You've fatally misunderstood Uber's business model and why they do what they do.
Uber is not anti-regulation and does not engage in a "race to the bottom" where they ignore the fact that some cab drivers are crappy.
Rather, Uber is the regulator and prevents the race to the bottom in entirely different and more modern ways. Instead of using the (literally) steam-era approach of forcing cab drivers to memorise street maps, they use GPS. Instead of setting high and constant fees with mandated pickup to make prices predictable, they use global knowledge of supply and demand to show you a price ahead of time. Instead of attempting to judge a cabbies integrity and character through some bullshit interview process they gather real time feedback from actual riders.
To see Uber as anti-regulation is to miss the point. They are merely a much better regulator that uses 21st century tools.
The correct process for Uber and the like to take is to challenge the unjust, anti-competetive laws first, potentially citing public demand for their services
How do they demonstrate public demand for their services if they haven't got any customers yet? And why do you think the taxicab regulators in each jurisdiction where they do this would care even one tiny bit?
It'd be great if all you had to do to get dumb regulations dismissed was 'challenge' them. I used to think this way too - surely these people are just reasonable and they can just be talked to? Then they'll see the light?
But if it was so easy, it'd have been done years ago already. It's not. You can't simply change laws by arguing in front of a court that the laws are dumb, especially not against entrenched interests. Only massive public support can change these things, and to get that, you need happy customers.
Instead of rejecting the payment outright and freezing the card, text message my phone IMMEDIATELY and I can read a 6 digit code to the cashier to allow the transaction
How about an even better solution - insert your card into a reader, type in your PIN and that's the two factors right there. You know...... the system that's already used everywhere in the world except for America? It works pretty well. I think the USA is starting to roll it out now, albeit a slightly crippled form of it (they managed to take the 2-factor system everyone else uses and make it 1-factor).
Yeah, it is completely broken. This is a problem more or less specific to America.
I have several cards. I travel constantly. I have never, not once, told my bank where I am going and I have never, not once, had my card declined.
How do they achieve this witchcraft? Well,
1. The cards are all EMV. The magstripe can be cloned, but you can't use it in most countries (other than America)
2. Many online purchases are protected by 3D-Secure, which basically just lets your bank put a login/ID verification screen after the card number is entered
3. Their fraud models expect people to travel whereas lots of Americans don't
It dates from the really early days when Google was basically just a bunch of engineers doing R&D. It was cutesy, the brand they went for was cutesy, it fitted.
The problem with it IMO is that, basically, too many people can't handle it. "Evil" is a really high bar. It's a word that smells objective. But not many business activities really qualify for such a strong word. Drone striking a wedding is evil. When Microsoft tried to take over and then kill off the web (or rather, progress in the web) because they wanted everyone to write Windows apps instead of using open infrastructure, that was roaming around in the general area, maybe, if we want to be hyperbolic. Though it's debatable.
Changing the colour scheme in Gmail is clearly not evil. Attempting to integrate social features of products together is not evil, even if you didn't like it. But unfortunately as Google got big enough it reached the point where basically any change resulted in this motto being thrown back in their face. So it ended up being meaningless. Someone saying "don't be evil" just became some sort of trite cliche. Worse, internally some of its own employees would tend to describe any action they didn't like as "evil" which of course wasn't great for team building and morale (I used to work there so I saw this problem in action many times).
I'm not surprised they have eventually changed it, although even that change will itself be described as evil in a sort of implosion of recursive irony. "Do the right thing" might seem watered down, but by taking out the cartoon emotive character assassination words, it sets a probably more realistic goal by accepting that "the right thing" is inherently subjective and debatable.
Yes, their infographic lists "Dronecode" whatever that is, alongside node.js
The other problem with trying to calculate the value of the Linux kernel specifically is that it counts the costs of all the drivers as well and you end up concluding that building a kernel is infeasibly expensive (reality check: there are quite a few of them out there, made by non-huge companies). If Linux was developed from scratch commercially you wouldn't attempt to develop drivers for every piece of hardware known to man all in the same source tree. You'd do what Microsoft do and define a driver API. Then the costs of hardware support are spread out across industry and no one entity ends up paying the entire cost.
The Linux kernel guys don't do that because they prefer being able to refactor/redesign any part of the kernel at whim, even at the huge cost of having all driver development be centralised. But that's not the only way to do it.
