Hang on so the stats say there's approximately a 1% rise surely that's so within tolerance that it shouldn't even be noteworthy!
When you have a sample size equal to your population size, you have a confidence "interval" of zero and a confidence level of one. That figure has no "tolerance" to it, it has perfect significance, it gives the definitive answer.
You can ask "why" from plenty of angles, but you can't question the number itself in this case.
Every company around here uses the built-in services. No need to install extra attack vectors.
I love RDP, and it works amazingly well... As long as both ends live on the same network (or have a public-facing IP) and don't have a firewall running (or the users at both ends know how to properly configure it). Unfortunately, those conditions rule out 99% of destinations.
Microsoft's advice on dealing with those issues may leave a few folks wanting, however: "If you're at home, make sure your router has the Windows logo on it". Gee, thanks Redmond! I'll have no trouble trying to walk someone through fixing that over the phone! "Okay, now open your browser and go to NewEgg.com... Buy the following router - Yes, you need to pay for it; no, it won't really do all that much that your current one doesn't, but just buy one anyway. Then just call me back in two weeks and I can walk you through hooking it up, and then we can experience the full glory of a Remote Assistance session to address your actual problem!"
And apparently the login credentials are stored on their hardware, probably "in the cloud" too.? yeah, feeling about a zero chance I'll try their "services"
Those "credentials" just makes the raw connection. Windows' own security still applies, so any potential attacker still needs to know your own, purely locally-stored, credentials.
By comparison, if you have one of the 1% of situations that would allow RDP/RA to work, an attacker only needs to know your local credentials. I'd have to call adding one more layer of security to that (even one we don't directly control) an improvement, not a weakness.
So, no, this shouldn't cause an issue unless a developer is stupid enough to put the required manifest information in without actually ensuring the code can handle the longer paths/filenames.
Even if Windows hides paths longer than 260 from legacy apps... What, exactly, will Windows return for a call to GetCurrentDirectory(), when a legacy app runs from a path longer than that? What happens when the user tries to explicitly load or save a file from such a path (as in, paste the too-long path directly into the file dialog, which then tries to stuff it into a variable defined as 260 characters long)?
I can't see any way for this not to break a ton of legacy apps, in potentially dangerous ways, regardless of whether MS checks their manifest.
Dying languages really need to quit pissing in the wind. Yes, the world will always have a place for French as a Dead language, right up there with Latin and Greek.
But really... Quit tilting at windmills, guys - We'll all either speak English or Mandarin a century from now. All the "also-rans" need to throw in the towel and pick a side.
Isn't that the same as just not making the money in the first place?
Normally, yes - The tax rules around charitable donations provide exactly zero incentive to donate earned money to charity - By doing so, you've effectively given yourself a pay-cut, and nothing more.
In the case of something you won, by donating it directly to charity, you still get to keep the tax deduction. So basically, the current arrangement involves Offensi getting to "keep" roughly a quarter of that award in the form of deductions against their "real" income (assuming they have enough to matter).
Totally fuck United for giving out their scammy in-house currency rather than real money, but at least the good guys get something for their trouble here.
"Childish and confusing" does not equal "illegal".
The real problem here comes from how our judicial system interprets the word "peers". Any sane interpretation of that word would have the present jury packed with programmers. Instead, we usually take it to mean "complete idiots", to the point that if one juror actually understands anything technical brought up during the trial and tries to explain it to their fellow jurors, that juror has potentially committed a crime.
"Look, we're relevant too! Google banned something abusive, and we did too! And anyway, no one using Windows will ever need tech support (and no one else uses Bing), so who needs those silly ads anyway?"
Well there was a second eyewitness who doesn't appear to have a horse in the race so to speak. Is that not good enough?
Except, the second eyewitness' account doesn't factually disagree with what the logs showed. Yes, the car drove into a truck "by itself", because the owner put it into a mode that allows it to do that.
The sole reason to blame Tesla here, they really should have sensor coverage for the entire height of the car, not just for bumper-and-below obstacles. Though even with that "flaw", Tesla warns owners about that limitation, so I'd still personally give them a pass on liability for damages here.
My point is why convert to dollars anyway? Yes include it along with the original currency of the nation where the story originates (as does the Guardian article it is linked from) but don't replace it like the US is only nation that reads Slashdot.
It makes sense to give it in dollars because people from many countries read Slashdot.
The US Dollar acts as this planet's dominant reserve currency, for better or worse. Pretty much anyone with even the slightest interest in international affairs has a good idea of the current exchange rate between their local currency and the dollar. The same doesn't hold true for Rubles or Euros or Renminbi.
The data included staff names and social security numbers, among other sensitive details.
Why the hell would they send sensitive employee data unencrypted over email? It should have made no difference at all if they sent it to the wrong address, because no one but the intended recipient should have the key to access the data. Yet clearly, not the case here.
