1. Maybe I know my neighbors, so I trust them/know they're not that talented.
2. If you read the article, they had included software that collected traffic, like emails, etc.
3. This is the same company that produced this choice quote: "Google CEO Eric Schmidt recently said Internet users shouldn't worry about privacy unless they have something to hide."
4. This is the same google that confiscates all cameras before outsiders are allowed on-campus. THEY certainly have something to hide... so why isn't it okay for the proles to enjoy the same privacy?
In the United States, trade secrets are not protected by law in the same manner as trademarks or patents. Specifically, both trademarks and patents are protected under Federal statutes, the Lanham Act and Patent Act, respectively. Trade secrets arise out of state laws. Most states have adopted the Uniform Trade Secrets Act (UTSA). Only Massachusetts, New York, New Jersey, North Carolina, and Texas have not adopted the UTSA. One of the most significant differences between patents and trademarks and trade secrets is that a trade secret is only protected when the secret is not disclosed.
and further
(The holder of the trade secret is nevertheless obliged to protect against such espionage to some degree in order to safeguard the secret. As noted above, under most trade secret regimes, a trade secret is not deemed to exist unless its purported holder takes reasonable steps to maintain its secrecy.)
Leaving a trade secret in a bar for anyone to pick up is pretty much the definition of what not to do to maintain secrecy.
"But it's a secret!" doesn't cut it when your own negligence is the ONLY reason it is no longer secret.
I already know that it's part of the content-negotiation handling scheme. I've been doing this for a long time. I've had to write c code to do this sort of crap.
Next, you make a claim that is simply untrue:
First, you don't give a URL in your original post.
View the source, Luke:
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js" type="text/javascript" charset="utf-8"></script>
That's my original post. That's a URL sitting in there.
Try clicking on "parent" a few times, or, you know, reading the thread?
Putting javascript after the body is perfectly valid, and speeds up the loading of the page. Yes, "The fact that it exists, even if you don't use it, means that the HTML parser has to completely stop and evaluate the script before it can continue parsing the rest of the document" - but guess what - if the document is already loaded, that's pretty much moot. Putting an onload handler after the body is valid, and faster to the end user, since the page is already rendered. Just don't put a call to "document.write" - manipulate the dom instead. The document is already, at that point, fully rendered.
And "xml-ifying" html is purely an affectation, when it's meant to be viewed as a web page. A waste of space, time, and clock ticks.
... and because they cooperated over and above the requirements of the actual search warrant, at other locations.
Read the part where the cops were allowed a warrantless entry into 247 Hillview. Dumb move. Hogan, by cooperating with the cops, ended up getting his own cell phone seized. He also ended up implicating himself. No warrant, no search. No statements unless legal counsel is present, who will tell you to SHUT YOUR F*ING MOUTH! Because nothing you say can be used to help you, but it can and will be used against you, as this case demonstrates.
Not to mention that you can't use a digital camera to "make a copy of the phone". It's a digital camera, not a replicator.
... animals with more than two legs don't adjust their movements when walking over a softer surface...
... should probably read "some insects don't adjust their movements when walking over a softer surface". To extend this claim from cockroaches to all animals is so stupid it doesn't even rise to the level of "bad science."
move some of the control bits around from their usual places;
claim that it somehow makes it "more friendly to Windows users";
screw up a few things that work fine right now;
That sound you're about to hear is a million Ubuntu fanbois gnashing their teeth. Of course, most of them are posting from Windows, but that's a story for another time:-)
And google likes it because they set/update a tracking cookie that lasts for a year, and tracks you across as many sites as possible - note the path - ALL of google.com.
... feel free to use that cookie - it's from a telnet session into their server, and as such is useless. Another telnet session on the same machine produces a new cookie, rather than updating the existing one, since the "existing one" isn't saved between telnet sessions:-)
The proper way would be for the site using the script to also serve up a copy of the script. Eventually, all cross-site scripts will have to be disallowed just as a matter of security and privacy.
which means the whitespace has been removed, which pretty normal for JS files these days. makes the file much much smaller to ease transport across the wire
... to compensate for the bloatware that has become the average "do-everything+kitchen sink" javascript junk. Also, it's not just whitespace removal. Replacing long, easy-to-read variable names with generic smaller ones, etc.