Gatekeeper is not meant to block any unsigned code execution. It's meant to stop you accidentally running malware. If you want to bypass it you can just right click on a.app and click "open", or you can disable it in System Preferences. The "attack" you just described is no attack at all.
It's not even clear to me that what's being described in the article is even an attack. OK, you can bypass Gatekeeper by finding an app that blindly runs code it knows nothing about. That's like complaining that if you run a signed browser and then it executes a malicious web page, bad things happen. That's not a bug in Gatekeeper. That's a bug in the browser.
Need I remind you that had the U.S. signed up for the GSM standard, CDMA would've been stillborn and we would likely have 50-200 kbps data speeds today
Um, wat? You think the designers of UMTS were incapable of understanding the different radio technologies because they weren't born in America? CDMA was invented by the Soviets, you know.
GSM and its upgrades stomped the mobile phone system called CDMA for all kinds of reasons, one of them being that GSM had the concept of a SIM card and CDMA did not, so GSM users could pick their own phones and trade them. Another is that GSM was developed by an actual international standards process and industry consortium, whereas cdmaONE was basically an attempt to standardise a Qualcomm internal project and it showed. It was expensive, single vendor, etc. Wikipedia refers to the "immature style" of the cdmaONE standards documents. GSM had first mover advantage and international adoption.
The point of ISDS is to handle the case where a company invests in a country and the country then changes its laws such that the investment is invalidated. This has a habit of occurring in some less well run parts of the world as part of e.g. attempting to advantage home grown companies, or appropriating their assets.
ISDS cannot force a country to change its laws. It's a voluntary mechanism by which countries agree to pay compensation to the investors that they just screwed. Whether the screwing is justified or unjustified doesn't matter, the point is to make the investors whole and therefore to reduce the risk of making foreign investments thus increasing their number.
The headline is rather misleading. This isn't just a plain port of the code from Java to C++ to get a magical 10x speedup. Amongst other things they appear to be running an entire TCP stack in userspace and using special kernel drivers to avoid interrupts. This is the same team that produced OSv, an entirely new kernel written in C++ that gets massive speedups over Linux..... partly by doing things like not using memory virtualisation at all. Fast but unsafe. These guys are hard core in a way more advanced way than just "hey let's switch languages".
WhatsApp is one of the worlds most popular chat networks. It has nearly a billion users globally and dominates mobile chat/SMS replacement everywhere outside of the USA and China (possibly Japan).
WhatsApp has a very interesting security design. It uses end to end encryption for messages (at least between some clients). As a result the web (really: desktop) version can't work in the way most normal web apps work. What it actually does is build a connection to your actual phone and remotely controls it. If your phone is off you can't use the web version. The reason is; only the phone has the encryption keys. WhatsApp doesn't provide message backups etc for this sort of reason also.
I don't know why the web app has a user-triggered update process, but it would not surprise me if it's related to that: for instance, the web app checks digital signatures on the new version before re-caching it locally.
I watched the TV interview. I'm not American but US politics has a way of affecting everyone, so I think it's cool what he's trying to do.
That said, I think he needs to practice his TV interviewing style a bit. He spoke VERY fast, sounded kind of shrill, and the tumble of words didn't communicate as much as I expected given their quantity. There were a lot of things that sounded like generic political soundbites any candidate might say. The basic ideas of political reform are solid - he could slow down, hit one or two points solidly and then stop.
There are a few other issues I don't really understand.
The main one is that he's strongly Democrat. For reasons I don't fully understand (electoral college mumble mumble) it seems US candidates cannot ever be independent, they have to pick a side. So that's going to cause issues right there. Reform of Washington should be a bi-partisan issue: I had expected him to run as an independent and then resign and trigger fresh elections once his platform was passed. That way anyone could feel secure voting for him. But I guess that sort of thing isn't possible.
The other is that surely he it takes more than one man to deliver the reforms he wants. Why isn't he creating a political party rather than running for President? This must be the only-two-parties rule again? I heard once that there are more than just Dems and Reps in the US political system but I never hear much about them.
In many countries, it is illegal for a company to unfairly exploit its dominance in one market to gain advantage in another market.
But Google aren't doing that.
