"Self", I said, "you haven't been feeling fully integrated into today's online society. What could you do to make sure that a major corporation with a history of disdain for its users and their privacy could come to have possession of your financial data? Banks are so old fashioned. Your checking account should be social!"
No, it's because the credit card company takes a cut of card transactions
I have a hard time with that. An off-the-shelf solution like Square charges 2.75% without negotiation. I'd think a cabbie would rather collect 97.25% of the bill than 100% of nothing.
I don't take Uber (or more often: Lyft) because it's cheaper. I use these services because 1) the car actually shows up, 2) when it's supposed to, and 3) I know ahead of time how much it will cost. Even if it's a couple of bucks more, that's well worth the vastly better customer service.
Apple isn't responsible for banks' security or lack thereof. Some backs apparently let you activate any card you have the information off of. My credit union (not an employee, just a very happy customer) went live with Apple Pay this morning and it was nothing like the story described. I added my debit card, and the Passbook app popped up a notice that I had to call my CU, including a button to push to dial them. The customer service rep asked for my "phone and chat authorization password", which is a password they required me to set up earlier and is not the same as my banking login password. Then she asked me to describe my most recent debit card purchase and for the name of the company that direct deposits my salary. Only then did she authorize my debit card for Apple Pay.
It was mildly inconvenient in exactly the way I want my banking security to be. It wasn't enough for me to take a picture of some random credit card I'd found. Instead, I had to call my CU and convince an actual human that I'm who I claim to be. It wasn't perfect, sure: she didn't require a DNA sample or a retina scan, but it was vastly more secure than any other debit or credit card transaction I've ever made before.
Some banks (again, not Apple) are playing fast and loose with security for the short term convenience of their users. It sucks in the long term, sure, when the bank lets a thief authorize a stolen debit card and their customer has to get a new one issued, but someone did the math and decided this was a good idea. That's a problem with those banks, though, and not a design flaw in the system. Apple can't do much to improve that unless they wanted to man-in-the-middle security checks between a bank and its customers.
My TV would probably cost $40,000 a decade ago. My iPhone would be a $30,000 workstation in the 90s. The NAS in my living room is $900,000 worth of storage in 1998 dollars. To your contrary, I think people have a perfectly reasonable expectation of low and dropping prices.
More of this, please. Don't demoralize a new programmer who doesn't have the experience to choose well between two similar-sounding options.
It's probably more appropriate to be direct and concise in those cases, as otherwise you'd have all your time sucked away.
Agreed, but with a reminder that "direct and concise" is different from "asshole". You can say "thanks for the patch, but it conflicts with our long-term design goals and we can't accept it" is not the same as "LOL nope".
It gets weird. Some FLOSS projects stop because the work is "done". I have such a project myself that does data conversions from one database to another, and several distro download counters say it has quite a few thousand installations worldwide. And yet, I only touch the code when a bug report comes in. Other than that, it's more or less finished. It does what the label says, quickly and reliably. Many people use it in production. There's just not a whole lot that can be done to improve it other than succumbing to featuritis and adding a lot of bells and whistles.
Few commercial projects would hit this point because most rely on upgrade sales. I don't, so there's no incentive to push ahead. I suspect that's the case with many FLOSS projects which have scratched their itch. Why keep scratching?
Not a particularly hard problem. Take the round trip time, and divide by two.
You're presuming a symmetrical link, which isn't a reasonable assumption for any nontrivial network setup. Your client may only have one path to the server, but the server may have a hundred load-balanced paths back. Or imagine a very asymmetric link like almost any cable or DSL connection. When you're dealing with milliseconds, these are practical questions and not hypothetical nitpicking.
No, really, it's not. A Git clone has 100% of the information required to serve as the master for any number of other repos. Every copy is as good as "the original". In fact, Git doesn't even have a concept of "the original", just repos that you fetch commits from.
The problem with this approach is that the only people who actually use government transparency are other politicians, mainly to dig up dirt, and lobbyists -- it makes their job so much easier when they can confirm that a politician remains bought.
Well, and those pesky little exceptions like the ACLU and EFF who file a constant stream of FOIA requests so they can verify that officials are obeying their promises and the law. But except for watchdog groups, other politicians, and lobbyists, no one is monitoring politicians. Oh, them and the State Department, who wanted to see both sides of email conversations that former Secretary of State Clinton was involved in.