Of course, it's not necessary if the person is hitting your site more than once, since they'll only download the script once and thereafter fetch it from their cache, so the benefits are slight at best.
Then why not make a REAL demo page that has ONLY the library as a dependency? If you're going to make a claim, and offer proof, don't you think your proof should, you know, prove it?
To make a bad car analogy, this is like someone saying they have a blue car, and showing a picture of red car as proof. Or that they will prove that they can drive a motorcycle by showing a video of themselves driving a car. Sure, we can dig deeper, or make a few assumptions, but we shouldn't have to. As proof, it's badly done.
And if you gzip that 72k file (just like apache will) you get a 24k file.
Too bad the script in question is not being served by Apache. And when you telnet into port 80, you'll see it sends an annoying cookie in addition to the script itself. So your movements are being tracked by Big Brother. BTW - you shouldn't accept scripts from sites other than the original host.
Actually, even the minified version is 72k, not 24k,
It's 24k after gzipping. You do serve text content gzipped, don't you?
I got it from the actual url on the page in question. Beter ask the person who wrote the page, not me.
since the source script is, for all practical purposes, semi-obfuscated.
That's like bitching that you can't figure out what Firefox is doing, because you only have a binary. It's jQuery! The original, un-obfuscated source is available, along with full version-control history! Unless they've gone out of their way to be difficult, you should be able to verify (with diff) that the version they are using is actually a particular version available for download from jquery.com.
Very naive statement there,especially since the url, if you read my original post, is NOT the one you reference. And also totally irrelevant to the original point - a PROPER demo to support the claim that there are no other dependencies would NOT make reference to any other scripts.
I'm pretty sure the only XHTML-compliant place to put script tags is inside the tag, which makes sense. Progressive enhancement is good design.
HTML != XHTML. Get over it, and stop making "fake" xml by putting backslashes inside single-element html tags. It's stupid.
Oh, look - the apk troll is alive and still unwell. Must have just finished his shift at Mcdonalds. Why not tell us again how you "only get 2 viruses a month by using a custom hosts file on your 400 hz computer".
If he's using jQuery to traverse the dom, then that's a dependency. My point stands - why not post a demo page that doesn't use it instead,if it's not needed? It's not like it's hard to write code to manipulate the dom.
Actually, even the minified version is 72k, not 24k, so it's even worse (I did a wget on that particular version to confirm the size - jquery.min.js 72,174 bytes). And of course the only way to verify that the minified version doesn't pull in more stuff is to look at the browser requests, since the source script is, for all practical purposes, semi-obfuscated.
If the "only" purpose was to run the script, a simple body.onload() would have done the job, as would calling the first function from an embedded script tag at the bottom of a demo page..
It depends on whether you believe that even our current population is sustainable over the long run. There's the problem - I think we exceeded long-term stability a few billion people ago - at least if we're talking about having everyone with a first-world standard of living.
Let's look at something that's a bit easier to model - the US deficit. Sure, right now the US is still able to float bond issues... and as long as interest rates are held artificially low, the deficit is "sort of" manageable. However, once rates go back to their historic norms, the deficit will be impossible to contain without draconian measures. We passed the "long-term sustainable deficit" several years ago, at the $10T mark. It won't be much longer before the US is in the 1:1 deficit/gdp ratio club - and tipping points like that tend to cause sudden changes - just look at Greece.
Same thing with over-population. It only takes a few generations to go from sparse to wayyy-overcrowded.
US Population: 1810: 7,239,881
US Population: 1860: 31,443,321
US Population: 1910: 92,228,496
US Population: 1960: 179,323,175
US Population: 2010: 309,270,235
US Population: 2060: 486,000,000 (estimated).
At 72k for the "minified" version, it's the wrong thing to do if it's not needed. The correct way to demo that a library has no external dependencies is to create a page without anything except that library and a document.onload handler to invoke the test case.
