> as his earnings from any assets he may hold in the buffer corporation such as interest from stock or dividends paid.
Fyi stocks pay dividends, bonds (loans) pay interest. If someone loaned the company $100,000 and they are being paid 4% interest on that loan, that's an entirely separate transaction from whether the person is also an employee of the company. If the company issued bonds, anyone, any employee or non-employee can buy that bond (make the loan) and be paid interest on the money they loaned.
Similarly, anyone who wants to put up some money and buy stock can do so. Any dividends earned are earnings from the money they put up, which is seperate from if they are employed by the company. You can buy General Electric stock today and get paid dividends as an owner of GE. Btw this is how the vast majority of millionaires BECOME millionaires - buying a bit of stock each month, typically through a mutual fund.
Ideally, one would treat investment in their future the same as taxes as withheld - allocate 10% of your paycheck to investment off the top, BEFORE you make your budget. Invest first, then decide if you can afford the Ultra Deluxe 400 channel HD cable package or you need to stick with Deluxe 160 channel.
You're right, of course, a troll says something ridiculous to draw attention and stimulate angry responses.
This guy says something ridiculous to draw attention and stimulate responses.
By stating upfront that his proposal isn't serious and he's using the concept to stimulate discussion, he's not really trolling. Anyone who read the summary knows it's not a law that's going to be passed, so anybody with a clue won't be posting an ANGRY response. I used the word (after first redefining it specifically in response to the following post:
> With the low fine, and unconstitutionality, it seems like this rep is trolling us. How can he possibly be serious?
The $20 fine etc (and his statement) does indeed indicate he's not serious about passing the bill into law. Therefore, according to the person I replied to, he must be "trolling".
In other words... That chili dog "kicked my ass". The lawmaker is trolled the citizens.
The chili dot does not have feet, so it did not in fact kick anything. That chili dog caused bodily pain, as a kick in the ass would. The rep isn't literally trolling; he's making a ridiculous statement in order to draw attention and stimulate discussion, as a troll would.
The fine summary at the top of this page says he doesn't intend to actually push the bill to pass and the representative says "It's purely my intent to get a discussion going out there, asking people to be more respectful ".
So yes, he's trying to get a discussion going, aka trolling. That appears to have worked because here we are discussing it.
The you understand about their code in this case, the more stupid you see. Most flaws I can understand, someone overlooked something. These people at Trend Micro were beyond incompetent, utterly clueless.
Security professionals do exist who have been securing (and breaking) systems since the early days of the web. If you're a security company, hire a few of those people. Not only will they help you write software that doesn't stupidly open all of your customers to remote code execution, but by understanding how to write software that doesn't break when someone is trying to break it, we can also help you how to write software that doesn't break accidentally - reliable software.
If you're not a security company, but write web-enabled software, at least get someone qualified to spend an hour or two with you at key points in your design and implementation process. Suppose you have me come by for an hour meeting to go over the high-level architecture of your project, a meeting or two to address the lynch pin function(s) (encryption, authentication), and I spend an hour or two looking over the final product. Suppose you got someone who charges $200/hour ($300 in California). You only need them for about 4 hours to get 80% of the benefit, so that's about $800 to make your software much more reliable while avoiding the $100 million fuck ups.
They don't state that they've ignored inflation, so the reader might reasonably assume they're communicating useful (real) numbers. However, they show wage growth of 234%. That's ten times the real (inflation-adjusted) growth. So yeah, they lied to you.
According to NASA chief Charles Bolden, being inspirational, making certain people "feel good", is the "foremost" priority Obama set for NASA . Bolden says:
"When I became the NASA administrator -- or before I became the NASA administrator -- he [Obama] charged me with three things. One was he wanted me to help re-inspire children to want to get into science and math, he wanted me to expand our international relationships, and third, and perhaps foremost, he wanted me to find a way to reach out to the Muslim world and engage much more with dominantly Muslim nations to help them feel good".