But yes, other than watchdog groups, other politicians, lobbyists, and cabinet-level government departments, no one is actually checking these things. Well, those guys and...
This is why nearly all laptops from all other companies have 2-4 USB ports, a display out, a network jack, and a headphone jack.
Ugh. I hate those legacy laptops with a hundred different connectors you have to manage every time you sit down to your desk or leave it, with one invariably falling behind the desk so that you have to go fishing. My favorite work environment was with a MacBook Air and a Thunderbolt Display. The display has one cable with two split ends that you plug into the laptop: one for power, and one for combined video / USB / Ethernet / audio. All of the permanent wiring like USB drives, Ethernet, etc. plugs into the monitor which acts like a hub for everything else.
I'd stake money that the next iteration will combine all of that into a single USB C cable. Get to work, unpack my laptop, plug in a single reversible jack, and sit down to all my wired accessories? Yes please.
I am not an Obama supporter. I did not vote for him, donate to him, or otherwise assist his campaign. And yet, I'd give him a pass if this is the only reason he'd have for knowing that she had a private server. When I email someone, I typically don't have the foggiest idea whether that address is served by Google, Yahoo, the CIA, or a Pentium in their basement. While her email address wasn't @state.gov, I wouldn't put it past a government official to think, "oh, wonder how she got State to set that up for her?" and then never thinking about it again.
No. This was the email address she used for official state business. By law that is owned by the government and not by the individuals involved. This whole thing came up recently because there is evidence "that she has not been forthright in turning over the official e-mails as requested", such as other parties dutifully turning over their emails which were in reply to something she'd sent, but the referenced email not being present in the files she submitted.
He data also remains under HER control, HER ownership
That's cute, except that it's not her data. That data is owned by the American people via its government, as are all official communications. When you're an officeholder, you don't "own" your official email.
The biggest difference is that no one gives a shit about your toy server, but they might have a fuckload of interest in the personal server of a US Senator and Secretary of State. Yes, I believe that State Department is likely to have better security than the random dipshit she seems to have hired who snagged a cheap GoDaddy cert. It's almost certainly going to have better availability, backup, and disaster recovery.
It is absolutely, 100% not acceptable to run state secrets through a personally maintained server that seems to exist only for the legal reason of giving the owner 4th amendment privacy rights. An officeholder acting in official capacity should have zero expectation of privacy from the organizations they work for. I'm "picking on poor ol' Hillary" for having every appearance of attempting to circumvent disclosure laws.
If you don't have it, you'll make bad decisions. For example, answer the question, "should I use framework A, or should I write some code myself?" If you can't estimate how long it will take to use the framework and compare it to how long it will take to write the code yourself, then it is impossible to make a realistic decision.
That's a bad example because that's almost never my criteria. I could write my own framework almost as quickly as I could suss out the quirks of someone else's, and that's usually a teensy part of the overall project lifetime anyway. Instead, I judge on things like "do I want to spend the rest of my time here maintaining this thing?" and "who's going to own security updates?" and "will it be easier to hire people with experience on this one or on the one I haven't written yet?". Sometimes there's no good framework A to use, or maybe framework A exists and is popular but is unfit for this specific purpose, so we write something in-house. Either way, notice that "time to get started" is a trivial or nonexistent part of the equation.
Save me a seat at the table. I think these screenshots look like a nice update. This is timely to me because I was stuck in a meeting this week and looking at the presenter's projected Windows 7 desktop, and thinking of how ugly and unhelpful the current icon set is. Have you ever actually looked at the Outlook icon? It's a big "O" and a faint envelope in orange on a yellow background. Unless you've used it enough to associate that with Outlook, you wouldn't make the connection. The Mac Outlook icon is a lot simpler, nicer, and more visually obvious. The rest of his toolbar icons were the same: shapeless, indistinct, and unappealing. I like these new ones a lot more.