Saying "it doesn't have external dependencies" is not the same thing at all.
JQuery is just used to render the notation on load
... and the proper way to do it to prove that there are no external dependancies would be to create a page that has ONLY the library in question, and a document.onload handler that ONLY calls the library in question.
Identity theft is only a real problem in civilized places.
North American banks are outsourcing their tech to India. Excluding Florida and parts of Texas, Nevada, Utah and California, the US is still somewhat civilized.
More seriously, i wonder how many of the prison inmates here in india are able to speak english. If people who went to english schools and have had 'accent-training' programs and what not speak so horribly, how can petty prisoners be expected to be fluent?
Since when do you have to speak any language without an accent to work a keyboard? BTW, English is the second official language.
Your argument fails - even the cops would have said to call the same number... and the USPS aren't the owner of any "military plans" - they're an independent agency, unlike the military.
The outsourcing centre will handle banking information 24 hours a day
Poster asks:
I wonder if they can get "fired" for screwing up their data entry, or if they just get moved from the "entering banking data" group to the "entering climate change data" group?
If they do it right, they'll be able to BUY their way out of jail.
People will be breaking INTO jail to better do identity theft.
1. Maybe I know my neighbors, so I trust them/know they're not that talented.
2. If you read the article, they had included software that collected traffic, like emails, etc.
3. This is the same company that produced this choice quote: "Google CEO Eric Schmidt recently said Internet users shouldn't worry about privacy unless they have something to hide."
4. This is the same google that confiscates all cameras before outsiders are allowed on-campus. THEY certainly have something to hide ... so why isn't it okay for the proles to enjoy the same privacy?
You might want to check the definition of a trade secret. It is no longer a trade secret once its leaked.
and further
Leaving a trade secret in a bar for anyone to pick up is pretty much the definition of what not to do to maintain secrecy.
"But it's a secret!" doesn't cut it when your own negligence is the ONLY reason it is no longer secret.
So why not email the guy and show him how to make his demo conform to his claims?
Next, you make a claim that is simply untrue:
Here's the original post http://slashdot.org/comments.pl?sid=1651994&cid=32205748
That's my original post. That's a URL sitting in there.
Try clicking on "parent" a few times, or, you know, reading the thread?
Putting javascript after the body is perfectly valid, and speeds up the loading of the page. Yes, "The fact that it exists, even if you don't use it, means that the HTML parser has to completely stop and evaluate the script before it can continue parsing the rest of the document" - but guess what - if the document is already loaded, that's pretty much moot. Putting an onload handler after the body is valid, and faster to the end user, since the page is already rendered. Just don't put a call to "document.write" - manipulate the dom instead. The document is already, at that point, fully rendered.
And "xml-ifying" html is purely an affectation, when it's meant to be viewed as a web page. A waste of space, time, and clock ticks.
Read the part where the cops were allowed a warrantless entry into 247 Hillview. Dumb move. Hogan, by cooperating with the cops, ended up getting his own cell phone seized. He also ended up implicating himself. No warrant, no search. No statements unless legal counsel is present, who will tell you to SHUT YOUR F*ING MOUTH! Because nothing you say can be used to help you, but it can and will be used against you, as this case demonstrates.
Not to mention that you can't use a digital camera to "make a copy of the phone". It's a digital camera, not a replicator.
That sound you're about to hear is a million Ubuntu fanbois gnashing their teeth. Of course, most of them are posting from Windows, but that's a story for another time :-)
The proper way would be for the site using the script to also serve up a copy of the script. Eventually, all cross-site scripts will have to be disallowed just as a matter of security and privacy.
Of course, it's not necessary if the person is hitting your site more than once, since they'll only download the script once and thereafter fetch it from their cache, so the benefits are slight at best.
Then why not make a REAL demo page that has ONLY the library as a dependency? If you're going to make a claim, and offer proof, don't you think your proof should, you know, prove it?
