What? I don't find OS X better (or worse) at patching than Windows. Quite often a restart is required, which does not fit into the definition of "unobtrusively."
The alternative hypothesis is that Rotten Tomatoes is encouraging Hollywood to produce reboots and sequels. By aggregating reviews, Rotton Tomatoes rewards movies that appeal to the broadest cross section of society and, unfortunately, remaking a successful hit is a safe bet.
I agree with his point that the Rotten Tomatoes effect is driving away the population of people who would otherwise like the movie.
I also hear the variant "No worries." That one bugs me, though I'm not sure why--maybe it comes across a little passive-aggressive. Though, it could be that I'm just old.
Whether you believe globalization is good or bad, the free movement of capital and work, wages will stagnate or go down (at least in the near to mid term).
In Bill Clinton's Global Challenges speech at Yale is, perhaps, one of the clearest articulations of the goal of achieving an integrated global community characterized by "shared responsibilities, shared benefits, and shared values." If the goal is to "bring economic opportunity to the 50 per cent of the globe's population which lives on $2 a day or less" then that will involve capital flowing from wealthy countries to less-developed countries.
I think the vision is that the money supply would grow fast enough to minimize or eliminate the impact of the capital outflow. Unfortunately, the evidence shows that the bet did not pay off.
I find it amazing that Holmes and others in leadership positions are not being prosecuted under 18 U.S. Code 1035 - False statements relating to health care matters. But IANAL.
Being happy (or in generally in a good mood) is a conscious decision--coming across bad news should not change that decision. If I made a decision to not eat chocolate and I see a tray of chocolates, I should not change my mind just because I saw the tray.
The reason why I argue the article is stupid is that it encourages a superficial state of happiness. Her solution is akin to a quick weight-loss diet being the solution for a healthy lifestyle. It may help for a little bit, but it will not last. Decide to be happy regardless of the environment you are in. People, pets, and things will not make you happy--you are responsible for your happiness.
The thank-you writing was not what made him happy. He made a decision to be happy--the thank-you writing is the effect not the cause.
The stupid factor in the article is so high, that I feel like I wasted gravity just reading it.
The same goes with reading stressful or negative news, according to a study Gielan conducted with Arianna Huffington and her husband, happiness researcher and author Shawn Achor.
There is no abstraction. The street address is the physical address of the post office where your PO box is located and the unit number is your PO box number. Are you complaining just for fun?
Not entirely true. Many post office offer street addressing as an option for your PO box. All you need to do is sign an agreement for it work. I find a USPS PO box a better option than a private PO box because I like to go to one place to get all my mail and some items cannot be delivered to a private PO box.
I use street addressing feature and it is very effective.
The only thing you have to pay attention to is the length of the address. The safest thing to do is put the street address on one line and the unit number on another line. I only had a problem once when a shipper truncated the address line and the unit number was cut off. The post office did a return to sender and the shipper claims he never got the package back and would not provide a refund.
I am actually considering making the switch. I bought a Surface Pro 4 to test out how well it works for me (the Black Friday sale made it a reasonable purchase). I turned on the Windows Subsystem for Linux, which provides a lightweight Linux environment within Windows.
For my work I need:
X Windows
Ability to SSH
Remote desktop (both RDP and VNC)
GNU and Intel compilers
Mathematica
Microsoft Office
Ability to run virtual machines (e.g. Virtual Box)
Ability to do regular backups, with versioning, without user intervention
OpenVPN
Easily connect to external monitor, keyboard, and ethernet
CPU performance is not critical because I have access to a cluster for the heavy computational loads. The Linux subsystem in some ways is more convenient because the slight differences between BSD and Linux can make moving code between OS X and Linux a little bit annoying. The cluster is Linux based--I considered making a *BSD based cluster but the scientific community has gravitated towards Linux.
So, based on my requirements either platform would work, though I probably would go with a Surface Book if I did switch. It comes down to cost and workflow efficiency.
Apple has been losing share and profit, which I think is due to expansion in the lower price segment of the market and the improved quality of Android based phones. I would argue that the "open source, changeable, free (do you mean as in beer or as in speech)" are not factors that most people care about. I think the majority of the smartphone users care about price and usability.
Unless you are making your own CPU, firmware, compilers, personally audit every line of code, etc, I guarantee you that you hit the "I believe" button somewhere along the way.