The argument of these complaining companies boils down to "our business is so crappy and generic that we have no customer loyalty at all, and as such our customers simply click on whatever result comes first when they search". Therefore they argue "we should be first because otherwise it's not faaaaaaaair".
If the only justification for your existence is that hapless customers end up at your website due to an accident of ranking, why should anyone care about your business? Facebook, for most of its history, wasn't crawlable at all - the entire site was behind the login screen. Literally the only search term they showed up for was Facebook. Guess what - it didn't hurt them at all, because their customers wanted to go there.
Re:Looked slick, but so unstable
on
Windows 95 Turns 20
·
· Score: 5, Insightful
Yeah, but that instability was not entirely Win95's fault.
Back then computers had almost no resources. NT had a "proper", academically correct OS design with a microkernel architecture (until NT4). It paid for it dearly: resource consumption was nearly double that of Chicago. Additionally, app and hardware compatibility was crap. Many, many apps, devices and especially games would not run on Windows NT. Microsoft spent the next 6-7 years trying to make NT acceptable to the consumer market and only achieved it starting with Windows XP.
So Win95 was hobbled by the need for DOS and Win3.1 compatibility, but that is why it was such a huge commercial success.
Making things worse, tools for writing reliable software were crap back then. Most software was written in C or C++ except often without any kind of STL. Static analysis was piss poor to non-existent. If you wanted garbage collection, Visual Basic was all you had (actually it used reference counting). Unit testing existed as a concept but was barely known: it was extremely common for programs to have no unit tests at all, and testing frameworks like JUnit also didn't exist. Drivers were routinely written by hardware engineers who only had a basic grasp of software engineering, so they were frequently very buggy. Hardware itself was often quite unreliable. Computers didn't have the same kinds of reliability technologies they have today.
Most importantly nobody had the internet, so apps couldn't report crash dumps back to the developers, so most developers never heard about their app crashes and had no way to fix them except by doing exhaustive, human based testing. Basically that's what distinguished stable software from unstable software: how much money you paid to professional software testers.
Everyone who used computers back then remembers the "save every few minutes" advice being drilled into people's heads. And it was needed, but that wasn't entirely Microsoft's fault. It was just that computing sucked back then, even more than it does today:)
Virtually nobody had 32mb of RAM back then. 8mb was pretty typical for new, nice computers. You couldn't have twenty browser windows open, that's for sure, but people managed OK with lots of swapping and patience.
Win95 was such a huge upgrade. We forget now, but it packed an astonishing amount of stuff into just 4mb of RAM (8mb recommended). If someone produced it today in some kind of hackathon it'd be praised as a wonder of tightly written code. They even optimised it by making sure the dots in the clock didn't blink, as the animation would have increased the memory usage of the OS!
It's surprising how little Windows has changed over the years, in some ways. Not because MS didn't want to change it but because the Win95 UI design was basically very effective and people still like it, even today.
That's good to hear. These exploits often don't seem to be as bad as initially suggested. No big surprise there, I guess.
This Google Admin app bug doesn't seem to be a general sandbox bypass as the summary implies. It's not even a bug in Android. One app by Google to let people admin their custom Apps domains will open a URL with an embedded webview, if asked. So then perhaps the embedded web view can be used to exfiltrate files from the Admin app. But are there any sensitive files there to be stolen? The advisory does not say, so I expect the answer is "no".
Well, any OS that lets apps talk to each other can have this sort of issue - it's like blaming Windows for a bug in Firefox. Makes no sense. Probably good for getting attention though.
3b. I've noticed the memory issue. I've also noticed a lot of java programs seem to have a hard time going beyond 1GB of ram. I'm sure there is a way to make them do that but... I've had to screw around with work arounds more than a few times to deal with that issue.
There are people happily using Java with 300 gigabyte heaps. Look at the Azul Zing JVM for examples of this. Also: they're using it in ultra-low latency financial trading apps. Just because you haven't seen this sort of thing personally doesn't mean it never happens.
As to your claim that it isn't slower if it has enough memory... That's not my experience. I'm sure I could get you testimonials and links to people talking about Java being slow. But I rather suspect you won't listen to it or will say it is invalid for some reason.
