full DNS hijack by the ISP.
Anyone got a solution other than requiring SSL sockets / https? Just imagine a site that is suddenly presenting a new certificate, that still verifies, but is issued by the same DNS that was responsible for the hijack.
(Hmm... Security basics question here. You ask the site for proof of ID, and that proof of ID includes a "who to ask to verify this proof". So you verify with the very person that the fake certificate tells you to verify with, and it naturally passes. It can't be that easy to break SSL/https:, so what am I missing?)
Very nice setup. Can you provide some more details?
As much as I like Tor, and run a Tor node, Tor is not the answer.
Tor exposes you to horrible MITM attacks.
Tor is a piece of the puzzle. You need exit guards to protect against nasty MITM exit nodes. The combination of both entry guards AND exit guards means you only have one random node, which makes it too easy to track a communication (Person X is talking to site Y), without adding a 4th hop, and slowing Tor down even more.
You need to have encrypted communication being the norm. Far too many systems will generate a custom page for the end user, but not send that page via HTTPS:.
Even slashdot lets you stay logged in with a cookie, and generates user specific pages, sent over plain HTTP. We've seen XSS ways for people to steal your gmail password, even when you log into gmail with HTTPS:; how hard would it be to grab slashdot passwords?
And think of all the PhPBBS and other BBS systems where your login information is sent in plain text over HTTP:
What would be the CPU load increase to encrypt every web page transmission? Some sites have tried it, and said that they could not handle it.
And the whole "encryption key" problem / host you are talking to problem. Or did you notice that if you go to "https://www.gmail.com", you'll get a warning that some other host is actually doing the communication? It's not an easy problem to solve.
I haven't even gotten to the whole "Is the address I got from my DNS server really the right address" issue. I thought that was solved, and done, until I saw an article where it said that "attacker.com"'s DNS could return any IP address it wanted, including an intranet address, letting scripts get into internal databases if they knew what they were doing.
Sorry, I'm rambling. Yes, Tor helps -- specifically, it prevents a trivial examination of what you are talking to, and it makes it impossible to tell if a communication leaving your site is from you, or just routed through you. It's useless against an NSA-level attack, it forces you to reveal passwords and cookies to exit nodes (hence the need for exit guards), and exposes you to MITM attacks.
Tor is good for two uses:
1. No cookies, no passwords, just be anonymous, and don't log in.
2. When using SSL, hide the "who you talk with" (which is exposed in SSL).
And, my own use:
3. With exit guards, turn the "trivial snooping on what you do" into something less trivial, but still doable.
Not perfect. Just a little harder step for the spooks. Won't stop anyone that actually wants me, but it will stop the "random fishing expeditions".
How about this:
Impeaching Bush without getting rid of Dick Cheney first would lead to President Quail.
Hmm. That anti-impeachment strategy worked for Raygun. Regan. Reagan. Whatever.
YPP's "launch from the web page"'s current version uses application local storage to hold the game program and data files. Yes, it asks you if you trust the publisher.
I haven't seen it ask for unlimited computer access in many versions.
I'm sorry, but I have to announce that this post made me realize that I lost the game.
Let me try to give a different look at homeopathy.
"Like cures like, when diluted": Apply potential problem item to water that has bacteria in it. Any bacteria that survives is able to deal with that harmful stuff. Said bacteria might be able to deal with the harmful stuff in the body.
"Water memory" in this case is nothing more than the changes in the bacterial population caused by the stuff.
If you start with a high dosage, then all the bacteria will be killed off. You need to start with a low enough dosage that some good stuff will survive.
Now, with this viewpoint/approach, what can we tell, and why can we predict that normal "double blind" tests must fail? (And, how to run a double blind test that won't)
First, you want a control group that is made with distilled water, diluted to the point of "nothing". That should have no effect.
Second, you want to get "active" groups -- many, not just one -- based on water from many different locations. Different parts of the world have different local microscopic populations. There might not be something around here that will survive the nasty stuff, but there might be something that lives in the waters over there.
Thirdly, your "pauses" between dilutions needs to be long enough for the microscopic stuff to reproduce. Ultimately, you want, after the first injection of "bad stuff" into the water, for only (or almost only) the survivable microscopic stuff to be left, and it will want to reproduce until it dominates the water. That might be 3 or 4 generations of replication / cell division / etc. Then, you dilute it. Now you need to wait for that new water to become dominated.
Note that at this stage, the idea is that a creature that dominates the landscape has the best chance to spread and dominate the next/larger landscape. Any ecological niche that was previously occupied by another creature will have been emptied, giving this survivor a chance to spread, and dominate a new niche. There's probably a better explanation/description that I'm not aware of.
Repeat, until you have a testable dosage.
Now, what is going on?
It's not, as people like to set up strawmen: Oh, look, this water is somehow magical. We ran some poison through it, and now it's "different", and somehow special water. Lets test it. Oh, wow, we started with pure water, poisoned it, diluted it with more pure water, and sure enough, we have pure water.
Rather, think more like this: We took biologically active water. We poisoned most of the stuff in it. Something survived. Lets cultivate this survivor, and see if it can neutralize the poison in other locations.
Now, how does it survive? I know of two ways, a biologist might know more ways.
#1. It just isn't affected by it. It survives, but it doesn't do us any good.
#2. It produces something that neutralizes it. Good. This is the stuff we want.
Homeopathy, done right, is all about a way to manufacture #2. And if people stopped trying to set up strawmen, to attack, and actually looked at "How might this work", they might see something as obvious -- patently obvious -- as this.
Yes, patently obvious. This is the sort of thing that the U.S. Patent office might grant a patent to, even though it is obvious.
Now, I noticed that James Randall was mentioned in this thread. I've tried to contact his skeptic.org group, because, supposedly, they have a reward for anyone that can give a credible basis for homeopathy. Yet I've never managed to get through to anyone over there.
Michael Gersten
p.s. And don't even start to mention the whole "immunization" aspect. Start with a badly weakened, low dosage of a nasty bacteria. Body fights it off, and is ready for the real thing. Like cures Like.