To the extent that it scores data the police already have, such as arrest history, etc., I think it will be more fair than the traditional subjective "the usual suspects". Cops often know who the bad guys on their beat are. They use that knowledge in a very fuzzy, subjective way.
In some cases, a cop decides that someone "seems shady" based on extremely poor "evidence". A numerical score would be much more objective and therefore more fair, representing the ACTUAL risk based on the information available.
Factoring in social media posts and connections feels pretty creepy, though. If on Facebook you're friends with some bad guys, does that actually mean police should consider you more suspicious? On the other hand, for centuries cops have noticed who hangs out with who. If you hang out with gang-bangers, and you talk like a gang-banger, you might be a gang-banger, they think. Applying actual objective numbers to that may not be as bad as it first sounds.
> And he calls himself a conservative. I am tired of these people who claim to be conservative, complaining about big government, and then turning out to be power-hungry hypocrites.
I've made that point calling conservative talk radio, and I called and said that to my House representative when he visited the local radio station. I hope you and others do the same.
Okay, what do you do for a living? I'll give you some ideas on how to do that.
> Decide?
Yes, make a friggin decision for yourself, for your own life. You -can- let other people make the decisions for you, which is easier, but of course that way you don't always get your preference. It's a balance with each decision.
You may be of the opinion that the OS doesn't matter but after billions and billions of dollars MS spent on development and marketing, they don't buy phones with Windows on them.
> or Android could have easily been BSD based.
And every Dell, HP, and Compaq desktop could have easily be running Mac, had Apple chosen to allow that. Mitt Romney could have president. That's not what happened.
80% of computers sold last year were SOCs (mobiles). Another x% were servers. So the desktop market is maybe 15% of the market. More Linux systems were sold last year than Windows systems and the trend is increasing each year.
With that said, who said Linux doesn't matter on the desktop? It matters on MY desktop, and has for 15 years. For most of the last 15 years, I worked for an information security company, so Microsoft software was not allowed on the company network. All desktops and laptops were Linux, no as were some firewalls, load balancers, most servers, etc.
You CAN use a bleeding-edge distro but you don't need to if you just want a new kernel. Unlike Windows, you can use a new kernel with an older userland or vice-versa. You can update the kernel without updating the "operating system". (Modulo fucking systemd.)
Your bootloader will let you choose the kernel when you boot, and you can set it to fallback to a known-good kernel, so there is little to no risk in trying different ones. I tend to keep the last three kernels I used, just because there is no reason not to./boot should be 200MB+ these days anyway.
There are a lot of tutorials about compiling kernels, but one point you'll want to know is that you can (and should) start with your old kernel config as a base. (There are many options you can configure in the kernel). The new kernel will probably work fine with the old config. Once you're happy that your new kernel is working fine, you can start changing some config and compiling another copy if you want to. There are many things you can choose to include in your kernel, exclude, or compile as a module. Compiling it as a module is best for most things on a desktop or laptop. The system will only load the hardware modules it needs, and any other modules can be loaded and unloaded as desired while the system is running. Compiling a module just gives you the OPTION to use it or not.
Items you need in order to access the disk should be compiled into the kernel. You can't load a module from disk if you can't yet access the disk.:)
You are of course welcome to your own opinions. The ARITHMETIC is that Americans today can afford more "stuff" than they could 50 years ago. Again, the average new house in the 1960s was 1600 square feet. Today, it's 2,600 square feet. Peopl can and do buy more house today than they used to. If you want to complain about the cost of housing that's fine; the fact is houses cost less than they used to (compared to wages).
Same thing for transportation- you can complain if you want. The fact is today's paychecks buy 40% more gas than 50 years ago. That's arithmetic, not opinion.