To the "change for change's sake!" Luddites: this isn't that. The Windows 8 Metro desktop abomination is that. This is a company updating its visual components to meet the expectations of the day. Everyone does this. Food labels change. Magazine layouts change. Car styling changes. Furniture colors change. Clothes change. Why do you think Windows icons should look the same for eternity? And spare me the "it's confusing!" whining - a file folder is still instantly recognizable as a file folder. Its look has evolved, but it's still the same basic shape and color.
Mark today on a calendar: I defended Windows's visual appearance. I never thought that would happen.
As long as we're throwing out irrelevant information, there's also a Keystone Beer, the Keystone Cops, and Pennsylvania. Neither these nor the existence of a Keystone Pipeline on a different route changes the fact that someone wants to build a pipeline where there isn't one today. I think it's intellectually honest to minimize this as "they're just extending something that's already there!", when in reality the proposal is to build a brand new pipeline 1,179 miles long along a new path.
That's an "extension" in the same way that I-70 is an "extension" to I-80 because you can take either one from Denver to Chicago, except that those routes are about 150 miles short than the XL would be. You should be ashamed for trying to make it seem otherwise.
2500? That's still over twice the national average.
So are salaries. And while rent costs more, everything you can order off Amazon costs exactly the same. That big TV doesn't care whether you're in SJC or ATL.
I SAW the rents at 7000/month.
I've seen cars that cost $2 million, but no one I know is paying that.
Ah, but DDG has !bangs, so you can... duck?... for "!g foo" to get the Google results instead. I spent a few days acclimating to DDG and now use it for almost everything, falling back to Google for the 1% of the time when I don't get the results I expect. Also works for a few hundred other things, including the old green mare herself: "!/. foo" searches Slashdot.
but i'm wondering what the big value is of encrypting data that would probably just contain someone saying "channel 77" or whatever the voice commands like that are.
This is backward. What is the big value of not encrypting it, given that the data payloads are small enough not to require massive CPU resources to do so?
Encryption everywhere is the sane default and should only be removed when there's a clear reason to do so. You don't ever have to justify why to add encryption to something; you're expected to justify removing it.
Slashdot Mirror
"Self", I said, "you haven't been feeling fully integrated into today's online society. What could you do to make sure that a major corporation with a history of disdain for its users and their privacy could come to have possession of your financial data? Banks are so old fashioned. Your checking account should be social!"
Today is a happy day indeed.
Is this not common in your country?
No, it's because the credit card company takes a cut of card transactions
I have a hard time with that. An off-the-shelf solution like Square charges 2.75% without negotiation. I'd think a cabbie would rather collect 97.25% of the bill than 100% of nothing.
Why is that? Is it because they want to earn money off the record and credit card transactions are logged?
I don't take Uber (or more often: Lyft) because it's cheaper. I use these services because 1) the car actually shows up, 2) when it's supposed to, and 3) I know ahead of time how much it will cost. Even if it's a couple of bucks more, that's well worth the vastly better customer service.
Apple isn't responsible for banks' security or lack thereof. Some backs apparently let you activate any card you have the information off of. My credit union (not an employee, just a very happy customer) went live with Apple Pay this morning and it was nothing like the story described. I added my debit card, and the Passbook app popped up a notice that I had to call my CU, including a button to push to dial them. The customer service rep asked for my "phone and chat authorization password", which is a password they required me to set up earlier and is not the same as my banking login password. Then she asked me to describe my most recent debit card purchase and for the name of the company that direct deposits my salary. Only then did she authorize my debit card for Apple Pay.
It was mildly inconvenient in exactly the way I want my banking security to be. It wasn't enough for me to take a picture of some random credit card I'd found. Instead, I had to call my CU and convince an actual human that I'm who I claim to be. It wasn't perfect, sure: she didn't require a DNA sample or a retina scan, but it was vastly more secure than any other debit or credit card transaction I've ever made before.
Some banks (again, not Apple) are playing fast and loose with security for the short term convenience of their users. It sucks in the long term, sure, when the bank lets a thief authorize a stolen debit card and their customer has to get a new one issued, but someone did the math and decided this was a good idea. That's a problem with those banks, though, and not a design flaw in the system. Apple can't do much to improve that unless they wanted to man-in-the-middle security checks between a bank and its customers.
My TV would probably cost $40,000 a decade ago. My iPhone would be a $30,000 workstation in the 90s. The NAS in my living room is $900,000 worth of storage in 1998 dollars. To your contrary, I think people have a perfectly reasonable expectation of low and dropping prices.