People need to start going to jail for shit like this.
What, exactly, do you consider "inappropriate" about "Boaty McBoatface"? Racist? Slanderous? Culturally insensitive? Hurtful to people you'd describe as having a nose like a cheating Australian's winged keel?
If you ask the people to make your decisions for you, you need to accept when they don't agree with your first choice. No one would have cared in the least if they had skipped the vote entirely and unilaterally named it the Attenborough; but giving the illusion of a choice and then ignoring it really pisses people off.
Because of it none saw why a hosts file is ones main defense from malware and the more one builds on it (hosts file) the better it becomes; and their loss.
Microsoft (and malware authors) can - and have - simply rolled their own DNS clients to get around hosts-based blocking.
If you trust any solution running on the same machine as the malware itself (whether that means a cryptolocker or GWX), you will eventually lose.
hint hint, nudge nudge. but there's no h1b problem here. no sir!
Ironically enough, that may actually make them technically more compliant with the terms of the H1B program. "We require Native speakers of Mandarin, and can't find any locally... Oh, and we need them to do some programming for us as well".
In just 10 guesses, you have a 22% "real world" chance of getting it correct. That goes up even further if you know even a hint of biographical data about your target (ie, their birthday).
Am I the only one getting tired of people railing against social justice?
Yep.
I mean, make no mistake, we all wish we didn't need to rail against SJWs. But until they kindly FOAD (or just go back to cowering in their basements in terror of the real world), they'd better get used to the fire.
The main trouble with all this talk is it doesn't mention amounts.
TFA doesn't give exact numbers, but describes the magnitude of the hypothesized effect as in line with the observed acceleration of the EMDrive - Along with presenting at least two testable hypotheses that would support (or refute) the theory further.
Slashdot Mirror
Hang on so the stats say there's approximately a 1% rise surely that's so within tolerance that it shouldn't even be noteworthy!
When you have a sample size equal to your population size, you have a confidence "interval" of zero and a confidence level of one. That figure has no "tolerance" to it, it has perfect significance, it gives the definitive answer.
You can ask "why" from plenty of angles, but you can't question the number itself in this case.
Every company around here uses the built-in services. No need to install extra attack vectors.
I love RDP, and it works amazingly well... As long as both ends live on the same network (or have a public-facing IP) and don't have a firewall running (or the users at both ends know how to properly configure it). Unfortunately, those conditions rule out 99% of destinations.
Microsoft's advice on dealing with those issues may leave a few folks wanting, however: "If you're at home, make sure your router has the Windows logo on it". Gee, thanks Redmond! I'll have no trouble trying to walk someone through fixing that over the phone! "Okay, now open your browser and go to NewEgg.com... Buy the following router - Yes, you need to pay for it; no, it won't really do all that much that your current one doesn't, but just buy one anyway. Then just call me back in two weeks and I can walk you through hooking it up, and then we can experience the full glory of a Remote Assistance session to address your actual problem!"
And apparently the login credentials are stored on their hardware, probably "in the cloud" too.? yeah, feeling about a zero chance I'll try their "services"
Those "credentials" just makes the raw connection. Windows' own security still applies, so any potential attacker still needs to know your own, purely locally-stored, credentials.
By comparison, if you have one of the 1% of situations that would allow RDP/RA to work, an attacker only needs to know your local credentials. I'd have to call adding one more layer of security to that (even one we don't directly control) an improvement, not a weakness.
So, no, this shouldn't cause an issue unless a developer is stupid enough to put the required manifest information in without actually ensuring the code can handle the longer paths/filenames.
Even if Windows hides paths longer than 260 from legacy apps... What, exactly, will Windows return for a call to GetCurrentDirectory(), when a legacy app runs from a path longer than that? What happens when the user tries to explicitly load or save a file from such a path (as in, paste the too-long path directly into the file dialog, which then tries to stuff it into a variable defined as 260 characters long)?
I can't see any way for this not to break a ton of legacy apps, in potentially dangerous ways, regardless of whether MS checks their manifest.
Dying languages really need to quit pissing in the wind. Yes, the world will always have a place for French as a Dead language, right up there with Latin and Greek.
But really... Quit tilting at windmills, guys - We'll all either speak English or Mandarin a century from now. All the "also-rans" need to throw in the towel and pick a side.
Supply and demand would like to have a word with your interpretation of "price gouging."
What does battery condition have to do with "supply and demand"?
as a courtesy raises your fare
I half took you seriously until that gem - Get your corporate master's dick out of your mouth before trying to talk again, 'kay?
At least in the US, exploiting that particular style of price optimization quite often breaks the law:
Price gouging is a pejorative term referring to when a seller spikes the prices of goods, services or commodities to a level much higher than is considered reasonable or fair, and is considered exploitative, potentially to an unethical extent.
Isn't that the same as just not making the money in the first place?
