So apple's going to encrypt the location cache on a phone that is otherwise locked, where other people generally don't have access to it other than the device itself
I can think of a lot of reasons why someone wouldn't want anyone else to have access to that information, period. For example, I bet there are a few abused wives around the country with husbands who just learned that they can track them (to a first approximation). "What's she doing in the next town over? She was supposed to be at work earning me money." If you don't like that particular scenario, there are plenty of others not involving Apple or governments to choose from.
In the retail world they call it "spillage" -- the fact that some of your goods might get damaged beyond saleability or that a few things will go missing from the floor (or the stock room) is unavoidable -- you simply do your best to detect and take action against those responsible, but you don't go around treating every other customer as a criminal.
You started talking about Sony, but seem to have ended up talking about Best Buy.
Spoken like someone who lives somewhere snowless. My sedan gets around just fine as long as it doesn't get too deep, but I have friends who live just outside of town on unplowed roads. For them, a 4WD is the difference between being snowed in for a week and being able to get groceries.
So there's a strip of little indistinguishable squares. If you mouse over them, the title of the app pops up. Are they apps that are open, or apps that can be opened? No way of telling.
If done properly, I think that's the correct approach. Although it feels natural to open an app, use it, then close it, there's not clearly the best way to use a desktop these days. In general, why do you care if an app is already running, as long as clicking its icon opens a new window into it? I can see the need to stop or restart certain very memory-hungry apps, but other than that I'd just as soon leave everything running. I mean, if I needed to launch it once, there's a very good chance that I'll want to launch it again.
That's how OS X works. It felt very strange to me for a while, but now it seems like the right way to do things.
A) You should have ONE ssh key, which is password-protected.
I would fire you for gross incompetence if I caught you doing that. It's just insanely dangerous: if an attacker compromises a single one of your clients, they have access to every one of your servers until you generate a new keypair and roll it out to each one. Contrast with the sane best practice of using a separate keypair for each client machine. If I lose my iPhone, I can SSH into both of the machines where I have its pubkey installed and remove it from authorized_keys, all without disrupting any of the other clients that need to access those hosts.
Beyond that, having multiple keypairs lets you set fine-grained access rules on your machines. As described above, my iPhone has access to two hosts. If I got stolen and immediately hacked and my SSH passphrase instantly guessed correctly on the first try, the only thing the thief could do is connect to those hosts, neither having anything interesting on them but the ability to SSH to other internal servers (assuming they have access to my OTP list which is not stored on the iPhone).
For having access to "THOUSANDS of extremely important servers", you don't seem to be good at the whole "professionally paranoid" thing.
Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. The argument must be ``yes'' or ``no''. The default is ``no''.
Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the agent's Unix-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent.
Everyone seems to presume that I don't know how to use SSH, or that I think FTP is spiffy. Both of those are nonsense. I've been using SSH for about 15 years now (I worked for an ISP which was an early adapter), and I described FTP as "sucky" in the very first sentence of my post. My entire point was that FTP has one feature that can be handy in certain specific situations, no more, no less. As my company's network admin, I hate having to run a proxy server on my firewall just to support the one legacy protocol we still have to handle. My boss gave me permission to deprecate it from new customer setups in favor of SFTP and to migrate our old setups as the opportunity arises. But none of that changes the fact that FTP still has a (very) short list of handy features.
Not everything has to be secure. Maybe it's an Ubuntu ISO. Maybe it's a GPG-encrypted file. And as I pointed out, maybe you're downloading some from a public server where you have no privileges beyond a plain ol' anonymous FTP account.
Yes, scp is nicer than FTP - if you can use it. That's not always true, and it's not always even an advantage.
Exactly one advantage to FTP - FXP
on
FTP Is 40 Years Old
·
· Score: 5, Interesting
The only nonsucky thing about FTP is that you can use FXP to transfer files between two remote servers without piping it through your client. For example, suppose you have FTP logins on two servers and each has a nice, fast Internet connection. You are on dialup and need to copy database backups from one server to the other. You can use FTP to tell the first to upload to the second's IP address, and tell the second to recv a file from the first's IP address. Nothing but the status messages go through your poor local modem.
You can do the same with by ssh'ing to the first server and scp'ing a file from it to the second, but that requires generating keypairs and copying the public keys around. If you're nitpicky about having separate keypairs on each SSH client machines (and you really should be!), and you have 20 hosts, then you'd have to copy 19 public keys to each machine. With FTP+FXP, you need an FTP login on each of the hosts. That's especially nice if the sending server is a public repository where you don't have anything but anonymous FTP access.
This isn't exactly a killer feature for most people, but it's kind of slick if you ever actually need it.
