When they're being directed towards a culinary career. In fact, if you don't train children how to properly use knives, they become less effective at preparing meals (because they mishandle the knife and hack the meat rather than cutting it cleanly.)
Also related is not allowing children to do other complex things, like program a computer (cause "what's a computer"), perform math a few grades above the normal level (cause math is sooo hard), and so on. If you prevent children from learning anything, then they won't become as functional when they become adults.
People need to take personal responsibilty for their own advancement and not always expect that someone else will provide for them.
Excellent idea. To make this possible, perhaps you should start a charity fund or government program so that people can perform their personal advancement rather than being shoehorned into an education system that doesn't provide the education they require.
Speaking of which, that's the same paradigm used after the United States civil war. They were fine with freeing all the slaves, but plopped the responsibility for making a living onto the freed slaves (when slaves in prior eras were given a useful parting gift when they were freed, these were simply dumped to the street with no assistance or past wages.)
Diagnose my illness (without a doctor as the interface)
webmd.com can handle that. Of course, some of the symptoms could mean you're about to die, but they've got that down.
Teach my kids.
Khanacademy, duolingo, and related come very close to that. Not a full replacement, but it can give quite a boost if done right.
Get elected and participate in government.
That it won't do at all. More likely, it will have a large army built up, perform a coup to get rid of corruption, and manage stuff more effectively than whatever is going on with whomever is currently elected.
The downside however is that every month or whatever when you push out updates to the code, you will completely break all backwards compatibility with your previous blockchain and have to start again.
This didn't affect the Bitcoin Gold fork that changed the hashing algorithm. The previous hashing algorithm is considered authentic only for blocks below a certain point in the chain, and all blocks later must use the new algorithm.
There is literally nothing a CPU can do that an ASIC can't do, at worst, equally well and fast, and at best the ASIC can do it much much faster.
ASICs tend to do a significantly worse job at allowing the user to multitask on the same device. Want to play XCOM while bitcoin mining? Can only do that on a CPU/GPU combo rather than using your ASIC.
Wouldn't it be better to make ALL cellphones more secure, by law
First, you should define secure, and then discover that it's either impossible to achieve (because crackers can find the next exploit), or annoys the power users who want advanced features of the device (because they want to get features unavailable in a stock OS).
They found that between 1991 and 2016, adolescents who spent more time on electronic communication and screens -- social media, texting, electronic games, the internet -- were less happy, less satisfied with their lives and had lower self-esteem. TV watching, which declined over the nearly two decades they examined, was similarly linked to lower psychological well-being.
Perhaps this is backwards. A lower pscyhological well-being is linked to TV watching, social media, texting, electronic games, the internet, etc.
When you look it it this way, it becomes a "complete surprise" to everyone, because there's no way someone a bit more depressed would become more interested in a hobby that feels less stressful, doesn't have a chance of resulting in more anxiety, provides a guaranteed amount of comfort, etc.
Compare this to real live where you deal with people upset that something purple was purple, the various stories from voices from the hellmouth, the small but extremely hazardous chance your life partner becomes crazy, etc.
Cold war era. Basically a chance of nuclear warfare.Tensions have reduced nowadays.
Less chance of socialized health care. Also, health care was less advanced.
In 'Murica, Still clinging on the good-old racial ideology, and still being pissy about it. (If they didn't want such racial tensions, maybe they shouldn't have kidnapped those people en-masse.) Generally a solved problem provided people keep remembering how the alt-right actually works.
More difficult knowledge dissemenation. Sure there's the library, etc, but if you need something esoteric or need to start specializing, that's harder 50 years ago. Plus people can make their won portable libraries on computers, if desired.
The other problem is that it's so difficult to extract keys from an old copy of wallet.dat. The stock Bitcoin client that should be able to read it requires a ~150GB download (not necessary for cloud-computing), rather than giving a very trivial tool that allows exporting these addresses into another application. It's as if the developers want to secure the file, without it actually being secure.
One other client crashed when trying to read wallet.dat. It must be getting snagged on some pattern of bits, as it also crashed when reading a plain-text variation of that file.
