I too noticed that the option for blocking 3rd-party cookies was gone. I can't find any mention of this in the release notes. Are you sure they haven't changed the default to block 3rd party cookies? Has somebody tested this?
> limit the session to the IP-address of the visiting user.
This would be an excellent idea, except in most cases you can't do this, because many large ISPs (AOL, for one) send their web requests through a number of load-balanced proxies, so a user's IP can and does change between requests.
I've noticed that some sites try to mitigate possible XSS attacks by not accepting even a current, valid session cookie for certain sensitive requests, like viewing credit card information or changing a password. For those sites, you will be logged in, and then the moment you click a link to view account information or something, you're prompted to enter your password again.
What you're describing is just the way online messaging works. People do other things while they talk to you. Get over it. If you had a problem with your girlfriend sitting on the computer and ignoring you while you two were together, I would sympathize. But right now, I'm sympathizing with her for having such a needy boyfriend.
The type of unemployment you're talking about is called cyclical unemployment, and from a macroeconomic standpoint, it represents unused capital that COULD be producing GDP, but isn't. So having that little bit of unemployment actually stunts the growth of the economy.
But, you're right: we DO want that little bit of cyclical unemployment, and the reason we want it is so the economy doesn't grow too fast. With full employment, inflation would be out of control, and we'd set ourselves up for a dramatic downward correction (read: depression). So, in order to smooth out the rollercoaster cycles of economic activity, a little bit of unemployment is desired.
Hmm. I drive about 20k miles per year, which I'm not saying is a lot, but it's plenty of driving. In all those miles and years, I've never been "bitched out" by any other driver.
But, if you say you're the best driver in your town, I certainly believe you.
The problem with this stems from the fact that not everyone assigns the same value to content.
Tell me, how is this different from ANYTHING ELSE we pay for in this society? Everyone assigns different values to everything. This is why some people balk at the cost of name-brand items in the grocery store and reach for the store brands, while others don't even think about it. Not only that, but some people are not able to pay what they think it is worth. I would love to have a ferrari, and I think it is definately worth the $100k they are charging. Will I pay it? Of course not, I don't have that kind of money.
> So how exactly do you tell someone that
> their server/network/etc has security problems
> without opening yourself up for nasty things?
I don't think you can. I had a friend in high school who was suspended for the same reason. He pointed out a security flaw that someone (not him) later exploited.
My advice, unless you're being paid to audit someone's security, don't bother. It isn't worth it.
I can't tell you how many times I noticed unintentional open shares on a friend's computer, and when I informed them of the error, they respond: "So? Who cares about my data? Why would anyone want to hack little old me?" Perhaps if this software becomes popular, it will teach people that they are at risk.
On the other side of the issue, it is true that at most college dorms, open shares are the preferred way to trade files between buds on the same floor. This software will be very useful!
Over the years many people have in one way or another capitalized on the captive audience that is public school students (Has anyone heard of Jostens? At most Southern California schools they are the only people you are allowed to buy your graduation cap and gown from, not to mention a host of other products, because they all must match) and it's nice to hear at least one company has been forced to back down.
Obviously I think we should be able to use our DSL lines to host as many PCs as we want up to the bandwidth cap, that's simply our choice.
The ISP is counting on the fact that you won't use all your bandwidth, and although you might think that it is unfair to stop people from doing so, it isn't unfair, it makes sense. Here's why:
Think of the bandwidth of a typical DSL. Think if every single one of that ISP's customers was using 100% of that bandwidth at all times. How much bandwidth would that ISP need to have to their upstream provider to cover that? An OC-12? Several OC-12s? That gets expensive. I don't know exactly how it works over in Korea, but in the US, ISPs have to pay $30 out of your $49 a month to the phone company.. that means they're only making $20 on you! That is not nearly enough to cover the kind of connections they would need to have if everyone utilized 100% of their DSL!
The other alternative, other than banning the sharing of the line (btw, as someone pointed out earlier, the problem they have is not with people sharing a few PCs for their family, but rather, neighbors sharing connections. And I could definately see that chewing up bandwidth) is to make it more expensive so the ISP can cover their costs. But, since most people will not use all that bandwidth, it would be unfair to charge them for it! So the "personal use" rate is actually a discount! And what is unfair here is not the ISP limiting your bandwidth, but rather the folks who pay the discounted rate yet chew up bandwidth and slow down the connections of the ISP's other customers. Most ISPs don't mind if you have a reason to use more bandwidth, but they will (rightly) charge more for you to do so.
Josh Hinman
PS: I work for an ISP which recently got out of the DSL business because it just wasn't profitable, for the reasons mentioned above.
Then they tried again, and again, and again. Each time, AOL blocked them. They've proven that they can tell the difference between clones and their official client. I don't know why AOL doesn't do the same thing to the linux clones. But don't say Microsoft hasn't tried, because they have.