Going for absolute security is a great navel-gazing exercise. Pick the security boundary you are comfortable with and realize that you have no control outside the boundary. Hopefully you pick a boundary that fails gracefully.
I personally do not believe open source is any more secure than closed source in any practical sense.
That is the exact point I was making. The driver has no ability to quote a price to Uber (the client) for the work they perform. From my understanding, not having the ability to quote a price is a major indicator (though not a 100% true rule) that you are an employee and not a contractor.
The IRS (which I assert is consistent with other tax authorities) has a series of tests that fall into three categories:
Behavioral: Does the company control or have the right to control what the worker does and how the worker does his or her job?
Financial: Are the business aspects of the worker’s job controlled by the payer? (these include things like how worker is paid, whether expenses are reimbursed, who provides tools/supplies, etc.)
Type of Relationship: Are there written contracts or employee type benefits (i.e. pension plan, insurance, vacation pay, etc.)? Will the relationship continue and is the work performed a key aspect of the business?
The questions (from Synergistech Communications, which also provides additional information), with the answers in bold based on my understanding of how Uber works:
Are you required to comply with instructions about when, where, and how the work is to be done? Yes
Does your client provide you with training to enable you to perform a job in a particular method or manner? No
Are the services you provide integrated into your client's business operation? Yes
Must the services be rendered by you personally? Yes
Do you have the capability to hire, supervise, or pay assistants to help you in performing the services under contract? Yes
Is the relationship between you and the person or company you perform services for a continuing relationship? No
Who sets the hours of work? The driver
Are you required to devote your full time to the person or company you perform services for? No
Is the work performed at the place of business of the potential employer? No
Who directs the order or sequence in which the work must be done? Uber
Are you required to provide regular written or oral reports to your client? No
What is the method of payment — hourly, commission or by the job? By the job
Are your business and/or traveling expenses reimbursed? No
Who furnishes tools and materials used in providing services? The driver and Uber
Do you have a significant investment in facilities used to perform services? It depends
Can you realize both a profit or a loss? Yes
Can you work for a number of firms at the same time? Yes
Do you make your services available to the general public? It depends
Are you subject to dismissal for reasons other than nonperformance of contract specifications? Unknown
Can you terminate your relationship without incurring a liability for failure to complete a job? Yes
By my count the Uber-Driver relationship does not pass 4 of the tests and two more are borderline. The key point that makes the relationship tip towards employee is that the driver has no direct price control (they cannot quote a price to perform the service).
I would argue that Cisco (and others) should make a greater investment in developing methods to prevent distributed denial attacks and other forms of network attacks. In many countries the Internet is no longer a nice to have (like broadcast television) but rather a critical infrastructure (like the power grid).
I have not tried a hosted spam filtering service, but I have had success with using amavisd on my email server once I trained the Bayesian filter with my spam and ham corpus. I also turned on razor, SORBS, SURBL, Spamhaus, and BRBL. The MTA is configured to drop pathological email attempts.
On any given day, at least 50% (and sometimes up to 75%, the weekly average is 60%) of the spam attempts get dropped before anything is delivered for filtering. Amavisd is able identify around 50% to 70% of the spam during filtering, which gets automatically redirected to the Junk folder. I could probably improve that a bit more, but it does not seem to be worthwhile at this point.
There are different attacks, however, that makes the QR option in SQRL worse in a practical sense than a username/password. One example is a variant of the hidden-browser attack against a smartcard-based hardware token. The SQRL client in this case serves two purposes: First it reinforces the user's mental perception of what they think is going on and, second, it provides the authentication. An attack against the QR option in SQRL is more significant than a site-specific QR authentication scheme because a SQRL client has the ability to authenticate against multiple web sites.
At the very least, any site using SQRL that cares about security should disallow logins where the SQRL client and browser IP addresses are different. Web sites should also implement the "respond to the SQRL client with the authenticated session URL" option. With this option, users would be required to use a browser on the same machine as the SQRL client. Finally, users should use a client that integrates with the browser as this would enable detection of a web page URL mismatch.
While I truly believe that one should not bet against stupid users (Mother Nature can always make a "more stupid user"), the attack vector would still have a challenge with SQRL.
The SQRL client is supposed to (modulo bad client implementations) request verification of a valid login from the user before proceeding. For this attack to work the user is looking at some website, sees a QR code on the page (advertisement, bogus login, etc), decides to scan the code in the SQRL client, sees the SQRL client popup a code for a different website, and then decides to proceed with the login. It does not appear that SQRL is any worse then a username/password system in protecting the user from doing stupid things.