Importing/Exporting data is a solved problem, and defiantly critical to something like Bitcoin.
The concept of a certificate trust list has always bugged me.
True, but you have to start somewhere. I'm not sure on the specifics, but there's likely something in place that allows companies to trust who writes those root certificates.
If I use Chrome, Google has decided what authorities are trustworthy.
Chrome uses the security certificate store found in the operating system. As such, it's either Microsoft, Apple, Google, or a random Linux distro that determines who is trustworthy depending on who wrote the device.
Mozilla uses it's own certificate store, although you can still modify it as needed.
Will HTTPS stop a network email scanner from detecting malicious links in the email?
First, a network email scanner would be on the mail server itself, looking out for suspicious links. The suspicious link scanner can easily visit websites to make sure they're safe for the reader, especially if it's a site that's not previously indexed by Google.
Will HTTPS stop a malware scanner from analyzing a malicious payload in the email? Yes.
If you use a corporate computer (especially one for a large company), there's likely to be an internal security certificate deployed on those machines. They're also likely to have browsers configured to use a proxy server, to reduce the load of commonly accessed websites.
Certain proxy servers can be configured to intercept HTTPS traffic, and emulate a legitimate security certificate. This allows corporations to MITM their own employees and spy on their own HTTPS connections. Thus an enterprise-grade network/malware scanner can break through these limitations.
As others have commented, this has more to do with Google protecting its revenue stream than protecting the end user.
Or it could be paranoia. Instead of making browsers secure by design, they instead chase after security theaters that sufficiently skilled hackers know how to bypass.
Paper ballots (scantrons, punch cards, etc) are the worst at actually recording the voter's INTENT.
I've used plenty of paper ballots in previous elections. The only reason you can't catch the voter's intent is because it's a coarse first-past-the-post system where the person with the most votes wins. This prevents telling the difference between someone voting for a the best candidate or someone doing strategic voting to prevent a bad candidate from being elected. Likewise, a vote for a kook candidate because someone believes them, or because they're dissatisfied with the other candidates.
Changing from paper ballots only helps if you have some complex system where it becomes difficult to count various combinations.
Touch screens or other devices record the voter's intent onto paper ballots that are HUMAN READABLE. Then the voter can review it for errors, and take it to the other side of the room to put it in the ballot box or system that COUNTS the votes.
Okay, so paper ballots are the worst at recording voter's intent, yet you recommend some form of paper ballot to record the voter's intent? Might as well get a political opinion from a pinball machine.
Paper ballots already match what you described as ideal. A device known as a pencil is used to record a voter's choice, and the voter can review it for errors before putting it in the ballot box and/or counting machine.
The problem with C is that the unsafe stuff is default. Some of this was fixed over time, but it's taken so long that the unsafe practices are prevalent. Some of the functions later meant to offset this issue are sometimes not found in stock compilers (even if there's an update that later adds them.)
Oh, and I did find a useful feature in one of the compilers. Turns out it was just specific to that one, and I had to rewrite code since it wasn't standard.
Just allocate insanely large buffers and use the bounded functions to prevent overflow.
A large memory footprint leads to other issues, such as the app "Dark Souls III" crashing half way through certain speedrun categories.
Bounded functions work, but since they're not default, it takes significant effort to create and use them. If you're in a situation where you should use bonded functions, then you should instead use a modern managed language which is good enough for most usages. Only in very tight processing loops should one switch over to unbounded functions, because speed is necessary there.
Other than the fact that all but the most ancient website won't work without it anymore... unless its a flash website that is.
If there's a website that has a legitimate use for Javascript, then the user can easily enable it for that site. The trivial use cases include Kongregate, Newgrounds, and flash-portal game sites.
In all other cases, the website should maintain basic function in the event the browser doesn't activate Javascript. In fact, both examples I listed above still function without JS enabled, as you can head to the game's page before you need to turn on scripts.
Try browsing with scripting summarily disabled and let me know how it works for ya.