About $4 coffee vs 20 cent coffee. I was just about broke for many years. I didn't waste a lot of money, it just seemed the money always ran out right about the end of every month. Then I took some classes about money, read some books, and did a budget. In the last ten years, I've gotten pretty comfortable financially. My net worth has increased more than 1000%. One reason for that is that my budget showed how much I was spending on "lattes", on cable channels I never watched, on eating lunch at restaurants, etc. I decided I'd rather retire early with $1.5 million in the bank than drink latte. If you do a proper zero-based budget, you might be surprised at what you find. It's up to you - you can complain, or you can spend a few hours learning how 90% of millionaires become millionaires. Surprisingly, most earned less than $60,000 and the vast majority earned less than $100k. It has a lot to do with Starbucks vs 401k.
If you're in technology a 30-hour week is entirely doable if that's important to you. A lot of places would be glad to save a bit of money. If you've been at your current job for a while, you may have refined your processes such that you can accomplish your primary responsibilities in 30 hours and you spend the rest of your time helping out with secondary things. If so, you can talk to your boss about reducing hours (and pay) to only your main responsibilities. I did this before.
New startups often have a limited budget and limited need for certain expertise. They might very well be interested in a 30-hour dba, security professional, or other specialized person.
Lastly, tech offers an abundance of contract options. Many people work nine months per year. Contracting isn't for everyone, but many people really enjoy it.
> Does that include rent, fuel, insurance, and mortgages? > Only those are skyrocketing and not recorded
50 years ago, a gallon of gas cost 33 cents. If gas prices kept up with inflation (CPI), it would cost $2.48 today. I just passed a gas station and the sign says $1.87. So today's pay checks can buy MORE gas than the could 50 years ago.
You asked about mortgage / rent. Fifty years ago, the average home was 1,600 square feet. The average is now 2,600 square feet - people can afford much larger homes than they used to.
What's not represented in CPI is that the 1960s car needed a tuneup every few months (points, plugs, etc) while today's cars go 100,000 miles on a set of plugs. It doesn't represent the fact that 50 years ago, you had three channels in black and white while today you have 300 channels in HD.
I guess it's human nature to complain, but the simple fact is today we're spoiled compared to our parents and grandparents. Try wasting some food at an old person's house and you'll see they didn't grow up having plenty to waste like we do.
> Those things are all easily overcome by malware writers by testing against existing antivirus. If the Antivirus detects it, then keep changing the malware until the Antivirus doesn't detect it.
Those are called crypters and you're right, those are currently a significant problem for type-A, signature based AV. However, signature based is still useful. Consider all the Nigerian Prince scams and similar that you see. Most is immediately recognizable due to the grammar, etc. I would be absolutely trivial for the bad guys to defeat "grammar detection", but most don't bother. Similarly, while signature-based AV (and standard door locks) are easily defeated, they are still useful.
Heuristics-based (type 2) can't be so readily overcome by changing the malware. A type 2 detection engine scores on factors such as: Runs automatically at boot. (+2 points) Fake file extension like kittens.jpg.exe (+3 points) Alters system files (+2 points)
To change the software to avoid triggering this better type of engine, the bad guys have to make it -not- run automatically, not have a misleading name, and not alter the system. Keep going down that path and it's no longer malware, so a high-quality type 2 is a great thing to have. Further development in this area is worthwhile.
then we have type 3, which runs the software on a test machine and see if any damage is done. Type 3 looks directly at the EFFECTS, at what the software DOES. If it reads private files, it's rejected. If it automatically changes any existing files (cryptolocker) it's rejected, etc. "Change the malware until it's not detected" means "change it to no longer do anything bad", on a well-constructed type 3 system.
Since 1967, median real income (adjusted for inflation) has increased by 23%. That means that in order to have the same amount of spending money as people 50 years ago, you can work 23% less than they did.
Or you can work 40 hours and spend the extra money on Starbucks and Netflix HD. You can make coffee at home for 20 cents and work less, or you can buy coffee for $4 and work 40 hours.
It seems that most people decide to work about 40 hours.
