Looks like you are trying to add code that exhibits a buffer overflow!
Would you:
(A) Like me to add protection around use of this memory? (B) Update the NSA unregistered exploit list with the location of this memory exploit and your bank account number? (C) Public exploit to Russian IRC server for the LOLs?
It's not "free" to do the legwork and jump through hoops
It takes literally minutes and no effort beyond remembering where you wrote down your EIN; I have one for my business.
I would say I understand where you are coming from, but supporting the technological destruction of the non-technical is really not a concept I can get behind.
Looks like you ignored the advice about your pie-hole. Talk about ignorant monkeys... I guess time to delete your account out of shame and start up another.
I'll let you have the last response since ignorant monkeys like to chatter on and fling shit.
So if you have a company, you should have to pay Dun & Bradstreet
Maybe you should have looked into that a little more carefully? Since a DUNS is free and all?
The purpose of the DUNS number is to have an entity that keeps track of legally registered businesses. So yes in fact, I do think Apple should make sure there is some understanding of who is requesting the open-ended ability to distribute applications on the platform. It's just that they also should verify who they are talking to really belongs with that DUNS number.
Let be just close by saying I think we can all agree, you should shut your pie hole if you don't understand the subject at hand.
At my company, contractors are treated more or less identically to full employees.
And that's how contractors win lawsuits to get full benefits.
Given the legal climate Apple is smart to take a hands-off approach to contractors and let conditions be totally managed by this other company,
I know most of them have been offered full time positions, but for whatever reason they prefer contract positions.
(A) This may be in violation of contracts they have signed with the contracting firm they are working through.
(B) Being a contractor in a large company is nice because you are more sheltered from political intrigue.
(C) You can often figure out how to give yourself equivalent benefits company workers get for less than they are paying, combine that with a higher contractor salary and converting to an employee can mean quite an earnings hit.
I don't think it's very practical for Apple to really police enterprise apps, due to the way they are distributed and who can possibly be running them. Lots of companies rely heavily on the aspect where you do not have to keep track of each and every device and people can easily install company apps on personal devices...
I think where Apple could improve things though is in the initial application for enterprise developer programs. At the very least, it seems like it would not take too much more effort to block one issue mentioned in the article - registering for an enterprise dev account with a stolen DUNS number. There should be some way that Apple could ask the main contact info for any given DUNS number to confirm they had indeed asked for such access... That wouldn't stop everyone but it would probably stop the worst cases.
However, why did the plane wait so long for the passenger to arrive?
It is I think a kindness to hold the flight for some time for passengers that have just made a mistake - one time in Frankfurt we had something like an hour connection between international flights, which we thought would be OK - but changing gates we found we had to go through some internal security checkpoint, and would have been screwed if it hadn't been for some kind security person escorting us through directly.
This is exactly why in my original post I advocate to let people cancel further legs of a multiple leg flight they have booked, so that they will know not to wait and improve the system.
I don't see the guy as being a jerk, at all. I can't see anyone gaming a system (not people) as being a jerk, just being smart.
What if you needed to go somewhere else because of an emergency? Should you really be forced to take every leg of a flight you have booked?
If they don't want people getting off midway through a series of flights, maybe try not pricing an entire trip with multiple legs less than the individual flight to the city in the middle. Their own byzantine pricing system is what led to this result.
If they were smart they'd take advantage of such travelers and allow them to cancel some of the legs after booking, as a way to illuminate pricing errors in the system. Then they'd have an open seat someone else could fill as well. Win -Win.
Look you freaking idiot, I am talking about what I wrote to begin with, not your background technical aspect of carrier peering arrangements or the like. That was never in discussion. I was writing about guarantees for what I as a customer can have as service features from a carrier, that I do not want your stupid NN government meddling in the internet to impact.
YOU responded to ME, so next time try to at least read what someone is writing before totally making up a response that has nothing to do with items under discussion?
People are so misinformed on this subject it makes the head spin.>
Says someone who apparently cannot even read. Bet YOU never read through the original NN regulations that was withdrawn by the FCC.
1. rewrite everything in Rust or very good C++ or some other language that is provably secure and just as fast as the C that these things are written in (so expensive and time consuming that it's practically impossible)
That is exactly what I am saying. You say it's too expensive. How many billions of customers must be hacked until it is considered viable? How much system downtime, lost or corrupted data, cooperate secrets leaked forever?