I've done it for quite a long time. Got tired of rogue advertisers redirecting the page to "update java", and I've only enabled sites that actually require Javascript. If it requires Javascript unnecessarily, then I don't need to visit that site as much.
Under normal situations (power outages don't count), Visa and Mastercard rules prohibit asking for ID as part of credit card transactions. Such ID may only be required if it's required to complete the transaction itself, not because they use the card.
That's why one should build "live code" outside a normal work environment.
Perhaps you wrote a bandwagon incremental game on your spare time. If you have that game on any public-play website, it counts as live, and you can demonstrate your work.
I've had browsers bleed username information across websites, as those browsers seem to add features well before thinking about the consequences. Having credit card stuff stored in-browser makes it just as secure as anything else the browser does (i.e. not very secure).
Also, it's not supposed to be auto-saved, since credit cards are supposed to be in your possession when you use them, rather than still being in the wallet found on a dresser. As much as it is "inconvenient", this really should be the normal paradigm.
Being "right more than being wrong" can be technically correct with 50.1% accuracy, and also includes taking stuff from other sources (i.e. not 4chan.) Even tabloids can meet this level of accuracy simply by having enough true stories while still having subjective op-ed presented as fact, or having the front page being what amounts to "fiance's looks at girl's photo is stunned" clickbait.
4chan has done good things in the past, helping track down individuals (although any high-volume public messageboard can do the same). The actual challenge is finding a way to contain false information, or witchhunts against the wrong targets (as what happened with the Boston Marathon bombing).
Apple made it so you could just plug in a mouse or start up a program and it would just... work.
That's pretty much easy if you have full control over both the hardware and sofftware design. You can see the same pattern with the Commodore Amiga or other standard pre-fab home computers, where everything has a specific standard to follow, and everything had a specific design.
It was only an advantage in the short-term versus the PC, which was much less standardized in what could be included or developed for it, and had a baseline that only required a keyboard+monitor (mouse required a driver). Once devices started to support plug and play and the tech matured over a few years, PCs wouldn't be as hobbled by configuration problems. .
"Is the world ready for flying cars?" is just like asking if the world is ready for helicopters.
Given how you've seen most people drive, it's just as unlikely they'll safely pilot aircraft either. You'll have long stretches of crashed vehicles, and so on.
The point is to say "Hi, we're so skilled and want funding". Who cares about doing proper research, we're just doing enough to make a pretty 190 page document. Slightly more useful is a document that helps instruct new programmers on information on how to harden code, as opposed to a comparison on which features browsers implement.
My opinion on the research itself: A quick scan on the document doesn't have mention of "Punycode", which was a semi-recent vulnerability which is rather important. Comparing the speed at handling that issue gives a good indicaton on the health of the browser. (For reference, Chrome, Edge and Pale Moon fix the issue. Meanwhile, Firefox fails despite an alternate version working fine. You can test you browser yourself by visitng Apple.com to see the secure lock symbol.)
While HTTP has the specification in one document, you still need to read more than one if you want modern browsers to work as expected. FTP works find with just one specification (and if an FTP client craps out, that's usually because it doesn't know how to operate.)
FTP makes it easier to determine which state the server/client is at. HTTP plops headers into one block that's sent, and hopes the other side doesn't get confused. (A minor technical difference for those iteratively creating an FTP/HTTP client/server).
FTP generally has one encoding in common use. HTTP has multiple encodings in common use, including chunked mode, gzip compression, and a few others. There's also other tricks, such as pipelining, which are optional, but help speed things up.
HTTP may be easier to implement in the most basic format since you only have one task to worry about. However, modern browsers expect things like Access-Control-Allow-Origin, which you won't know about until you stumble upon it by accident.
Anyone can make an idea, whether it's something like cheap space flight, teleportation, cure for the common cold, cold fusion, perpetual motion machines, and so on. Some of these may be impractical, but they still exist and are unclaimed.
On an annual basis, research productivity is declining at a rate of about 6.8 percent per year in the semiconductor industry.