I'm not GP, but you asked what part of your post is not true. This part:
> The problem with AV software is, it will only catch threats that are already known
That's true of SOME AV software. Other types use heuristics similar to spam filters to detect LIKELY threats (code that has been obfuscated in ways bad guys use, executables with names like *.com or *.jpg.exe, etc). Another type sometimes actually runs the code in a vm and looks for any changes to registry entries or files outside of the designated installation destination.
The third type is the most heavy-duty both in terms of effectiveness and resource usage, though in at least one case (Fireeye) the malware was able to escape the sandbox, turning the malware scanner into a major vulnerability.
That's a valid point. Before you connect a "thing" to the internet, it would be wise to think about what happens when it's hacked. Unless the code is written by someone trained in security and then reviewed by someone else well-trained, it is reasonably likely that it will eventually be hacked. Internet-connected TVs have been hacked, wifi cameras are frequently hacked...
In some ways it's unfortunate timing that the internet has become so pervasive at the same time that simple programming has become so easy you can write software without any training or experience. It's resulted in a lot of very bad and dangerous software on the internet.
Sometimes you're an asshole, sometimes you're clueless. Try not to be an asshole when you're clueless.
The case ( http://digitalcommons.law.scu.... ) accuses Shutterfly of violating Illinois state law. There is no federal legislation on the subject. It's being heard in the US District Court for Illinois because the Class Action Fairness Act allows a federal court to hear an interstate claim - Shutterfly is a Delaware corporation.
> as his earnings from any assets he may hold in the buffer corporation such as interest from stock or dividends paid.
Fyi stocks pay dividends, bonds (loans) pay interest.
If someone loaned the company $100,000 and they are being paid 4% interest on that loan, that's an entirely separate transaction from whether the person is also an employee of the company. If the company issued bonds, anyone, any employee or non-employee can buy that bond (make the loan) and be paid interest on the money they loaned.
Similarly, anyone who wants to put up some money and buy stock can do so. Any dividends earned are earnings from the money they put up, which is seperate from if they are employed by the company. You can buy General Electric stock today and get paid dividends as an owner of GE. Btw this is how the vast majority of millionaires BECOME millionaires - buying a bit of stock each month, typically through a mutual fund.
Ideally, one would treat investment in their future the same as taxes as withheld - allocate 10% of your paycheck to investment off the top, BEFORE you make your budget. Invest first, then decide if you can afford the Ultra Deluxe 400 channel HD cable package or you need to stick with Deluxe 160 channel.
Yeah I'd bet the code looks like this:
save(msg, temp_file)
encrypt(temp_file, encrypted)
mail(encrypted)
delete(temp_file)
Retrieving the plaintext is therefore a matter of recovering the deleted temporary file.
You're right, of course, a troll says something ridiculous to draw attention and stimulate angry responses.
This guy says something ridiculous to draw attention and stimulate responses.
By stating upfront that his proposal isn't serious and he's using the concept to stimulate discussion, he's not really trolling. Anyone who read the summary knows it's not a law that's going to be passed, so anybody with a clue won't be posting an ANGRY response. I used the word (after first redefining it specifically in response to the following post:
> With the low fine, and unconstitutionality, it seems like this rep is trolling us. How can he possibly be serious?
The $20 fine etc (and his statement) does indeed indicate he's not serious about passing the bill into law. Therefore, according to the person I replied to, he must be "trolling".
In other words ...
That chili dog "kicked my ass".
The lawmaker is trolled the citizens.
The chili dot does not have feet, so it did not in fact kick anything. That chili dog caused bodily pain, as a kick in the ass would. The rep isn't literally trolling; he's making a ridiculous statement in order to draw attention and stimulate discussion, as a troll would.
The fine summary at the top of this page says he doesn't intend to actually push the bill to pass and the representative says "It's purely my intent to get a discussion going out there, asking people to be more respectful ".