Add a line in your acceptable use / EULA section stating that you expect the user of the account to be human and that any attempt to scrape the data off of the server is fined at $100,000 per message, plus $10,000 to each message author.
And also, you reserve the right to sue the Tooth Fairy for lost unicorns.
There is no "legal gray area" in scraping. By publishing data on a public webserver, you give consent to clients for viewing it. And what does "the user of the account to be human" mean, anyway? Presumably, humans will eventually view the data downloaded by the scraper. Challenge of the day: give me a legally watertight definition of "web browser" that includes user agents like Lynx (which downloads data from a remote server and presents it in a manner almost exactly unlike Firefox), and excludes a scraper (which downloads data from a remote server and presents it in a manner almost exactly unlike Firefox). Bonus points if your definition also accounts for screen readers for the blind, HTML-to-WAP gateways, ad-blocking proxies, and iPhones. Go ahead; we'll be waiting.
Rent-A-Center caters to poor people, allowing them access to fancy furniture and TV's and such that they otherwise would not purchase because of cost... And yes you can rent to own, but if you do it that way you spend 2x or more than the retail price. A credit card would be cheaper...
When my wife was pregnant, she couldn't sleep comfortably in bed and wanted a recliner to rest in. Since we only wanted it for a couple of months, I called Rent-A-Center to see about renting one until she had the baby. It was going to cost something like $300 and we'd have to give it back afterwards. I checked the local classified ads and bought two recliners from a couple who were redecorating their house and wanted different colors, for a total of $50. Furniture rental is a sucker's game. I honestly can't imagine a single situation in which I'd ever want to use it. Even if I were on a short-term contract in another city and needed to furnish an apartment, I'd buy used stuff and re-sell it or donate it to charity when I was done with it.
But the poor with bad credit can't get credit cards.
If the "poor" can afford to pay $50 a month toward a credit card bill for a new TV, they can afford to save $50 a month until they have enough to buy the new TV outright - and save a buttload of interest while they're at it. You are not required to use credit cards to buy things, even large, expensive things.
I once told a good friend in another city that "when Dilbert is no longer funny, it's time to move on." We laughed. One day, he stopped laughing and moved on, and later thanked me for the advice.
Being more of an Amiga BBS guy, I never got into Kermit over Zmodem and other similar protocols. I mean, I know Kermit is more than just a protocol, but in practice that's how I saw it used 99% of the time. I've only used Kermit once - uploading machine language to a 68HC11 in the 90s - and was genuinely surprised to see that it was still officially a live project until now.
That's not current at all. My mom was Wire Chief for a railroad in the 80s and the practice was old then. Thieves would go from pole to pole for a mile long stretch of line and cut the wire loose so that it was laying on the ground, but still intact and passing signals. Then they'd coordinate with walkie-talkies and cut both ends simultaneously, tie one end to a hydraulic spool on the back of a truck, and wind it up as fast as possible while they were starting to drive away. Mom would get an alarm signal that a phone line was down and would send out the Special Agents (yes - railroads have their own armed police force) and line technicians. By the time they arrived, the thieves would be long gone.
And by "thieves", I mean "murderers". If you cheerfully shut down the communications network that keeps trains from colliding, or E911 services from working, or otherwise disrupt life-or-death decisions, then I'm all for a shoot first, ask later response if you get caught.
To clarify, I was asking an illustrative question to point out that there's no "perfect" sentinel value for all circumstances, and I prefer Python's raise-on-failure paradigm. I don't know whether OP was correct about.NET working that way, it's not an inherently crazy design decision.
But you still don't answer what I think is the key point: What's the advantage to Microsoft in asserting these patents and suing people who are helping to spread the use of C#? To me it looks as if it would be counter-intuitive and suicidal to start going after everyone over Mono. It would kill the language everywhere, including Windows.
Imagine that Microsoft magically gained low-level, impossible-to-work-around patents on the underpinnings of C. Imagine their delight to be able to say "we're licensing our C patents for only $10,000 per non-Windows desktop and $50,000 per non-Window server! Oh, you Windows users can keep using C for free." In one stroke, there goes Linux, OS X, Solaris, iOS, and every other non-Windows system in the backwards parts of the world that recognize software patents.
Microsoft has refused to declare that they won't do this to Mono users. Wouldn't it suck if Mono were widely adopted for Linux development, only to have a future Microsoft decide one day that they wanted to take their toys and go home?
Guido, that's who. One of the Pythonic principles is that forgiveness (try/except) is easier than permission (testing first).