Performance is complicated. There are lots of cases where a Java program is just as fast as a C++ program or even faster. PIC-optimisable virtual method dispatch in a tight loop is one example of where Java/JVM stuff has stomped C++ for many years, with devirtualisation optimisations only appearing very recently in GCC stuff it seems. HotSpot is an excellent compiler and can do a lot of interesting things.
But mostly, people use Java because the performance is good enough, and the benefits over the C/C++ ecosystem are big. For instance, you get reliable debuggers, stack traces that are never corrupted, no manual memory management, ultra-fast compiles, a huge and standarised package repositories/dependency management system, high quality profiling tools, lots of libraries etc.
We have less bullshit to deal with the compiled programs. They just "work" more reliably.
I don't doubt your experience but it has nothing to do with AOT compiled vs JIT compiled. Applets that stop working on newer JVMs are probably relying on bugs in earlier versions. This can happen any time there is dynamic linking. Every time I upgrade MacOS X some apps I use stop working properly, even though they're all compiled. Apple just isn't very good at backwards compatibility.
It was not "pretty amazing". I have written J2ME apps. It was a disaster zone, mostly for policy not technical reasons.
Problem one: its conformance testing was crap and the licensing for the upstream implementation was expensive. So, guess what, phone OEMs made their own. And did it badly. EVERY J2ME phone was full of bugs, often incredibly basic and obvious bugs like camera APIs that leaked every image taken (take three photos in a row->OutOfMemoryError), or drawing APIs that crashed the device if you tried to draw a bitmap to negative coordinates (correct behaviour is to clip).
This meant that in practice you had to test every version of the app on every device, because bugs were so common.
Problem two: it was tiny. Almost every API was optional, and Java has no good support for on the fly adaptation to missing APIs. So apps ended up needing a C style macro pre-processor to customise the app for every combination of bugs and missing features. You think Android is fragmented? I rofl in the face of Android fragmentation, because I've seen J2ME's equivalent.
Problem three: the CLDC VM was unbelievably sluggish, even compared to the early Dalviks.
Problem four: many APIs were protected by a code signing requirement that was painful to meet and often very expensive for no good reason. Forget about writing free hobby apps.
Problem five: no app store. Every carrier ran its own, and if you wanted distribution....... yup. They wanted money. Often, meetings and contracts too. Just forget it.
Slashdot Mirror
There's a hilarious article detailing the various attempts the LA local government has made to stop taxis ripping off tourists, and which compares it with Uber.
You've fatally misunderstood Uber's business model and why they do what they do.
Uber is not anti-regulation and does not engage in a "race to the bottom" where they ignore the fact that some cab drivers are crappy.
Rather, Uber is the regulator and prevents the race to the bottom in entirely different and more modern ways. Instead of using the (literally) steam-era approach of forcing cab drivers to memorise street maps, they use GPS. Instead of setting high and constant fees with mandated pickup to make prices predictable, they use global knowledge of supply and demand to show you a price ahead of time. Instead of attempting to judge a cabbies integrity and character through some bullshit interview process they gather real time feedback from actual riders.
To see Uber as anti-regulation is to miss the point. They are merely a much better regulator that uses 21st century tools.
How do they demonstrate public demand for their services if they haven't got any customers yet? And why do you think the taxicab regulators in each jurisdiction where they do this would care even one tiny bit?
It'd be great if all you had to do to get dumb regulations dismissed was 'challenge' them. I used to think this way too - surely these people are just reasonable and they can just be talked to? Then they'll see the light?
But if it was so easy, it'd have been done years ago already. It's not. You can't simply change laws by arguing in front of a court that the laws are dumb, especially not against entrenched interests. Only massive public support can change these things, and to get that, you need happy customers.
How about an even better solution - insert your card into a reader, type in your PIN and that's the two factors right there. You know...... the system that's already used everywhere in the world except for America? It works pretty well. I think the USA is starting to roll it out now, albeit a slightly crippled form of it (they managed to take the 2-factor system everyone else uses and make it 1-factor).
Yeah, it is completely broken. This is a problem more or less specific to America.
I have several cards. I travel constantly. I have never, not once, told my bank where I am going and I have never, not once, had my card declined.
How do they achieve this witchcraft? Well,
1. The cards are all EMV. The magstripe can be cloned, but you can't use it in most countries (other than America)
2. Many online purchases are protected by 3D-Secure, which basically just lets your bank put a login/ID verification screen after the card number is entered
3. Their fraud models expect people to travel whereas lots of Americans don't
It dates from the really early days when Google was basically just a bunch of engineers doing R&D. It was cutesy, the brand they went for was cutesy, it fitted.