So yes, he's trying to get a discussion going, aka trolling. That appears to have worked because here we are discussing it.
The you understand about their code in this case, the more stupid you see. Most flaws I can understand, someone overlooked something. These people at Trend Micro were beyond incompetent, utterly clueless.
Security professionals do exist who have been securing (and breaking) systems since the early days of the web. If you're a security company, hire a few of those people. Not only will they help you write software that doesn't stupidly open all of your customers to remote code execution, but by understanding how to write software that doesn't break when someone is trying to break it, we can also help you how to write software that doesn't break accidentally - reliable software.
If you're not a security company, but write web-enabled software, at least get someone qualified to spend an hour or two with you at key points in your design and implementation process. Suppose you have me come by for an hour meeting to go over the high-level architecture of your project, a meeting or two to address the lynch pin function(s) (encryption, authentication), and I spend an hour or two looking over the final product. Suppose you got someone who charges $200 /hour ($300 in California). You only need them for about 4 hours to get 80% of the benefit, so that's about $800 to make your software much more reliable while avoiding the $100 million fuck ups.
They don't state that they've ignored inflation, so the reader might reasonably assume they're communicating useful (real) numbers. However, they show wage growth of 234%. That's ten times the real (inflation-adjusted) growth. So yeah, they lied to you.
According to NASA chief Charles Bolden, being inspirational, making certain people "feel good", is the "foremost" priority Obama set for NASA . Bolden says:
"When I became the NASA administrator -- or before I became the NASA administrator -- he [Obama] charged me with three things. One was he wanted me to help re-inspire children to want to get into science and math, he wanted me to expand our international relationships, and third, and perhaps foremost, he wanted me to find a way to reach out to the Muslim world and engage much more with dominantly Muslim nations to help them feel good".
To the extent that it scores data the police already have, such as arrest history, etc., I think it will be more fair than the traditional subjective "the usual suspects". Cops often know who the bad guys on their beat are. They use that knowledge in a very fuzzy, subjective way.
In some cases, a cop decides that someone "seems shady" based on extremely poor "evidence". A numerical score would be much more objective and therefore more fair, representing the ACTUAL risk based on the information available.
Factoring in social media posts and connections feels pretty creepy, though. If on Facebook you're friends with some bad guys, does that actually mean police should consider you more suspicious? On the other hand, for centuries cops have noticed who hangs out with who. If you hang out with gang-bangers, and you talk like a gang-banger, you might be a gang-banger, they think. Applying actual objective numbers to that may not be as bad as it first sounds.
Most of the charts on that page ignore inflation, which was over 10% PER YEAR in the 1970s. Lying with statistics indeed.
The penis, mightier than the sword.
> And he calls himself a conservative. I am tired of these people who claim to be conservative, complaining about big government, and then turning out to be power-hungry hypocrites.
I've made that point calling conservative talk radio, and I called and said that to my House representative when he visited the local radio station. I hope you and others do the same.
> Indeed. But don't forget that increase stopped sometime in the '70s.
Actually almost half of that 23% increase is after 1984.
Here's a chart from the St Louis Federal Reserve for you:
https://research.stlouisfed.or...
> I'd happily work 5 hours less a week
Okay, what do you do for a living? I'll give you some ideas on how to do that.
> Decide?
Yes, make a friggin decision for yourself, for your own life. You -can- let other people make the decisions for you, which is easier, but of course that way you don't always get your preference. It's a balance with each decision.
> But I can't
If you decide you can't, you're probably right.
You may be of the opinion that the OS doesn't matter but after billions and billions of dollars MS spent on development and marketing, they don't buy phones with Windows on them.
> or Android could have easily been BSD based.
And every Dell, HP, and Compaq desktop could have easily be running Mac, had Apple chosen to allow that. Mitt Romney could have president. That's not what happened.