You beat me to it. What's the appropriate sentinel value to return from an unsuccessful data structure query? 0? Not helpful if you're storing integers. False? Doesn't help if you have some boolean values. Empty string? There are lots of valid reasons to store empty strings in a hash table. "None"? Same as strings.
The Python (and.NET, if you believe the OP) approach of throwing exceptions makes a lot more sense than something like "if(value = get('foo') == 0) { printf("not found\n");}" for most situations.
What you want is conformance to what you had before.
Ding-ding-ding! We have a winner! Yes. That is exactly correct. I want conformance to what I had before: a desktop that I know how to use efficiently. That isn't one of those "afraid of trying new ways because I've memorized the old workarounds" kind of things. I mean, it's not like I've memorized a 23-step method of moving a window to another workspace and recoil in horror at the thought of switching to a 3-step replacement. Instead, I have muscle memory of single chords that do all of the stuff I want to do on a desktop. I don't know what the button presses are for getting to the desktop with Chrome on it because I've delegated that to my fingers years ago and they press the right buttons automatically when I want to see Chrome. There isn't a more efficient, better, improved way for me. It doesn't (and can't) exist.
I get that change can be good, and I'm not opposed to it at all. If you want to improve a file manager or web browser or email app, go ahead! There are lots of improvements to be made. But the desktop? I honestly don't remember the last time I heard someone complain that it was broken.
Gnome gave us a piano 10 years ago and we all learned how to play it. Now our piano is being replaced by a guitar because it's "better", mainly because it's different and because the luthier got a political advantage over the piano maker. While I have no problem with guitars, I've spent a decade getting good at the piano and have no desire to throw all that muscle memory away. Oh well. At least they still make pipe organs and synthesizers. I'll switch to one of those.
I think that unless it comes with a seperate numpad, this is going to fall flat on its face.
I started programming nearly 30 years ago (with much of the early time being on an original C-64). In my entire life, I bet I've used a numpad less than 10 times. I think you greatly overestimate the portion of potential users who will ever even notice its absence.
Re:What problem does Gnome 3 solve?
on
GNOME 3 Released
·
· Score: 4, Insightful
Complacency. Gnome users haven't had to re-learn their desktop in a while, and the devs are helpfully breaking those users out of their rut.
Slashdot Mirror
So apple's going to encrypt the location cache on a phone that is otherwise locked, where other people generally don't have access to it other than the device itself
I can think of a lot of reasons why someone wouldn't want anyone else to have access to that information, period. For example, I bet there are a few abused wives around the country with husbands who just learned that they can track them (to a first approximation). "What's she doing in the next town over? She was supposed to be at work earning me money." If you don't like that particular scenario, there are plenty of others not involving Apple or governments to choose from.
In the retail world they call it "spillage" -- the fact that some of your goods might get damaged beyond saleability or that a few things will go missing from the floor (or the stock room) is unavoidable -- you simply do your best to detect and take action against those responsible, but you don't go around treating every other customer as a criminal.
You started talking about Sony, but seem to have ended up talking about Best Buy.
4WD is not a must have ANYWHERE except off road.
Spoken like someone who lives somewhere snowless. My sedan gets around just fine as long as it doesn't get too deep, but I have friends who live just outside of town on unplowed roads. For them, a 4WD is the difference between being snowed in for a week and being able to get groceries.
So there's a strip of little indistinguishable squares. If you mouse over them, the title of the app pops up. Are they apps that are open, or apps that can be opened? No way of telling.
If done properly, I think that's the correct approach. Although it feels natural to open an app, use it, then close it, there's not clearly the best way to use a desktop these days. In general, why do you care if an app is already running, as long as clicking its icon opens a new window into it? I can see the need to stop or restart certain very memory-hungry apps, but other than that I'd just as soon leave everything running. I mean, if I needed to launch it once, there's a very good chance that I'll want to launch it again.
That's how OS X works. It felt very strange to me for a while, but now it seems like the right way to do things.
A) You should have ONE ssh key, which is password-protected.
I would fire you for gross incompetence if I caught you doing that. It's just insanely dangerous: if an attacker compromises a single one of your clients, they have access to every one of your servers until you generate a new keypair and roll it out to each one. Contrast with the sane best practice of using a separate keypair for each client machine. If I lose my iPhone, I can SSH into both of the machines where I have its pubkey installed and remove it from authorized_keys, all without disrupting any of the other clients that need to access those hosts.
Beyond that, having multiple keypairs lets you set fine-grained access rules on your machines. As described above, my iPhone has access to two hosts. If I got stolen and immediately hacked and my SSH passphrase instantly guessed correctly on the first try, the only thing the thief could do is connect to those hosts, neither having anything interesting on them but the ability to SSH to other internal servers (assuming they have access to my OTP list which is not stored on the iPhone).