The problem with it IMO is that, basically, too many people can't handle it. "Evil" is a really high bar. It's a word that smells objective. But not many business activities really qualify for such a strong word. Drone striking a wedding is evil. When Microsoft tried to take over and then kill off the web (or rather, progress in the web) because they wanted everyone to write Windows apps instead of using open infrastructure, that was roaming around in the general area, maybe, if we want to be hyperbolic. Though it's debatable.
Changing the colour scheme in Gmail is clearly not evil. Attempting to integrate social features of products together is not evil, even if you didn't like it. But unfortunately as Google got big enough it reached the point where basically any change resulted in this motto being thrown back in their face. So it ended up being meaningless. Someone saying "don't be evil" just became some sort of trite cliche. Worse, internally some of its own employees would tend to describe any action they didn't like as "evil" which of course wasn't great for team building and morale (I used to work there so I saw this problem in action many times).
I'm not surprised they have eventually changed it, although even that change will itself be described as evil in a sort of implosion of recursive irony. "Do the right thing" might seem watered down, but by taking out the cartoon emotive character assassination words, it sets a probably more realistic goal by accepting that "the right thing" is inherently subjective and debatable.
Yes, their infographic lists "Dronecode" whatever that is, alongside node.js
The other problem with trying to calculate the value of the Linux kernel specifically is that it counts the costs of all the drivers as well and you end up concluding that building a kernel is infeasibly expensive (reality check: there are quite a few of them out there, made by non-huge companies). If Linux was developed from scratch commercially you wouldn't attempt to develop drivers for every piece of hardware known to man all in the same source tree. You'd do what Microsoft do and define a driver API. Then the costs of hardware support are spread out across industry and no one entity ends up paying the entire cost.
The Linux kernel guys don't do that because they prefer being able to refactor/redesign any part of the kernel at whim, even at the huge cost of having all driver development be centralised. But that's not the only way to do it.
Huh?
Gatekeeper is not meant to block any unsigned code execution. It's meant to stop you accidentally running malware. If you want to bypass it you can just right click on a .app and click "open", or you can disable it in System Preferences. The "attack" you just described is no attack at all.
It's not even clear to me that what's being described in the article is even an attack. OK, you can bypass Gatekeeper by finding an app that blindly runs code it knows nothing about. That's like complaining that if you run a signed browser and then it executes a malicious web page, bad things happen. That's not a bug in Gatekeeper. That's a bug in the browser.
Um, wat? You think the designers of UMTS were incapable of understanding the different radio technologies because they weren't born in America? CDMA was invented by the Soviets, you know.
GSM and its upgrades stomped the mobile phone system called CDMA for all kinds of reasons, one of them being that GSM had the concept of a SIM card and CDMA did not, so GSM users could pick their own phones and trade them. Another is that GSM was developed by an actual international standards process and industry consortium, whereas cdmaONE was basically an attempt to standardise a Qualcomm internal project and it showed. It was expensive, single vendor, etc. Wikipedia refers to the "immature style" of the cdmaONE standards documents. GSM had first mover advantage and international adoption.
ISDS doesn't do what you're claiming it does.
The point of ISDS is to handle the case where a company invests in a country and the country then changes its laws such that the investment is invalidated. This has a habit of occurring in some less well run parts of the world as part of e.g. attempting to advantage home grown companies, or appropriating their assets.
ISDS cannot force a country to change its laws. It's a voluntary mechanism by which countries agree to pay compensation to the investors that they just screwed. Whether the screwing is justified or unjustified doesn't matter, the point is to make the investors whole and therefore to reduce the risk of making foreign investments thus increasing their number.
The headline is rather misleading. This isn't just a plain port of the code from Java to C++ to get a magical 10x speedup. Amongst other things they appear to be running an entire TCP stack in userspace and using special kernel drivers to avoid interrupts. This is the same team that produced OSv, an entirely new kernel written in C++ that gets massive speedups over Linux ..... partly by doing things like not using memory virtualisation at all. Fast but unsafe. These guys are hard core in a way more advanced way than just "hey let's switch languages".