Given that the article-linked paper is behind some paywall, this makes it hard to create questions, whether it's methodology or actual cause.
It could be that researching the new stuff takes extra time to verify, or that the newer stuff requires very delicate processes that slow things down. It could also be substandard education (e.g. giving Grade 7 word searches with only horizontal words), or general anti-intellectualism that saps the ability to work properly.
That's why this article feels like conclusion jumping.
Protip: If someone knows enough about HTTPS to successfully do a MitM without the browser squaking, then they're not likely they're going to be hacked by their own MitM method.
Modern "hacking" attempts instead rely on other social engineering routes, such as the Punycode URL showing up as "Secure" and on apple.com, with the user being unable to tell if something is wrong. The other common route is using a browser exploit to automatically execute code, as done for two consecutive decades.
So before you complain about insecure activity by someone who knows what they're doing, maybe you should do some work in dampening well known browser exploits.
I don't see why MITM attacks intended to capture information would cause SSL errors
If the Mitm just sees the bits transmitted between two points, there won't be a problem. However, the MitM attack wants the decoded information, and that requires cracking SSL.
The operating system (or browser) has a set of public root certificates, all of which are used to verify a chain of trust of other certificates. The theory is that the SSL certificate is authentic towards an intermediate certificate, and in turn is authentic to a root certificate.
In a MitM attack, an SSL certificate is generated but doesn't validate correctly if checked against the intermediate certificate. Alternatively, it could be valid, but not towards a certificate known by the client.
Slashdot Mirror
When they're being directed towards a culinary career. In fact, if you don't train children how to properly use knives, they become less effective at preparing meals (because they mishandle the knife and hack the meat rather than cutting it cleanly.)
Also related is not allowing children to do other complex things, like program a computer (cause "what's a computer"), perform math a few grades above the normal level (cause math is sooo hard), and so on. If you prevent children from learning anything, then they won't become as functional when they become adults.
Excellent idea. To make this possible, perhaps you should start a charity fund or government program so that people can perform their personal advancement rather than being shoehorned into an education system that doesn't provide the education they require.
Speaking of which, that's the same paradigm used after the United States civil war. They were fine with freeing all the slaves, but plopped the responsibility for making a living onto the freed slaves (when slaves in prior eras were given a useful parting gift when they were freed, these were simply dumped to the street with no assistance or past wages.)
webmd.com can handle that. Of course, some of the symptoms could mean you're about to die, but they've got that down.
Khanacademy, duolingo, and related come very close to that. Not a full replacement, but it can give quite a boost if done right.
That it won't do at all. More likely, it will have a large army built up, perform a coup to get rid of corruption, and manage stuff more effectively than whatever is going on with whomever is currently elected.
This didn't affect the Bitcoin Gold fork that changed the hashing algorithm. The previous hashing algorithm is considered authentic only for blocks below a certain point in the chain, and all blocks later must use the new algorithm.
ASICs tend to do a significantly worse job at allowing the user to multitask on the same device. Want to play XCOM while bitcoin mining? Can only do that on a CPU/GPU combo rather than using your ASIC.
First, you should define secure, and then discover that it's either impossible to achieve (because crackers can find the next exploit), or annoys the power users who want advanced features of the device (because they want to get features unavailable in a stock OS).
Perhaps this is backwards. A lower pscyhological well-being is linked to TV watching, social media, texting, electronic games, the internet, etc.
When you look it it this way, it becomes a "complete surprise" to everyone, because there's no way someone a bit more depressed would become more interested in a hobby that feels less stressful, doesn't have a chance of resulting in more anxiety, provides a guaranteed amount of comfort, etc.
Compare this to real live where you deal with people upset that something purple was purple, the various stories from voices from the hellmouth, the small but extremely hazardous chance your life partner becomes crazy, etc.
First, you should check what's back in 1967:
The other problem is that it's so difficult to extract keys from an old copy of wallet.dat. The stock Bitcoin client that should be able to read it requires a ~150GB download (not necessary for cloud-computing), rather than giving a very trivial tool that allows exporting these addresses into another application. It's as if the developers want to secure the file, without it actually being secure.