We can't do everything at once but we could also do at least a think bit more than letting companies swing in the wind by agreeing to produce new systems we know are inherently insecure.
That's why I am saying we must make SOME effort to ratchet security to the better, no matter how small. A journey of a billion trillion miles still begins with a single step.
It's not. It's a theoretical exploit that may lead to actual exploits, but even then, they likely have to be crafted for the specific phone.
Apple's issue is already patched for all devices that it can occur on (that support Group FaceTime). Millions (hundreds of millions?) of Android devices have this exploit that will never see this patch.
And on top of that, the Apple bug affected only people who received a FaceTime call and did not answer, and the attacker knew the secret combo to activate the bug. In short it ALSO was a theoretical exploit, that was a one time deal that never impacted basic phone security.
Android people like you that defend this inexcusable flaw are the worst kind of scum.
they likely have to be crafted for the specific phone
Nope.
And at least you'll be able to get the bug fix with a simple security update
Which for millions will never come. Meantime anyone who can craft a good meme can and will own your phone. Good luck with that.
also "upgrade" the rest of the phone's OS and accept random UI changes and new software designed to throttle the speed of old phones
iOS 12 sped up phones. That speed throttling that protected phones from sudden shutdowns is now in Android as well, since it was inherently a good idea.. but on Apple if you are and idiot you can choose to disable it.
Would you please provide a cogent explanation of why paid prioritization is a good thing for consumers?
Very simple: I would like to be able to pay some additional fee to designate traffic from any source of my choosing to be of higher priority than other traffic.
To put that in simpler terms, I want Netflix to stream as fast as possible to the possible detriment of random browsing or other update traffic from my house.
Why is it so hard to understand people would like to watch Netflix without skipping just because someone else in the house decided to visit Facebook? Or to be able to allocate enough of the pipe so that 4k delivery with a decent bitrate was practical at all times without having to pay for a faster connection for all traffic?
There are tons of useful scenarios if you think for even a second. Please do not kill them over some abstract sense of purity.
Since you have no argument against anything I said, despite your eloquent words I can only conclude you agree with me wholesale, but are not happy about it.
Having tried pretty much all of the VR and AR headsets, the one I thought had the most potential was actually the Hololens - only hampered by a really bad field of view limitation.
If they have improved on that a lot, I think a new Hololens could do really well, even if it's still expensive.
Remember an AR headset can do AR and VR, while a VR headset can only do VR...
If by "Net Neutrality" you mean I cannot pay for prioritization or some kinds of traffic, nor have free delivery of some rate listed video over mobile connections - then I, and millions of others, want no part of it thank you very much.
The kind of Network Neutrality people do want - equal ability to access any location on the internet - we enjoy already, and all you can do is fuck it up if you mess with it.
I had many of the same thoughts you did, but especially this one I don't see questioned my many other people - moving 500k into BTC or the like, even if only for a day is a huge risk in terms of volatility. What if that is the day BTC decided to take a 20% drop just for fun? In fact you can almost be sure that speculators noting such a large volume of purchase would figure out some way to screw the guy short term to make him panic and sell...
I still see BTC as a viable investment, but as short term storage it is nuts and then there are the other factors you mentioned. He was absolutely trying to do something.
I probably have more money than I can afford to loose (if I don't plan to work til I die anyway) tied up in my real-estate (which I live in) and at the bank.
That is at least two things though, and one of which provides shelter which has intrinsic value of its own!!
A little more diversity would be better but you are already I nat least an OK position from a diversity standpoint.
On a side note regarding real estate, I agree with Mark Twain - buy land, they're not making it anymore.
Even if technically most properties you buy are not land, close enough.:-)
The problem is, even if you know full well how to "code safely" all it takes is one slip, or some interaction with another part of the system you didn't fully understand, and you are done.
That is why for most things, sadly languages that allow such slip-ups simply have to go. We cannot live like this forever in a world of chaos where any system of any size is just moments away from disaster or infiltration. As an industry we have to somehow ratchet ourselves forward, even if only a little bit.