> Here in Toronto, rather than be held for days with a huge bond, the cops just take you to the boonies, beat you up, and take your shoes
..
That happened to my friend here in Chicago, Illinois. He got drunk out at Navy Pier and they picked him up, took him down to the south side (where the gang activity is at a maximum), took his wallet, and left him there. He was able to panhandle for the $1.50 it costs to ride the "L" train back home, and actually a good laugh was had by all.....
What I think is most disturbing about this mess is that this amounts to extortion. Motorola supplies a lot of merchandise and people love to buy their stuff. That's a lot of power they yield, and this just shows what they're willing to do with it.
And you think Motorola's big? I'm sure you all know of the anticompetive mess that Microsoft has pulled. And what about the music companies? Do you think artists would stand for that industry's BS if they had a choice? These big companies have enough power to do what they want.
I am really torn by this issue. I like capitalism, I think if a company manages to carve themselves a significant share of the market, they probably did so by creating a product that we the consumer needed, and benefitted from, and the company deserves to reap the rewards. Even Microsoft started out by supplying IBM with what they needed to (help) start a PC revolution (I suppose IBM could have grabben an OS anywhere, but they didn't, they got it from Bill, and you have to acknowledge that IBM's creation was beneficial to the industry no matter what you think of IBM or MSoft) However, that's just how they start out.. when a corporation gets big enough, they no longer have to worry just about creating a needed and/or superior product, and they can use other tactics to maintain marketshare, tactics that aren't so helpful to the consumer.
But where is the line? how big is too big? What qualifies as a consumer unfriendly tactic? Who should decide this? Laws? Watchdog groups? I don't have these answers. But it is clear that there is a definate problem, and it scares me to think about it.
Someone in a slashdot comment once suggested this idea, and I still like it a lot. There should be no predetermined set of TLDs. Instead, when you register a domain, you register the TLD to go with it, which can be anything you choose. Imagine this, the way it works now, a squatter can register ford.com, ford.net and ford.org, and Ford would be stuck.. Under this plan, they would have alternatives to register, like ford.cars, ford.autos, ford.motorcompany, ford.ford,.. the list goes on. the idea is, it would be difficult, if not impossible for squatters to register every combination of every english word (and it would be required to register a TLD with a 2LD, so ford.* in one registration is not allowed).
There are a few ways this could be set up, The root servers could be set up so that all TLDs that start with A point to a certain one, B to another one, and so forth.
Slashdot Mirror
That is the first time I've EVER seen "begged the question" used properly on Slashdot. You get a gold star for the day!
Sweet tooth...aftertaste...force fed...diet
I think I'm going into metaphor overload.
I too noticed that the option for blocking 3rd-party cookies was gone. I can't find any mention of this in the release notes. Are you sure they haven't changed the default to block 3rd party cookies? Has somebody tested this?
Am I the only person who found this lawyer to be extremely condescending (and not very informative)?
> limit the session to the IP-address of the visiting user.
This would be an excellent idea, except in most cases you can't do this, because many large ISPs (AOL, for one) send their web requests through a number of load-balanced proxies, so a user's IP can and does change between requests.
I've noticed that some sites try to mitigate possible XSS attacks by not accepting even a current, valid session cookie for certain sensitive requests, like viewing credit card information or changing a password. For those sites, you will be logged in, and then the moment you click a link to view account information or something, you're prompted to enter your password again.
What you're describing is just the way online messaging works. People do other things while they talk to you. Get over it. If you had a problem with your girlfriend sitting on the computer and ignoring you while you two were together, I would sympathize. But right now, I'm sympathizing with her for having such a needy boyfriend.
First rule of business: Don't be irreplaceable. If you can't be replaced, you can't be promoted!
...or go on extended vacation. I'm currently in the process of training another programmer to be my backup so I can take a few weeks off.
The type of unemployment you're talking about is called cyclical unemployment, and from a macroeconomic standpoint, it represents unused capital that COULD be producing GDP, but isn't. So having that little bit of unemployment actually stunts the growth of the economy.
But, you're right: we DO want that little bit of cyclical unemployment, and the reason we want it is so the economy doesn't grow too fast. With full employment, inflation would be out of control, and we'd set ourselves up for a dramatic downward correction (read: depression). So, in order to smooth out the rollercoaster cycles of economic activity, a little bit of unemployment is desired.
Last night on "24"...And people wonder why I don't watch television. Sad..just sad.
Obviously, you do watch television.
Hmm. I drive about 20k miles per year, which I'm not saying is a lot, but it's plenty of driving. In all those miles and years, I've never been "bitched out" by any other driver.