One other client crashed when trying to read wallet.dat. It must be getting snagged on some pattern of bits, as it also crashed when reading a plain-text variation of that file.
Importing/Exporting data is a solved problem, and defiantly critical to something like Bitcoin.
True, but you have to start somewhere. I'm not sure on the specifics, but there's likely something in place that allows companies to trust who writes those root certificates.
Chrome uses the security certificate store found in the operating system. As such, it's either Microsoft, Apple, Google, or a random Linux distro that determines who is trustworthy depending on who wrote the device.
Mozilla uses it's own certificate store, although you can still modify it as needed.
First, a network email scanner would be on the mail server itself, looking out for suspicious links. The suspicious link scanner can easily visit websites to make sure they're safe for the reader, especially if it's a site that's not previously indexed by Google.
If you use a corporate computer (especially one for a large company), there's likely to be an internal security certificate deployed on those machines. They're also likely to have browsers configured to use a proxy server, to reduce the load of commonly accessed websites.
Certain proxy servers can be configured to intercept HTTPS traffic, and emulate a legitimate security certificate. This allows corporations to MITM their own employees and spy on their own HTTPS connections. Thus an enterprise-grade network/malware scanner can break through these limitations.
Or it could be paranoia. Instead of making browsers secure by design, they instead chase after security theaters that sufficiently skilled hackers know how to bypass.
I've used plenty of paper ballots in previous elections. The only reason you can't catch the voter's intent is because it's a coarse first-past-the-post system where the person with the most votes wins. This prevents telling the difference between someone voting for a the best candidate or someone doing strategic voting to prevent a bad candidate from being elected. Likewise, a vote for a kook candidate because someone believes them, or because they're dissatisfied with the other candidates.
Changing from paper ballots only helps if you have some complex system where it becomes difficult to count various combinations.
Okay, so paper ballots are the worst at recording voter's intent, yet you recommend some form of paper ballot to record the voter's intent? Might as well get a political opinion from a pinball machine.
Paper ballots already match what you described as ideal. A device known as a pencil is used to record a voter's choice, and the voter can review it for errors before putting it in the ballot box and/or counting machine.
The problem with C is that the unsafe stuff is default. Some of this was fixed over time, but it's taken so long that the unsafe practices are prevalent. Some of the functions later meant to offset this issue are sometimes not found in stock compilers (even if there's an update that later adds them.)
Oh, and I did find a useful feature in one of the compilers. Turns out it was just specific to that one, and I had to rewrite code since it wasn't standard.
A large memory footprint leads to other issues, such as the app "Dark Souls III" crashing half way through certain speedrun categories.
Bounded functions work, but since they're not default, it takes significant effort to create and use them. If you're in a situation where you should use bonded functions, then you should instead use a modern managed language which is good enough for most usages. Only in very tight processing loops should one switch over to unbounded functions, because speed is necessary there.
If there's a website that has a legitimate use for Javascript, then the user can easily enable it for that site. The trivial use cases include Kongregate, Newgrounds, and flash-portal game sites.
In all other cases, the website should maintain basic function in the event the browser doesn't activate Javascript. In fact, both examples I listed above still function without JS enabled, as you can head to the game's page before you need to turn on scripts.
I've done it for quite a long time. Got tired of rogue advertisers redirecting the page to "update java", and I've only enabled sites that actually require Javascript. If it requires Javascript unnecessarily, then I don't need to visit that site as much.
Under normal situations (power outages don't count), Visa and Mastercard rules prohibit asking for ID as part of credit card transactions. Such ID may only be required if it's required to complete the transaction itself, not because they use the card.
That's why one should build "live code" outside a normal work environment.
Perhaps you wrote a bandwagon incremental game on your spare time. If you have that game on any public-play website, it counts as live, and you can demonstrate your work.
I've had browsers bleed username information across websites, as those browsers seem to add features well before thinking about the consequences. Having credit card stuff stored in-browser makes it just as secure as anything else the browser does (i.e. not very secure).