More of this, please. Don't demoralize a new programmer who doesn't have the experience to choose well between two similar-sounding options.
It's probably more appropriate to be direct and concise in those cases, as otherwise you'd have all your time sucked away.
Agreed, but with a reminder that "direct and concise" is different from "asshole". You can say "thanks for the patch, but it conflicts with our long-term design goals and we can't accept it" is not the same as "LOL nope".
It gets weird. Some FLOSS projects stop because the work is "done". I have such a project myself that does data conversions from one database to another, and several distro download counters say it has quite a few thousand installations worldwide. And yet, I only touch the code when a bug report comes in. Other than that, it's more or less finished. It does what the label says, quickly and reliably. Many people use it in production. There's just not a whole lot that can be done to improve it other than succumbing to featuritis and adding a lot of bells and whistles.
Few commercial projects would hit this point because most rely on upgrade sales. I don't, so there's no incentive to push ahead. I suspect that's the case with many FLOSS projects which have scratched their itch. Why keep scratching?
Not a particularly hard problem. Take the round trip time, and divide by two.
You're presuming a symmetrical link, which isn't a reasonable assumption for any nontrivial network setup. Your client may only have one path to the server, but the server may have a hundred load-balanced paths back. Or imagine a very asymmetric link like almost any cable or DSL connection. When you're dealing with milliseconds, these are practical questions and not hypothetical nitpicking.
No, really, it's not. A Git clone has 100% of the information required to serve as the master for any number of other repos. Every copy is as good as "the original". In fact, Git doesn't even have a concept of "the original", just repos that you fetch commits from.
The problem with this approach is that the only people who actually use government transparency are other politicians, mainly to dig up dirt, and lobbyists -- it makes their job so much easier when they can confirm that a politician remains bought.
Well, and those pesky little exceptions like the ACLU and EFF who file a constant stream of FOIA requests so they can verify that officials are obeying their promises and the law. But except for watchdog groups, other politicians, and lobbyists, no one is monitoring politicians. Oh, them and the State Department, who wanted to see both sides of email conversations that former Secretary of State Clinton was involved in.
But yes, other than watchdog groups, other politicians, lobbyists, and cabinet-level government departments, no one is actually checking these things. Well, those guys and...
USB-C. It's actually designed to carry all the things you've mentioned.
This is why nearly all laptops from all other companies have 2-4 USB ports, a display out, a network jack, and a headphone jack.
Ugh. I hate those legacy laptops with a hundred different connectors you have to manage every time you sit down to your desk or leave it, with one invariably falling behind the desk so that you have to go fishing. My favorite work environment was with a MacBook Air and a Thunderbolt Display. The display has one cable with two split ends that you plug into the laptop: one for power, and one for combined video / USB / Ethernet / audio. All of the permanent wiring like USB drives, Ethernet, etc. plugs into the monitor which acts like a hub for everything else.
I'd stake money that the next iteration will combine all of that into a single USB C cable. Get to work, unpack my laptop, plug in a single reversible jack, and sit down to all my wired accessories? Yes please.
I am not an Obama supporter. I did not vote for him, donate to him, or otherwise assist his campaign. And yet, I'd give him a pass if this is the only reason he'd have for knowing that she had a private server. When I email someone, I typically don't have the foggiest idea whether that address is served by Google, Yahoo, the CIA, or a Pentium in their basement. While her email address wasn't @state.gov, I wouldn't put it past a government official to think, "oh, wonder how she got State to set that up for her?" and then never thinking about it again.
No. This was the email address she used for official state business. By law that is owned by the government and not by the individuals involved. This whole thing came up recently because there is evidence "that she has not been forthright in turning over the official e-mails as requested", such as other parties dutifully turning over their emails which were in reply to something she'd sent, but the referenced email not being present in the files she submitted.
He data also remains under HER control, HER ownership
That's cute, except that it's not her data. That data is owned by the American people via its government, as are all official communications. When you're an officeholder, you don't "own" your official email.