For having access to "THOUSANDS of extremely important servers", you don't seem to be good at the whole "professionally paranoid" thing.
Check out SSH Agent Forwarding some time.
From the OpenBSD ssh_config(5) man page:
Everyone seems to presume that I don't know how to use SSH, or that I think FTP is spiffy. Both of those are nonsense. I've been using SSH for about 15 years now (I worked for an ISP which was an early adapter), and I described FTP as "sucky" in the very first sentence of my post. My entire point was that FTP has one feature that can be handy in certain specific situations, no more, no less. As my company's network admin, I hate having to run a proxy server on my firewall just to support the one legacy protocol we still have to handle. My boss gave me permission to deprecate it from new customer setups in favor of SFTP and to migrate our old setups as the opportunity arises. But none of that changes the fact that FTP still has a (very) short list of handy features.
Not everything has to be secure. Maybe it's an Ubuntu ISO. Maybe it's a GPG-encrypted file. And as I pointed out, maybe you're downloading some from a public server where you have no privileges beyond a plain ol' anonymous FTP account.
Yes, scp is nicer than FTP - if you can use it. That's not always true, and it's not always even an advantage.
The only nonsucky thing about FTP is that you can use FXP to transfer files between two remote servers without piping it through your client. For example, suppose you have FTP logins on two servers and each has a nice, fast Internet connection. You are on dialup and need to copy database backups from one server to the other. You can use FTP to tell the first to upload to the second's IP address, and tell the second to recv a file from the first's IP address. Nothing but the status messages go through your poor local modem.
You can do the same with by ssh'ing to the first server and scp'ing a file from it to the second, but that requires generating keypairs and copying the public keys around. If you're nitpicky about having separate keypairs on each SSH client machines (and you really should be!), and you have 20 hosts, then you'd have to copy 19 public keys to each machine. With FTP+FXP, you need an FTP login on each of the hosts. That's especially nice if the sending server is a public repository where you don't have anything but anonymous FTP access.
This isn't exactly a killer feature for most people, but it's kind of slick if you ever actually need it.
Who browses the web in their garden? I go out there to unplug!
Me. I telecommute quite a bit, and if it's a pretty day, I'd just as soon park my laptop on the back porch while I work.
Add a line in your acceptable use / EULA section stating that you expect the user of the account to be human and that any attempt to scrape the data off of the server is fined at $100,000 per message, plus $10,000 to each message author.
And also, you reserve the right to sue the Tooth Fairy for lost unicorns.
There is no "legal gray area" in scraping. By publishing data on a public webserver, you give consent to clients for viewing it. And what does "the user of the account to be human" mean, anyway? Presumably, humans will eventually view the data downloaded by the scraper. Challenge of the day: give me a legally watertight definition of "web browser" that includes user agents like Lynx (which downloads data from a remote server and presents it in a manner almost exactly unlike Firefox), and excludes a scraper (which downloads data from a remote server and presents it in a manner almost exactly unlike Firefox). Bonus points if your definition also accounts for screen readers for the blind, HTML-to-WAP gateways, ad-blocking proxies, and iPhones. Go ahead; we'll be waiting.
Rent-A-Center caters to poor people, allowing them access to fancy furniture and TV's and such that they otherwise would not purchase because of cost... And yes you can rent to own, but if you do it that way you spend 2x or more than the retail price. A credit card would be cheaper...
When my wife was pregnant, she couldn't sleep comfortably in bed and wanted a recliner to rest in. Since we only wanted it for a couple of months, I called Rent-A-Center to see about renting one until she had the baby. It was going to cost something like $300 and we'd have to give it back afterwards. I checked the local classified ads and bought two recliners from a couple who were redecorating their house and wanted different colors, for a total of $50. Furniture rental is a sucker's game. I honestly can't imagine a single situation in which I'd ever want to use it. Even if I were on a short-term contract in another city and needed to furnish an apartment, I'd buy used stuff and re-sell it or donate it to charity when I was done with it.
But the poor with bad credit can't get credit cards.
If the "poor" can afford to pay $50 a month toward a credit card bill for a new TV, they can afford to save $50 a month until they have enough to buy the new TV outright - and save a buttload of interest while they're at it. You are not required to use credit cards to buy things, even large, expensive things.
All I got from that is "I keep rewarding the game companies who are trying to fuck up my computer". Why would you do that?
The patch was reverted in Gnome 3 because someone found it useful.
Well... for now. But we have our eye on you.
Not knowledgeable about ST,
Get out. Now. Your kind is not welcome here.
I once told a good friend in another city that "when Dilbert is no longer funny, it's time to move on." We laughed. One day, he stopped laughing and moved on, and later thanked me for the advice.