I use a few credit unions myself but they are hardly immune from bullshit fees (just not as many). $25 every time I do a wire for a SEP contribution really irks me, for example.
Also my credit union just implemented some stupid rule you can only transfer $1k per day, meaning that for many practical personal transfers I literally have to withdraw cash, and drive it to another bank to get it transferred in a timely manner. Stupid.
Its pretty common to put your life savings with one bank or brokerage firm.
That is just a little more stupid than what this guy did to my mind. It's "insured" but what happens in the event of a truly huge failure or complete market crash? Insurance only works to a point.
I have multiple banks, brokerages. Those are all independent from what my wife has. Why would you NOT keep several sources to store income, rather than risk losing it all?? It's really easy to have multiple money stores, just make sure they are documented so you remember.
The crypto would have been better off in a personal hardware wallet: providing he took proper precautions
Totally agree there. Then he could have had multiple forms of backup. I generally try to use exchanges as just that, and keep funds in a wallet I can control. I do keep some with the exchanges though just as yet another possible source...
But I wouldn't have piped it all through one exchange, through one currency... would have done some largish amount in cash as well, even with the fees.
You mean good ol' Hit and Rourke?? They guy who literally changed his name to try and appear a tiny bit hispanic???
I'll just leave that there and not the rest pop them are worse. Much, much worse...
Sad that you are so blinded by partisanship you cannot see the enormous flaws of every single person you list, to the point I would not trust any of them five minutes alone with a living being I cared about much. Or my wallet.
They get to learn the hard way why each discrete financial regulation we have today was enacted.
It's not like countless people have not lost money from highly regulated banks as well.
I've lost way more money on bullshit fees and predatory practices than I've ever lost through cryptocurrency. At least there I can be in some control over maintaining my own wallet if I wish.
P.S. - Ok, the subject of his post did say investment. But my point remains that you should not pull all of your eggs in any one basket, for any duration.
Slashdot Mirror
Looks like you are trying to add code that exhibits a buffer overflow!
Would you:
(A) Like me to add protection around use of this memory?
(B) Update the NSA unregistered exploit list with the location of this memory exploit and your bank account number?
(C) Public exploit to Russian IRC server for the LOLs?
It's not "free" to do the legwork and jump through hoops
It takes literally minutes and no effort beyond remembering where you wrote down your EIN; I have one for my business.
I would say I understand where you are coming from, but supporting the technological destruction of the non-technical is really not a concept I can get behind.
Looks like you ignored the advice about your pie-hole. Talk about ignorant monkeys... I guess time to delete your account out of shame and start up another.
I'll let you have the last response since ignorant monkeys like to chatter on and fling shit.
So if you have a company, you should have to pay Dun & Bradstreet
Maybe you should have looked into that a little more carefully? Since a DUNS is free and all?
The purpose of the DUNS number is to have an entity that keeps track of legally registered businesses. So yes in fact, I do think Apple should make sure there is some understanding of who is requesting the open-ended ability to distribute applications on the platform. It's just that they also should verify who they are talking to really belongs with that DUNS number.
Let be just close by saying I think we can all agree, you should shut your pie hole if you don't understand the subject at hand.
At my company, contractors are treated more or less identically to full employees.
And that's how contractors win lawsuits to get full benefits.
Given the legal climate Apple is smart to take a hands-off approach to contractors and let conditions be totally managed by this other company,
I know most of them have been offered full time positions, but for whatever reason they prefer contract positions.
(A) This may be in violation of contracts they have signed with the contracting firm they are working through.
(B) Being a contractor in a large company is nice because you are more sheltered from political intrigue.
(C) You can often figure out how to give yourself equivalent benefits company workers get for less than they are paying, combine that with a higher contractor salary and converting to an employee can mean quite an earnings hit.
I don't think it's very practical for Apple to really police enterprise apps, due to the way they are distributed and who can possibly be running them. Lots of companies rely heavily on the aspect where you do not have to keep track of each and every device and people can easily install company apps on personal devices...
I think where Apple could improve things though is in the initial application for enterprise developer programs. At the very least, it seems like it would not take too much more effort to block one issue mentioned in the article - registering for an enterprise dev account with a stolen DUNS number. There should be some way that Apple could ask the main contact info for any given DUNS number to confirm they had indeed asked for such access... That wouldn't stop everyone but it would probably stop the worst cases.