Also, it's not supposed to be auto-saved, since credit cards are supposed to be in your possession when you use them, rather than still being in the wallet found on a dresser. As much as it is "inconvenient", this really should be the normal paradigm.
Being "right more than being wrong" can be technically correct with 50.1% accuracy, and also includes taking stuff from other sources (i.e. not 4chan.) Even tabloids can meet this level of accuracy simply by having enough true stories while still having subjective op-ed presented as fact, or having the front page being what amounts to "fiance's looks at girl's photo is stunned" clickbait.
4chan has done good things in the past, helping track down individuals (although any high-volume public messageboard can do the same). The actual challenge is finding a way to contain false information, or witchhunts against the wrong targets (as what happened with the Boston Marathon bombing).
That's pretty much easy if you have full control over both the hardware and sofftware design. You can see the same pattern with the Commodore Amiga or other standard pre-fab home computers, where everything has a specific standard to follow, and everything had a specific design.
It was only an advantage in the short-term versus the PC, which was much less standardized in what could be included or developed for it, and had a baseline that only required a keyboard+monitor (mouse required a driver). Once devices started to support plug and play and the tech matured over a few years, PCs wouldn't be as hobbled by configuration problems. .
"Is the world ready for flying cars?" is just like asking if the world is ready for helicopters.
Given how you've seen most people drive, it's just as unlikely they'll safely pilot aircraft either. You'll have long stretches of crashed vehicles, and so on.
The point is to say "Hi, we're so skilled and want funding". Who cares about doing proper research, we're just doing enough to make a pretty 190 page document. Slightly more useful is a document that helps instruct new programmers on information on how to harden code, as opposed to a comparison on which features browsers implement.
My opinion on the research itself: A quick scan on the document doesn't have mention of "Punycode", which was a semi-recent vulnerability which is rather important. Comparing the speed at handling that issue gives a good indicaton on the health of the browser. (For reference, Chrome, Edge and Pale Moon fix the issue. Meanwhile, Firefox fails despite an alternate version working fine. You can test you browser yourself by visitng Apple.com to see the secure lock symbol.)
HTTP Compared to FTP:
HTTP may be easier to implement in the most basic format since you only have one task to worry about. However, modern browsers expect things like Access-Control-Allow-Origin, which you won't know about until you stumble upon it by accident.
Anyone can make an idea, whether it's something like cheap space flight, teleportation, cure for the common cold, cold fusion, perpetual motion machines, and so on. Some of these may be impractical, but they still exist and are unclaimed.
Given that the article-linked paper is behind some paywall, this makes it hard to create questions, whether it's methodology or actual cause.
It could be that researching the new stuff takes extra time to verify, or that the newer stuff requires very delicate processes that slow things down. It could also be substandard education (e.g. giving Grade 7 word searches with only horizontal words), or general anti-intellectualism that saps the ability to work properly.
That's why this article feels like conclusion jumping.
Protip: If someone knows enough about HTTPS to successfully do a MitM without the browser squaking, then they're not likely they're going to be hacked by their own MitM method.
Modern "hacking" attempts instead rely on other social engineering routes, such as the Punycode URL showing up as "Secure" and on apple.com, with the user being unable to tell if something is wrong. The other common route is using a browser exploit to automatically execute code, as done for two consecutive decades.
So before you complain about insecure activity by someone who knows what they're doing, maybe you should do some work in dampening well known browser exploits.
If you've got malware, you're screwed regardless of whether it can alter your certificate stores.
If the Mitm just sees the bits transmitted between two points, there won't be a problem. However, the MitM attack wants the decoded information, and that requires cracking SSL.
The operating system (or browser) has a set of public root certificates, all of which are used to verify a chain of trust of other certificates. The theory is that the SSL certificate is authentic towards an intermediate certificate, and in turn is authentic to a root certificate.
In a MitM attack, an SSL certificate is generated but doesn't validate correctly if checked against the intermediate certificate. Alternatively, it could be valid, but not towards a certificate known by the client.