They may be crap, but it does not appear that this attack would work with SQRL. The SQRL client hashes the URL of the website, signs the result, and then sends the result to the URL encoded in the QR code. In this attack, the client would see that there is a mismatch between the phishing website and the URL encoded in the QR code. If the attacker modifies the QR code to fix that discrepancy, the SQRL blob would have the wrong URL hashed and the server would reject the login attempt.
The researcher does not mention SQRL in his post or the github repo. That was added by the editor or the submitter.
Yep, I was trying to mimic the spam/ad writing style.
The last 20% is not trivial to eliminate and often (always in many cases) overwhelms legitimate mail. I have spent the last few weeks retraining spamassassin to gain a few more percentage points. I think I will enable autolearn and dovecot-antispam to help keep the Bayesian database current.
Slashdot Mirror
What? I don't find OS X better (or worse) at patching than Windows. Quite often a restart is required, which does not fit into the definition of "unobtrusively."
The alternative hypothesis is that Rotten Tomatoes is encouraging Hollywood to produce reboots and sequels. By aggregating reviews, Rotton Tomatoes rewards movies that appeal to the broadest cross section of society and, unfortunately, remaking a successful hit is a safe bet. I agree with his point that the Rotten Tomatoes effect is driving away the population of people who would otherwise like the movie.
To end the scourge of people who like to override the default font.
I also hear the variant "No worries." That one bugs me, though I'm not sure why--maybe it comes across a little passive-aggressive. Though, it could be that I'm just old.
I can imagine the discussion on security.
Whether you believe globalization is good or bad, the free movement of capital and work, wages will stagnate or go down (at least in the near to mid term).
In Bill Clinton's Global Challenges speech at Yale is, perhaps, one of the clearest articulations of the goal of achieving an integrated global community characterized by "shared responsibilities, shared benefits, and shared values." If the goal is to "bring economic opportunity to the 50 per cent of the globe's population which lives on $2 a day or less" then that will involve capital flowing from wealthy countries to less-developed countries.
I think the vision is that the money supply would grow fast enough to minimize or eliminate the impact of the capital outflow. Unfortunately, the evidence shows that the bet did not pay off.
I think Theranos has adopted hope as a strategy.
I find it amazing that Holmes and others in leadership positions are not being prosecuted under 18 U.S. Code 1035 - False statements relating to health care matters. But IANAL.
Being happy (or in generally in a good mood) is a conscious decision--coming across bad news should not change that decision. If I made a decision to not eat chocolate and I see a tray of chocolates, I should not change my mind just because I saw the tray.
The reason why I argue the article is stupid is that it encourages a superficial state of happiness. Her solution is akin to a quick weight-loss diet being the solution for a healthy lifestyle. It may help for a little bit, but it will not last. Decide to be happy regardless of the environment you are in. People, pets, and things will not make you happy--you are responsible for your happiness.
The thank-you writing was not what made him happy. He made a decision to be happy--the thank-you writing is the effect not the cause.
The same goes with reading stressful or negative news, according to a study Gielan conducted with Arianna Huffington and her husband, happiness researcher and author Shawn Achor.
Society pays for a "happiness researcher"?
There is no abstraction. The street address is the physical address of the post office where your PO box is located and the unit number is your PO box number. Are you complaining just for fun?
Not entirely true. Many post office offer street addressing as an option for your PO box. All you need to do is sign an agreement for it work. I find a USPS PO box a better option than a private PO box because I like to go to one place to get all my mail and some items cannot be delivered to a private PO box.
I use street addressing feature and it is very effective. The only thing you have to pay attention to is the length of the address. The safest thing to do is put the street address on one line and the unit number on another line. I only had a problem once when a shipper truncated the address line and the unit number was cut off. The post office did a return to sender and the shipper claims he never got the package back and would not provide a refund.
I am actually considering making the switch. I bought a Surface Pro 4 to test out how well it works for me (the Black Friday sale made it a reasonable purchase). I turned on the Windows Subsystem for Linux, which provides a lightweight Linux environment within Windows.