80% of computers sold last year were SOCs (mobiles). Another x% were servers. So the desktop market is maybe 15% of the market. More Linux systems were sold last year than Windows systems and the trend is increasing each year.
With that said, who said Linux doesn't matter on the desktop? It matters on MY desktop, and has for 15 years. For most of the last 15 years, I worked for an information security company, so Microsoft software was not allowed on the company network. All desktops and laptops were Linux, no as were some firewalls, load balancers, most servers, etc.
You CAN use a bleeding-edge distro but you don't need to if you just want a new kernel. Unlike Windows, you can use a new kernel with an older userland or vice-versa. You can update the kernel without updating the "operating system". (Modulo fucking systemd.)
Your bootloader will let you choose the kernel when you boot, and you can set it to fallback to a known-good kernel, so there is little to no risk in trying different ones. I tend to keep the last three kernels I used, just because there is no reason not to. /boot should be 200MB+ these days anyway.
There are a lot of tutorials about compiling kernels, but one point you'll want to know is that you can (and should) start with your old kernel config as a base. (There are many options you can configure in the kernel). The new kernel will probably work fine with the old config. Once you're happy that your new kernel is working fine, you can start changing some config and compiling another copy if you want to. There are many things you can choose to include in your kernel, exclude, or compile as a module. Compiling it as a module is best for most things on a desktop or laptop. The system will only load the hardware modules it needs, and any other modules can be loaded and unloaded as desired while the system is running. Compiling a module just gives you the OPTION to use it or not.
Items you need in order to access the disk should be compiled into the kernel. You can't load a module from disk if you can't yet access the disk. :)
You are of course welcome to your own opinions. The ARITHMETIC is that Americans today can afford more "stuff" than they could 50 years ago. Again, the average new house in the 1960s was 1600 square feet. Today, it's 2,600 square feet. Peopl can and do buy more house today than they used to. If you want to complain about the cost of housing that's fine; the fact is houses cost less than they used to (compared to wages).
Same thing for transportation- you can complain if you want. The fact is today's paychecks buy 40% more gas than 50 years ago. That's arithmetic, not opinion.
About $4 coffee vs 20 cent coffee. I was just about broke for many years. I didn't waste a lot of money, it just seemed the money always ran out right about the end of every month. Then I took some classes about money, read some books, and did a budget. In the last ten years, I've gotten pretty comfortable financially. My net worth has increased more than 1000%. One reason for that is that my budget showed how much I was spending on "lattes", on cable channels I never watched, on eating lunch at restaurants, etc. I decided I'd rather retire early with $1.5 million in the bank than drink latte. If you do a proper zero-based budget, you might be surprised at what you find. It's up to you - you can complain, or you can spend a few hours learning how 90% of millionaires become millionaires. Surprisingly, most earned less than $60,000 and the vast majority earned less than $100k. It has a lot to do with Starbucks vs 401k.
If you're in technology a 30-hour week is entirely doable if that's important to you. A lot of places would be glad to save a bit of money. If you've been at your current job for a while, you may have refined your processes such that you can accomplish your primary responsibilities in 30 hours and you spend the rest of your time helping out with secondary things. If so, you can talk to your boss about reducing hours (and pay) to only your main responsibilities. I did this before.
New startups often have a limited budget and limited need for certain expertise. They might very well be interested in a 30-hour dba, security professional, or other specialized person.
Lastly, tech offers an abundance of contract options. Many people work nine months per year. Contracting isn't for everyone, but many people really enjoy it.
> Does that include rent, fuel, insurance, and mortgages?
> Only those are skyrocketing and not recorded
50 years ago, a gallon of gas cost 33 cents. If gas prices kept up with inflation (CPI), it would cost $2.48 today. I just passed a gas station and the sign says $1.87. So today's pay checks can buy MORE gas than the could 50 years ago.
You asked about mortgage / rent. Fifty years ago, the average home was 1,600 square feet. The average is now 2,600 square feet - people can afford much larger homes than they used to.