The biggest difference is that no one gives a shit about your toy server, but they might have a fuckload of interest in the personal server of a US Senator and Secretary of State. Yes, I believe that State Department is likely to have better security than the random dipshit she seems to have hired who snagged a cheap GoDaddy cert. It's almost certainly going to have better availability, backup, and disaster recovery.
It is absolutely, 100% not acceptable to run state secrets through a personally maintained server that seems to exist only for the legal reason of giving the owner 4th amendment privacy rights. An officeholder acting in official capacity should have zero expectation of privacy from the organizations they work for. I'm "picking on poor ol' Hillary" for having every appearance of attempting to circumvent disclosure laws.
If you don't have it, you'll make bad decisions. For example, answer the question, "should I use framework A, or should I write some code myself?" If you can't estimate how long it will take to use the framework and compare it to how long it will take to write the code yourself, then it is impossible to make a realistic decision.
That's a bad example because that's almost never my criteria. I could write my own framework almost as quickly as I could suss out the quirks of someone else's, and that's usually a teensy part of the overall project lifetime anyway. Instead, I judge on things like "do I want to spend the rest of my time here maintaining this thing?" and "who's going to own security updates?" and "will it be easier to hire people with experience on this one or on the one I haven't written yet?". Sometimes there's no good framework A to use, or maybe framework A exists and is popular but is unfit for this specific purpose, so we write something in-house. Either way, notice that "time to get started" is a trivial or nonexistent part of the equation.
Save me a seat at the table. I think these screenshots look like a nice update. This is timely to me because I was stuck in a meeting this week and looking at the presenter's projected Windows 7 desktop, and thinking of how ugly and unhelpful the current icon set is. Have you ever actually looked at the Outlook icon? It's a big "O" and a faint envelope in orange on a yellow background. Unless you've used it enough to associate that with Outlook, you wouldn't make the connection. The Mac Outlook icon is a lot simpler, nicer, and more visually obvious. The rest of his toolbar icons were the same: shapeless, indistinct, and unappealing. I like these new ones a lot more.
To the "change for change's sake!" Luddites: this isn't that. The Windows 8 Metro desktop abomination is that. This is a company updating its visual components to meet the expectations of the day. Everyone does this. Food labels change. Magazine layouts change. Car styling changes. Furniture colors change. Clothes change. Why do you think Windows icons should look the same for eternity? And spare me the "it's confusing!" whining - a file folder is still instantly recognizable as a file folder. Its look has evolved, but it's still the same basic shape and color.
Mark today on a calendar: I defended Windows's visual appearance. I never thought that would happen.
As long as we're throwing out irrelevant information, there's also a Keystone Beer, the Keystone Cops, and Pennsylvania. Neither these nor the existence of a Keystone Pipeline on a different route changes the fact that someone wants to build a pipeline where there isn't one today. I think it's intellectually honest to minimize this as "they're just extending something that's already there!", when in reality the proposal is to build a brand new pipeline 1,179 miles long along a new path.
That's an "extension" in the same way that I-70 is an "extension" to I-80 because you can take either one from Denver to Chicago, except that those routes are about 150 miles short than the XL would be. You should be ashamed for trying to make it seem otherwise.
In some places it is illegal to call yourself an engineer if you isn't really one (unlike software "engineers").
That's nice. See also: hacking, piracy, and architect. Accept that you've lost and move on.
2500? That's still over twice the national average.
So are salaries. And while rent costs more, everything you can order off Amazon costs exactly the same. That big TV doesn't care whether you're in SJC or ATL.
I SAW the rents at 7000/month.
I've seen cars that cost $2 million, but no one I know is paying that.
Ah, but DDG has !bangs, so you can... duck?... for "!g foo" to get the Google results instead. I spent a few days acclimating to DDG and now use it for almost everything, falling back to Google for the 1% of the time when I don't get the results I expect. Also works for a few hundred other things, including the old green mare herself: "!/. foo" searches Slashdot.
but i'm wondering what the big value is of encrypting data that would probably just contain someone saying "channel 77" or whatever the voice commands like that are.
This is backward. What is the big value of not encrypting it, given that the data payloads are small enough not to require massive CPU resources to do so?
Encryption everywhere is the sane default and should only be removed when there's a clear reason to do so. You don't ever have to justify why to add encryption to something; you're expected to justify removing it.