Being more of an Amiga BBS guy, I never got into Kermit over Zmodem and other similar protocols. I mean, I know Kermit is more than just a protocol, but in practice that's how I saw it used 99% of the time. I've only used Kermit once - uploading machine language to a 68HC11 in the 90s - and was genuinely surprised to see that it was still officially a live project until now.
I'll make it $20,000 if you can tell me whether the number is actually a prime.
That's not current at all. My mom was Wire Chief for a railroad in the 80s and the practice was old then. Thieves would go from pole to pole for a mile long stretch of line and cut the wire loose so that it was laying on the ground, but still intact and passing signals. Then they'd coordinate with walkie-talkies and cut both ends simultaneously, tie one end to a hydraulic spool on the back of a truck, and wind it up as fast as possible while they were starting to drive away. Mom would get an alarm signal that a phone line was down and would send out the Special Agents (yes - railroads have their own armed police force) and line technicians. By the time they arrived, the thieves would be long gone.
And by "thieves", I mean "murderers". If you cheerfully shut down the communications network that keeps trains from colliding, or E911 services from working, or otherwise disrupt life-or-death decisions, then I'm all for a shoot first, ask later response if you get caught.
To clarify, I was asking an illustrative question to point out that there's no "perfect" sentinel value for all circumstances, and I prefer Python's raise-on-failure paradigm. I don't know whether OP was correct about .NET working that way, it's not an inherently crazy design decision.
But you still don't answer what I think is the key point: What's the advantage to Microsoft in asserting these patents and suing people who are helping to spread the use of C#? To me it looks as if it would be counter-intuitive and suicidal to start going after everyone over Mono. It would kill the language everywhere, including Windows.
Imagine that Microsoft magically gained low-level, impossible-to-work-around patents on the underpinnings of C. Imagine their delight to be able to say "we're licensing our C patents for only $10,000 per non-Windows desktop and $50,000 per non-Window server! Oh, you Windows users can keep using C for free." In one stroke, there goes Linux, OS X, Solaris, iOS, and every other non-Windows system in the backwards parts of the world that recognize software patents.
Microsoft has refused to declare that they won't do this to Mono users. Wouldn't it suck if Mono were widely adopted for Linux development, only to have a future Microsoft decide one day that they wanted to take their toys and go home?
That is what a lot of Linux users worry about.
Guido, that's who. One of the Pythonic principles is that forgiveness (try/except) is easier than permission (testing first).
You beat me to it. What's the appropriate sentinel value to return from an unsuccessful data structure query? 0? Not helpful if you're storing integers. False? Doesn't help if you have some boolean values. Empty string? There are lots of valid reasons to store empty strings in a hash table. "None"? Same as strings.
The Python (and .NET, if you believe the OP) approach of throwing exceptions makes a lot more sense than something like "if(value = get('foo') == 0) { printf("not found\n");}" for most situations.
What you want is conformance to what you had before.
Ding-ding-ding! We have a winner! Yes. That is exactly correct. I want conformance to what I had before: a desktop that I know how to use efficiently. That isn't one of those "afraid of trying new ways because I've memorized the old workarounds" kind of things. I mean, it's not like I've memorized a 23-step method of moving a window to another workspace and recoil in horror at the thought of switching to a 3-step replacement. Instead, I have muscle memory of single chords that do all of the stuff I want to do on a desktop. I don't know what the button presses are for getting to the desktop with Chrome on it because I've delegated that to my fingers years ago and they press the right buttons automatically when I want to see Chrome. There isn't a more efficient, better, improved way for me. It doesn't (and can't) exist.
I get that change can be good, and I'm not opposed to it at all. If you want to improve a file manager or web browser or email app, go ahead! There are lots of improvements to be made. But the desktop? I honestly don't remember the last time I heard someone complain that it was broken.
Gnome gave us a piano 10 years ago and we all learned how to play it. Now our piano is being replaced by a guitar because it's "better", mainly because it's different and because the luthier got a political advantage over the piano maker. While I have no problem with guitars, I've spent a decade getting good at the piano and have no desire to throw all that muscle memory away. Oh well. At least they still make pipe organs and synthesizers. I'll switch to one of those.
I think that unless it comes with a seperate numpad, this is going to fall flat on its face.
I started programming nearly 30 years ago (with much of the early time being on an original C-64). In my entire life, I bet I've used a numpad less than 10 times. I think you greatly overestimate the portion of potential users who will ever even notice its absence.
Complacency. Gnome users haven't had to re-learn their desktop in a while, and the devs are helpfully breaking those users out of their rut.