What's not represented in CPI is that the 1960s car needed a tuneup every few months (points, plugs, etc) while today's cars go 100,000 miles on a set of plugs. It doesn't represent the fact that 50 years ago, you had three channels in black and white while today you have 300 channels in HD.
I guess it's human nature to complain, but the simple fact is today we're spoiled compared to our parents and grandparents. Try wasting some food at an old person's house and you'll see they didn't grow up having plenty to waste like we do.
> Those things are all easily overcome by malware writers by testing against existing antivirus. If the Antivirus detects it, then keep changing the malware until the Antivirus doesn't detect it.
Those are called crypters and you're right, those are currently a significant problem for type-A, signature based AV. However, signature based is still useful. Consider all the Nigerian Prince scams and similar that you see. Most is immediately recognizable due to the grammar, etc. I would be absolutely trivial for the bad guys to defeat "grammar detection", but most don't bother. Similarly, while signature-based AV (and standard door locks) are easily defeated, they are still useful.
Heuristics-based (type 2) can't be so readily overcome by changing the malware. A type 2 detection engine scores on factors such as:
Runs automatically at boot. (+2 points)
Fake file extension like kittens.jpg.exe (+3 points)
Alters system files (+2 points)
To change the software to avoid triggering this better type of engine, the bad guys have to make it -not- run automatically, not have a misleading name, and not alter the system. Keep going down that path and it's no longer malware, so a high-quality type 2 is a great thing to have. Further development in this area is worthwhile.
then we have type 3, which runs the software on a test machine and see if any damage is done. Type 3 looks directly at the EFFECTS, at what the software DOES. If it reads private files, it's rejected. If it automatically changes any existing files (cryptolocker) it's rejected, etc. "Change the malware until it's not detected" means "change it to no longer do anything bad", on a well-constructed type 3 system.
Since 1967, median real income (adjusted for inflation) has increased by 23%. That means that in order to have the same amount of spending money as people 50 years ago, you can work 23% less than they did.
Or you can work 40 hours and spend the extra money on Starbucks and Netflix HD. You can make coffee at home for 20 cents and work less, or you can buy coffee for $4 and work 40 hours.
It seems that most people decide to work about 40 hours.
I'm not GP, but you asked what part of your post is not true. This part:
> The problem with AV software is, it will only catch threats that are already known
That's true of SOME AV software. Other types use heuristics similar to spam filters to detect LIKELY threats (code that has been obfuscated in ways bad guys use, executables with names like *.com or *.jpg.exe, etc). Another type sometimes actually runs the code in a vm and looks for any changes to registry entries or files outside of the designated installation destination.
The third type is the most heavy-duty both in terms of effectiveness and resource usage, though in at least one case (Fireeye) the malware was able to escape the sandbox, turning the malware scanner into a major vulnerability.
That's a valid point. Before you connect a "thing" to the internet, it would be wise to think about what happens when it's hacked. Unless the code is written by someone trained in security and then reviewed by someone else well-trained, it is reasonably likely that it will eventually be hacked. Internet-connected TVs have been hacked, wifi cameras are frequently hacked ...
In some ways it's unfortunate timing that the internet has become so pervasive at the same time that simple programming has become so easy you can write software without any training or experience. It's resulted in a lot of very bad and dangerous software on the internet.
> This case may actually be in Federal Court under the Class Action Fairness Act of 2005
Indeed the plaintiff claims federal jurisdiction under Class Action Fairness Act.
http://digitalcommons.law.scu....
Sometimes you're an asshole, sometimes you're clueless. Try not to be an asshole when you're clueless.
The case (
http://digitalcommons.law.scu.... ) accuses Shutterfly of violating Illinois state law. There is no federal legislation on the subject. It's being heard in the US District Court for Illinois because the Class Action Fairness Act allows a federal court to hear an interstate claim - Shutterfly is a Delaware corporation.