WhatsApp is one of the worlds most popular chat networks. It has nearly a billion users globally and dominates mobile chat/SMS replacement everywhere outside of the USA and China (possibly Japan).
WhatsApp has a very interesting security design. It uses end to end encryption for messages (at least between some clients). As a result the web (really: desktop) version can't work in the way most normal web apps work. What it actually does is build a connection to your actual phone and remotely controls it. If your phone is off you can't use the web version. The reason is; only the phone has the encryption keys. WhatsApp doesn't provide message backups etc for this sort of reason also.
I don't know why the web app has a user-triggered update process, but it would not surprise me if it's related to that: for instance, the web app checks digital signatures on the new version before re-caching it locally.
It's that thing the entire world outside of the USA and parts of Asia use instead of SMS.
Which means it's probably not even intentional.
I watched the TV interview. I'm not American but US politics has a way of affecting everyone, so I think it's cool what he's trying to do.
That said, I think he needs to practice his TV interviewing style a bit. He spoke VERY fast, sounded kind of shrill, and the tumble of words didn't communicate as much as I expected given their quantity. There were a lot of things that sounded like generic political soundbites any candidate might say. The basic ideas of political reform are solid - he could slow down, hit one or two points solidly and then stop.
There are a few other issues I don't really understand.
The main one is that he's strongly Democrat. For reasons I don't fully understand (electoral college mumble mumble) it seems US candidates cannot ever be independent, they have to pick a side. So that's going to cause issues right there. Reform of Washington should be a bi-partisan issue: I had expected him to run as an independent and then resign and trigger fresh elections once his platform was passed. That way anyone could feel secure voting for him. But I guess that sort of thing isn't possible.
The other is that surely he it takes more than one man to deliver the reforms he wants. Why isn't he creating a political party rather than running for President? This must be the only-two-parties rule again? I heard once that there are more than just Dems and Reps in the US political system but I never hear much about them.
But Google aren't doing that.
The argument of these complaining companies boils down to "our business is so crappy and generic that we have no customer loyalty at all, and as such our customers simply click on whatever result comes first when they search". Therefore they argue "we should be first because otherwise it's not faaaaaaaair".
If the only justification for your existence is that hapless customers end up at your website due to an accident of ranking, why should anyone care about your business? Facebook, for most of its history, wasn't crawlable at all - the entire site was behind the login screen. Literally the only search term they showed up for was Facebook. Guess what - it didn't hurt them at all, because their customers wanted to go there.
Yeah, but that instability was not entirely Win95's fault.
Back then computers had almost no resources. NT had a "proper", academically correct OS design with a microkernel architecture (until NT4). It paid for it dearly: resource consumption was nearly double that of Chicago. Additionally, app and hardware compatibility was crap. Many, many apps, devices and especially games would not run on Windows NT. Microsoft spent the next 6-7 years trying to make NT acceptable to the consumer market and only achieved it starting with Windows XP.
So Win95 was hobbled by the need for DOS and Win3.1 compatibility, but that is why it was such a huge commercial success.
Making things worse, tools for writing reliable software were crap back then. Most software was written in C or C++ except often without any kind of STL. Static analysis was piss poor to non-existent. If you wanted garbage collection, Visual Basic was all you had (actually it used reference counting). Unit testing existed as a concept but was barely known: it was extremely common for programs to have no unit tests at all, and testing frameworks like JUnit also didn't exist. Drivers were routinely written by hardware engineers who only had a basic grasp of software engineering, so they were frequently very buggy. Hardware itself was often quite unreliable. Computers didn't have the same kinds of reliability technologies they have today.
Most importantly nobody had the internet, so apps couldn't report crash dumps back to the developers, so most developers never heard about their app crashes and had no way to fix them except by doing exhaustive, human based testing. Basically that's what distinguished stable software from unstable software: how much money you paid to professional software testers.
Everyone who used computers back then remembers the "save every few minutes" advice being drilled into people's heads. And it was needed, but that wasn't entirely Microsoft's fault. It was just that computing sucked back then, even more than it does today :)
Virtually nobody had 32mb of RAM back then. 8mb was pretty typical for new, nice computers. You couldn't have twenty browser windows open, that's for sure, but people managed OK with lots of swapping and patience.