For my work I need:
CPU performance is not critical because I have access to a cluster for the heavy computational loads. The Linux subsystem in some ways is more convenient because the slight differences between BSD and Linux can make moving code between OS X and Linux a little bit annoying. The cluster is Linux based--I considered making a *BSD based cluster but the scientific community has gravitated towards Linux.
So, based on my requirements either platform would work, though I probably would go with a Surface Book if I did switch. It comes down to cost and workflow efficiency.
You may get your wish.
The answer is obviously yes as Apple has about 12% of the market and is number two behind Samsung. Apple takes about 70% of the profit.
Apple has been losing share and profit, which I think is due to expansion in the lower price segment of the market and the improved quality of Android based phones. I would argue that the "open source, changeable, free (do you mean as in beer or as in speech)" are not factors that most people care about. I think the majority of the smartphone users care about price and usability.
Going for absolute security is a great navel-gazing exercise. Pick the security boundary you are comfortable with and realize that you have no control outside the boundary. Hopefully you pick a boundary that fails gracefully.
I personally do not believe open source is any more secure than closed source in any practical sense.
That is the exact point I was making. The driver has no ability to quote a price to Uber (the client) for the work they perform. From my understanding, not having the ability to quote a price is a major indicator (though not a 100% true rule) that you are an employee and not a contractor.
The questions (from Synergistech Communications, which also provides additional information), with the answers in bold based on my understanding of how Uber works:
By my count the Uber-Driver relationship does not pass 4 of the tests and two more are borderline. The key point that makes the relationship tip towards employee is that the driver has no direct price control (they cannot quote a price to perform the service).
I would argue that Cisco (and others) should make a greater investment in developing methods to prevent distributed denial attacks and other forms of network attacks. In many countries the Internet is no longer a nice to have (like broadcast television) but rather a critical infrastructure (like the power grid).
I have not tried a hosted spam filtering service, but I have had success with using amavisd on my email server once I trained the Bayesian filter with my spam and ham corpus. I also turned on razor, SORBS, SURBL, Spamhaus, and BRBL. The MTA is configured to drop pathological email attempts.
On any given day, at least 50% (and sometimes up to 75%, the weekly average is 60%) of the spam attempts get dropped before anything is delivered for filtering. Amavisd is able identify around 50% to 70% of the spam during filtering, which gets automatically redirected to the Junk folder. I could probably improve that a bit more, but it does not seem to be worthwhile at this point.
There are different attacks, however, that makes the QR option in SQRL worse in a practical sense than a username/password. One example is a variant of the hidden-browser attack against a smartcard-based hardware token. The SQRL client in this case serves two purposes: First it reinforces the user's mental perception of what they think is going on and, second, it provides the authentication. An attack against the QR option in SQRL is more significant than a site-specific QR authentication scheme because a SQRL client has the ability to authenticate against multiple web sites.
At the very least, any site using SQRL that cares about security should disallow logins where the SQRL client and browser IP addresses are different. Web sites should also implement the "respond to the SQRL client with the authenticated session URL" option. With this option, users would be required to use a browser on the same machine as the SQRL client. Finally, users should use a client that integrates with the browser as this would enable detection of a web page URL mismatch.
While I truly believe that one should not bet against stupid users (Mother Nature can always make a "more stupid user"), the attack vector would still have a challenge with SQRL.
The SQRL client is supposed to (modulo bad client implementations) request verification of a valid login from the user before proceeding. For this attack to work the user is looking at some website, sees a QR code on the page (advertisement, bogus login, etc), decides to scan the code in the SQRL client, sees the SQRL client popup a code for a different website, and then decides to proceed with the login. It does not appear that SQRL is any worse then a username/password system in protecting the user from doing stupid things.
They may be crap, but it does not appear that this attack would work with SQRL. The SQRL client hashes the URL of the website, signs the result, and then sends the result to the URL encoded in the QR code. In this attack, the client would see that there is a mismatch between the phishing website and the URL encoded in the QR code. If the attacker modifies the QR code to fix that discrepancy, the SQRL blob would have the wrong URL hashed and the server would reject the login attempt.
The researcher does not mention SQRL in his post or the github repo. That was added by the editor or the submitter.
Yep, I was trying to mimic the spam/ad writing style.
The last 20% is not trivial to eliminate and often (always in many cases) overwhelms legitimate mail. I have spent the last few weeks retraining spamassassin to gain a few more percentage points. I think I will enable autolearn and dovecot-antispam to help keep the Bayesian database current.