Normally, yes - The tax rules around charitable donations provide exactly zero incentive to donate earned money to charity - By doing so, you've effectively given yourself a pay-cut, and nothing more.
In the case of something you won, by donating it directly to charity, you still get to keep the tax deduction. So basically, the current arrangement involves Offensi getting to "keep" roughly a quarter of that award in the form of deductions against their "real" income (assuming they have enough to matter).
Totally fuck United for giving out their scammy in-house currency rather than real money, but at least the good guys get something for their trouble here.
"Childish and confusing" does not equal "illegal".
The real problem here comes from how our judicial system interprets the word "peers". Any sane interpretation of that word would have the present jury packed with programmers. Instead, we usually take it to mean "complete idiots", to the point that if one juror actually understands anything technical brought up during the trial and tries to explain it to their fellow jurors, that juror has potentially committed a crime.
"Look, we're relevant too! Google banned something abusive, and we did too! And anyway, no one using Windows will ever need tech support (and no one else uses Bing), so who needs those silly ads anyway?"
Well there was a second eyewitness who doesn't appear to have a horse in the race so to speak. Is that not good enough?
Except, the second eyewitness' account doesn't factually disagree with what the logs showed. Yes, the car drove into a truck "by itself", because the owner put it into a mode that allows it to do that.
The sole reason to blame Tesla here, they really should have sensor coverage for the entire height of the car, not just for bumper-and-below obstacles. Though even with that "flaw", Tesla warns owners about that limitation, so I'd still personally give them a pass on liability for damages here.
...For one of the identified variants.
9 weeks times 74 variants gives an upper bound of 12.8 years' difference.
Of course, TFA goes to a paywall, so no raw-data love for us.
At the same time, we must acknowledge the talks about these smart vehicles killing many jobs
Perhaps we can just require all self-driving cars to come with a decorative buggy whip?
"Lying" does not break the law, except in a few very specific contexts.
This ain't one of them.
My point is why convert to dollars anyway? Yes include it along with the original currency of the nation where the story originates (as does the Guardian article it is linked from) but don't replace it like the US is only nation that reads Slashdot.
It makes sense to give it in dollars because people from many countries read Slashdot.
The US Dollar acts as this planet's dominant reserve currency, for better or worse. Pretty much anyone with even the slightest interest in international affairs has a good idea of the current exchange rate between their local currency and the dollar. The same doesn't hold true for Rubles or Euros or Renminbi.
The data included staff names and social security numbers, among other sensitive details.
Why the hell would they send sensitive employee data unencrypted over email? It should have made no difference at all if they sent it to the wrong address, because no one but the intended recipient should have the key to access the data. Yet clearly, not the case here.
People need to start going to jail for shit like this.
What, exactly, do you consider "inappropriate" about "Boaty McBoatface"? Racist? Slanderous? Culturally insensitive? Hurtful to people you'd describe as having a nose like a cheating Australian's winged keel?
If you ask the people to make your decisions for you, you need to accept when they don't agree with your first choice. No one would have cared in the least if they had skipped the vote entirely and unilaterally named it the Attenborough; but giving the illusion of a choice and then ignoring it really pisses people off.
/ Long live Butterstick!
Because of it none saw why a hosts file is ones main defense from malware and the more one builds on it (hosts file) the better it becomes; and their loss.
Microsoft (and malware authors) can - and have - simply rolled their own DNS clients to get around hosts-based blocking.
If you trust any solution running on the same machine as the malware itself (whether that means a cryptolocker or GWX), you will eventually lose.
hint hint, nudge nudge. but there's no h1b problem here. no sir!
Ironically enough, that may actually make them technically more compliant with the terms of the H1B program. "We require Native speakers of Mandarin, and can't find any locally... Oh, and we need them to do some programming for us as well".
Here you go!
Oh, waitasec...
Remind me again what form of representation paying sales tax to another state buys me?
Signed,
John Hancock.
"If a man is not a Socialist at 20 he has no heart, but if he remains one at 30 he has no head."
Depending on how you look at the problem, humans don't do well at picking truly random pins.
In just 10 guesses, you have a 22% "real world" chance of getting it correct. That goes up even further if you know even a hint of biographical data about your target (ie, their birthday).
Can we please give Darwin his fucking due, here? We don't need new traffic signals, we need idiots to exit the gene pool.
Just make it legal to hit people texting while crossing the road, and the problem neatly goes away.
Am I the only one getting tired of people railing against social justice?
Yep.
I mean, make no mistake, we all wish we didn't need to rail against SJWs. But until they kindly FOAD (or just go back to cowering in their basements in terror of the real world), they'd better get used to the fire.
The main trouble with all this talk is it doesn't mention amounts.
TFA doesn't give exact numbers, but describes the magnitude of the hypothesized effect as in line with the observed acceleration of the EMDrive - Along with presenting at least two testable hypotheses that would support (or refute) the theory further.