However, why did the plane wait so long for the passenger to arrive?
It is I think a kindness to hold the flight for some time for passengers that have just made a mistake - one time in Frankfurt we had something like an hour connection between international flights, which we thought would be OK - but changing gates we found we had to go through some internal security checkpoint, and would have been screwed if it hadn't been for some kind security person escorting us through directly.
This is exactly why in my original post I advocate to let people cancel further legs of a multiple leg flight they have booked, so that they will know not to wait and improve the system.
I don't see the guy as being a jerk, at all. I can't see anyone gaming a system (not people) as being a jerk, just being smart.
What if you needed to go somewhere else because of an emergency? Should you really be forced to take every leg of a flight you have booked?
If they don't want people getting off midway through a series of flights, maybe try not pricing an entire trip with multiple legs less than the individual flight to the city in the middle. Their own byzantine pricing system is what led to this result.
If they were smart they'd take advantage of such travelers and allow them to cancel some of the legs after booking, as a way to illuminate pricing errors in the system. Then they'd have an open seat someone else could fill as well. Win -Win.
Try reading what I wrote, not what your imaginary opponent wrote.
Look you freaking idiot, I am talking about what I wrote to begin with, not your background technical aspect of carrier peering arrangements or the like. That was never in discussion. I was writing about guarantees for what I as a customer can have as service features from a carrier, that I do not want your stupid NN government meddling in the internet to impact.
YOU responded to ME, so next time try to at least read what someone is writing before totally making up a response that has nothing to do with items under discussion?
People are so misinformed on this subject it makes the head spin.>
Says someone who apparently cannot even read. Bet YOU never read through the original NN regulations that was withdrawn by the FCC.
1. rewrite everything in Rust or very good C++ or some other language that is provably secure and just as fast as the C that these things are written in (so expensive and time consuming that it's practically impossible)
That is exactly what I am saying. You say it's too expensive. How many billions of customers must be hacked until it is considered viable? How much system downtime, lost or corrupted data, cooperate secrets leaked forever?
We can't do everything at once but we could also do at least a think bit more than letting companies swing in the wind by agreeing to produce new systems we know are inherently insecure.
That's why I am saying we must make SOME effort to ratchet security to the better, no matter how small. A journey of a billion trillion miles still begins with a single step.
It's not. It's a theoretical exploit that may lead to actual exploits, but even then, they likely have to be crafted for the specific phone.
Apple's issue is already patched for all devices that it can occur on (that support Group FaceTime). Millions (hundreds of millions?) of Android devices have this exploit that will never see this patch.
And on top of that, the Apple bug affected only people who received a FaceTime call and did not answer, and the attacker knew the secret combo to activate the bug. In short it ALSO was a theoretical exploit, that was a one time deal that never impacted basic phone security.
Android people like you that defend this inexcusable flaw are the worst kind of scum.
they likely have to be crafted for the specific phone
Nope.
And at least you'll be able to get the bug fix with a simple security update
Which for millions will never come. Meantime anyone who can craft a good meme can and will own your phone. Good luck with that.
also "upgrade" the rest of the phone's OS and accept random UI changes and new software designed to throttle the speed of old phones
iOS 12 sped up phones. That speed throttling that protected phones from sudden shutdowns is now in Android as well, since it was inherently a good idea.. but on Apple if you are and idiot you can choose to disable it.
Would you please provide a cogent explanation of why paid prioritization is a good thing for consumers?
Very simple: I would like to be able to pay some additional fee to designate traffic from any source of my choosing to be of higher priority than other traffic.
To put that in simpler terms, I want Netflix to stream as fast as possible to the possible detriment of random browsing or other update traffic from my house.
Why is it so hard to understand people would like to watch Netflix without skipping just because someone else in the house decided to visit Facebook? Or to be able to allocate enough of the pipe so that 4k delivery with a decent bitrate was practical at all times without having to pay for a faster connection for all traffic?
There are tons of useful scenarios if you think for even a second. Please do not kill them over some abstract sense of purity.
Since you have no argument against anything I said, despite your eloquent words I can only conclude you agree with me wholesale, but are not happy about it.