To make a bad car analogy, this is like someone saying they have a blue car, and showing a picture of red car as proof. Or that they will prove that they can drive a motorcycle by showing a video of themselves driving a car. Sure, we can dig deeper, or make a few assumptions, but we shouldn't have to. As proof, it's badly done.
Too bad the script in question is not being served by Apache. And when you telnet into port 80, you'll see it sends an annoying cookie in addition to the script itself. So your movements are being tracked by Big Brother. BTW - you shouldn't accept scripts from sites other than the original host.
I got it from the actual url on the page in question. Beter ask the person who wrote the page, not me.
Very naive statement there,especially since the url, if you read my original post, is NOT the one you reference. And also totally irrelevant to the original point - a PROPER demo to support the claim that there are no other dependencies would NOT make reference to any other scripts.
HTML != XHTML. Get over it, and stop making "fake" xml by putting backslashes inside single-element html tags. It's stupid.
Oh, look - the apk troll is alive and still unwell. Must have just finished his shift at Mcdonalds. Why not tell us again how you "only get 2 viruses a month by using a custom hosts file on your 400 hz computer".
If he's using jQuery to traverse the dom, then that's a dependency. My point stands - why not post a demo page that doesn't use it instead,if it's not needed? It's not like it's hard to write code to manipulate the dom.
Actually, even the minified version is 72k, not 24k, so it's even worse (I did a wget on that particular version to confirm the size - jquery.min.js 72,174 bytes). And of course the only way to verify that the minified version doesn't pull in more stuff is to look at the browser requests, since the source script is, for all practical purposes, semi-obfuscated.
If the "only" purpose was to run the script, a simple body.onload() would have done the job, as would calling the first function from an embedded script tag at the bottom of a demo page..
It depends on whether you believe that even our current population is sustainable over the long run. There's the problem - I think we exceeded long-term stability a few billion people ago - at least if we're talking about having everyone with a first-world standard of living.
Let's look at something that's a bit easier to model - the US deficit. Sure, right now the US is still able to float bond issues ... and as long as interest rates are held artificially low, the deficit is "sort of" manageable. However, once rates go back to their historic norms, the deficit will be impossible to contain without draconian measures. We passed the "long-term sustainable deficit" several years ago, at the $10T mark. It won't be much longer before the US is in the 1:1 deficit/gdp ratio club - and tipping points like that tend to cause sudden changes - just look at Greece.
Same thing with over-population. It only takes a few generations to go from sparse to wayyy-overcrowded.
US Population: 1810: 7,239,881
US Population: 1860: 31,443,321
US Population: 1910: 92,228,496
US Population: 1960: 179,323,175
US Population: 2010: 309,270,235
US Population: 2060: 486,000,000 (estimated).
http://www.census.gov/population/www/popclockus.html
Or, to graph it:
1810: a
1860: abc
1910: abcdefghi
1960: abcdefghijklmnopqr
2010: abcdefghijklmnopqrstuvwxyzabcde
2160: abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrst
This is not sustainable. Do you really think that the US can support a domestic population of over a billion in 2089?
At 72k for the "minified" version, it's the wrong thing to do if it's not needed. The correct way to demo that a library has no external dependencies is to create a page without anything except that library and a document.onload handler to invoke the test case.
Saying "it doesn't have external dependencies" is not the same thing at all.
Block google and see how well it works.
Me, I don't care about the talking molecules - scale it up to a talking dog and then we'll talk :-)
North American banks are outsourcing their tech to India. Excluding Florida and parts of Texas, Nevada, Utah and California, the US is still somewhat civilized.
Since when do you have to speak any language without an accent to work a keyboard? BTW, English is the second official language.
Your argument fails - even the cops would have said to call the same number ... and the USPS aren't the owner of any "military plans" - they're an independent agency, unlike the military.
FTFA:
Poster asks:
If they do it right, they'll be able to BUY their way out of jail.
People will be breaking INTO jail to better do identity theft.
Why? There are plenty of humans who take great pride in "don't wanna know that sh*t - I'm keeping it 'real'"!