Win95 pioneered the start button and taskbar UI. NT adopted the same UI later on.
Chrome extensions generally can't break the browser in the same way Firefox extensions can. They're also sandboxed, so can be used with less trust.
.... the Briefcase!
I just can't remember what it was for.
Win95 was such a huge upgrade. We forget now, but it packed an astonishing amount of stuff into just 4mb of RAM (8mb recommended). If someone produced it today in some kind of hackathon it'd be praised as a wonder of tightly written code. They even optimised it by making sure the dots in the clock didn't blink, as the animation would have increased the memory usage of the OS!
It's surprising how little Windows has changed over the years, in some ways. Not because MS didn't want to change it but because the Win95 UI design was basically very effective and people still like it, even today.
Web browser makers are incentivised to make everyone use HTML5, regardless of whether it's a better fit than Flash or not.
Website developers are incentivised to add new features, rather than rewrite their existing codebase from scratch for no gain.
Surprise?
That's good to hear. These exploits often don't seem to be as bad as initially suggested. No big surprise there, I guess.
This Google Admin app bug doesn't seem to be a general sandbox bypass as the summary implies. It's not even a bug in Android. One app by Google to let people admin their custom Apps domains will open a URL with an embedded webview, if asked. So then perhaps the embedded web view can be used to exfiltrate files from the Admin app. But are there any sensitive files there to be stolen? The advisory does not say, so I expect the answer is "no".
Well, any OS that lets apps talk to each other can have this sort of issue - it's like blaming Windows for a bug in Firefox. Makes no sense. Probably good for getting attention though.
There are people happily using Java with 300 gigabyte heaps. Look at the Azul Zing JVM for examples of this. Also: they're using it in ultra-low latency financial trading apps. Just because you haven't seen this sort of thing personally doesn't mean it never happens.
Performance is complicated. There are lots of cases where a Java program is just as fast as a C++ program or even faster. PIC-optimisable virtual method dispatch in a tight loop is one example of where Java/JVM stuff has stomped C++ for many years, with devirtualisation optimisations only appearing very recently in GCC stuff it seems. HotSpot is an excellent compiler and can do a lot of interesting things.
Moreover, it's not like for any program there's a choice of Java or C. Many developers use languages like Ruby or Python. It turns out that there's an advanced research JVM which allows you to co-compile Ruby and the C source code of Ruby/MRI extensions together with performance that's radically faster than the original code.
But mostly, people use Java because the performance is good enough, and the benefits over the C/C++ ecosystem are big. For instance, you get reliable debuggers, stack traces that are never corrupted, no manual memory management, ultra-fast compiles, a huge and standarised package repositories/dependency management system, high quality profiling tools, lots of libraries etc.
I don't doubt your experience but it has nothing to do with AOT compiled vs JIT compiled. Applets that stop working on newer JVMs are probably relying on bugs in earlier versions. This can happen any time there is dynamic linking. Every time I upgrade MacOS X some apps I use stop working properly, even though they're all compiled. Apple just isn't very good at backwards compatibility.
It was not "pretty amazing". I have written J2ME apps. It was a disaster zone, mostly for policy not technical reasons.
Problem one: its conformance testing was crap and the licensing for the upstream implementation was expensive. So, guess what, phone OEMs made their own. And did it badly. EVERY J2ME phone was full of bugs, often incredibly basic and obvious bugs like camera APIs that leaked every image taken (take three photos in a row->OutOfMemoryError), or drawing APIs that crashed the device if you tried to draw a bitmap to negative coordinates (correct behaviour is to clip).
This meant that in practice you had to test every version of the app on every device, because bugs were so common.
Problem two: it was tiny. Almost every API was optional, and Java has no good support for on the fly adaptation to missing APIs. So apps ended up needing a C style macro pre-processor to customise the app for every combination of bugs and missing features. You think Android is fragmented? I rofl in the face of Android fragmentation, because I've seen J2ME's equivalent.
Problem three: the CLDC VM was unbelievably sluggish, even compared to the early Dalviks.
Problem four: many APIs were protected by a code signing requirement that was painful to meet and often very expensive for no good reason. Forget about writing free hobby apps.
Problem five: no app store. Every carrier ran its own, and if you wanted distribution ....... yup. They wanted money. Often, meetings and contracts too. Just forget it.