I speak for the freedom of all to get the internet service they want, for whatever purpose they want it.
Having tried pretty much all of the VR and AR headsets, the one I thought had the most potential was actually the Hololens - only hampered by a really bad field of view limitation.
If they have improved on that a lot, I think a new Hololens could do really well, even if it's still expensive.
Remember an AR headset can do AR and VR, while a VR headset can only do VR...
If by "Net Neutrality" you mean I cannot pay for prioritization or some kinds of traffic, nor have free delivery of some rate listed video over mobile connections - then I, and millions of others, want no part of it thank you very much.
The kind of Network Neutrality people do want - equal ability to access any location on the internet - we enjoy already, and all you can do is fuck it up if you mess with it.
plus that third currency is extremely volatile
I had many of the same thoughts you did, but especially this one I don't see questioned my many other people - moving 500k into BTC or the like, even if only for a day is a huge risk in terms of volatility. What if that is the day BTC decided to take a 20% drop just for fun? In fact you can almost be sure that speculators noting such a large volume of purchase would figure out some way to screw the guy short term to make him panic and sell...
I still see BTC as a viable investment, but as short term storage it is nuts and then there are the other factors you mentioned. He was absolutely trying to do something.
I probably have more money than I can afford to loose (if I don't plan to work til I die anyway) tied up in my real-estate (which I live in) and at the bank.
That is at least two things though, and one of which provides shelter which has intrinsic value of its own!!
A little more diversity would be better but you are already I nat least an OK position from a diversity standpoint.
On a side note regarding real estate, I agree with Mark Twain - buy land, they're not making it anymore.
Even if technically most properties you buy are not land, close enough. :-)
They can't remember how to code safely. :-)
The problem is, even if you know full well how to "code safely" all it takes is one slip, or some interaction with another part of the system you didn't fully understand, and you are done.
That is why for most things, sadly languages that allow such slip-ups simply have to go. We cannot live like this forever in a world of chaos where any system of any size is just moments away from disaster or infiltration. As an industry we have to somehow ratchet ourselves forward, even if only a little bit.
Credit Union. No BS fees
I use a few credit unions myself but they are hardly immune from bullshit fees (just not as many). $25 every time I do a wire for a SEP contribution really irks me, for example.
Also my credit union just implemented some stupid rule you can only transfer $1k per day, meaning that for many practical personal transfers I literally have to withdraw cash, and drive it to another bank to get it transferred in a timely manner. Stupid.
Its pretty common to put your life savings with one bank or brokerage firm.
That is just a little more stupid than what this guy did to my mind. It's "insured" but what happens in the event of a truly huge failure or complete market crash? Insurance only works to a point.
I have multiple banks, brokerages. Those are all independent from what my wife has. Why would you NOT keep several sources to store income, rather than risk losing it all?? It's really easy to have multiple money stores, just make sure they are documented so you remember.
The crypto would have been better off in a personal hardware wallet: providing he took proper precautions
Totally agree there. Then he could have had multiple forms of backup. I generally try to use exchanges as just that, and keep funds in a wallet I can control. I do keep some with the exchanges though just as yet another possible source...
But I wouldn't have piped it all through one exchange, through one currency... would have done some largish amount in cash as well, even with the fees.
except that your life's savings are on a thumb drive buried with some rando tech-bro.
Even the dimmest tech-bro has backups. That there was what we refer to as a Tech-No.
Beto O'Rourke
You mean good ol' Hit and Rourke?? They guy who literally changed his name to try and appear a tiny bit hispanic???
I'll just leave that there and not the rest pop them are worse. Much, much worse...
Sad that you are so blinded by partisanship you cannot see the enormous flaws of every single person you list, to the point I would not trust any of them five minutes alone with a living being I cared about much. Or my wallet.
They get to learn the hard way why each discrete financial regulation we have today was enacted.
It's not like countless people have not lost money from highly regulated banks as well.
I've lost way more money on bullshit fees and predatory practices than I've ever lost through cryptocurrency. At least there I can be in some control over maintaining my own wallet if I wish.
P.S. - Ok, the subject of his post did say investment. But my point remains that you should not pull all of your eggs in any one basket, for any duration.