But, if you say you're the best driver in your town, I certainly believe you.
You must have a Nextel
They may not be ethical, but the insurance business is a lot more competitive than the music industry.
I don't know about you, but I don't listen to my music on a spectrum analyser.
Oh, you mean like the space elevator?
A link to an article might have been nice.
Tell me, how is this different from ANYTHING ELSE we pay for in this society? Everyone assigns different values to everything. This is why some people balk at the cost of name-brand items in the grocery store and reach for the store brands, while others don't even think about it. Not only that, but some people are not able to pay what they think it is worth. I would love to have a ferrari, and I think it is definately worth the $100k they are charging. Will I pay it? Of course not, I don't have that kind of money.
Please. This is basic economics.
> their server/network/etc has security problems
> without opening yourself up for nasty things?
I don't think you can. I had a friend in high school who was suspended for the same reason. He pointed out a security flaw that someone (not him) later exploited.
My advice, unless you're being paid to audit someone's security, don't bother. It isn't worth it.
On the other side of the issue, it is true that at most college dorms, open shares are the preferred way to trade files between buds on the same floor. This software will be very useful!
Josh Hinman
Josh Hinman
Josh Hinman
The ISP is counting on the fact that you won't use all your bandwidth, and although you might think that it is unfair to stop people from doing so, it isn't unfair, it makes sense. Here's why:
Think of the bandwidth of a typical DSL. Think if every single one of that ISP's customers was using 100% of that bandwidth at all times. How much bandwidth would that ISP need to have to their upstream provider to cover that? An OC-12? Several OC-12s? That gets expensive. I don't know exactly how it works over in Korea, but in the US, ISPs have to pay $30 out of your $49 a month to the phone company.. that means they're only making $20 on you! That is not nearly enough to cover the kind of connections they would need to have if everyone utilized 100% of their DSL!
The other alternative, other than banning the sharing of the line (btw, as someone pointed out earlier, the problem they have is not with people sharing a few PCs for their family, but rather, neighbors sharing connections. And I could definately see that chewing up bandwidth) is to make it more expensive so the ISP can cover their costs. But, since most people will not use all that bandwidth, it would be unfair to charge them for it! So the "personal use" rate is actually a discount! And what is unfair here is not the ISP limiting your bandwidth, but rather the folks who pay the discounted rate yet chew up bandwidth and slow down the connections of the ISP's other customers. Most ISPs don't mind if you have a reason to use more bandwidth, but they will (rightly) charge more for you to do so.
Josh Hinman
PS: I work for an ISP which recently got out of the DSL business because it just wasn't profitable, for the reasons mentioned above.
They did make it work, but AOL foiled them.
Then they tried again, and again, and again. Each time, AOL blocked them. They've proven that they can tell the difference between clones and their official client. I don't know why AOL doesn't do the same thing to the linux clones. But don't say Microsoft hasn't tried, because they have.
> Here in Toronto, rather than be held for days with a huge bond, the cops just take you to the boonies, beat you up, and take your shoes
..
That happened to my friend here in Chicago, Illinois. He got drunk out at Navy Pier and they picked him up, took him down to the south side (where the gang activity is at a maximum), took his wallet, and left him there. He was able to panhandle for the $1.50 it costs to ride the "L" train back home, and actually a good laugh was had by all.....
Our cops are so crooked it's not even funny.
What I think is most disturbing about this mess is that this amounts to extortion. Motorola supplies a lot of merchandise and people love to buy their stuff. That's a lot of power they yield, and this just shows what they're willing to do with it.
And you think Motorola's big? I'm sure you all know of the anticompetive mess that Microsoft has pulled. And what about the music companies? Do you think artists would stand for that industry's BS if they had a choice? These big companies have enough power to do what they want.
I am really torn by this issue. I like capitalism, I think if a company manages to carve themselves a significant share of the market, they probably did so by creating a product that we the consumer needed, and benefitted from, and the company deserves to reap the rewards. Even Microsoft started out by supplying IBM with what they needed to (help) start a PC revolution (I suppose IBM could have grabben an OS anywhere, but they didn't, they got it from Bill, and you have to acknowledge that IBM's creation was beneficial to the industry no matter what you think of IBM or MSoft) However, that's just how they start out.. when a corporation gets big enough, they no longer have to worry just about creating a needed and/or superior product, and they can use other tactics to maintain marketshare, tactics that aren't so helpful to the consumer.
But where is the line? how big is too big? What qualifies as a consumer unfriendly tactic? Who should decide this? Laws? Watchdog groups? I don't have these answers. But it is clear that there is a definate problem, and it scares me to think about it.
There are a few ways this could be set up, The root servers could be set up so that all TLDs that start with A point to a certain one, B to another one, and so forth.
just an idea.
Josh Hinman