No the point and the "Whoosh" was that the Cracker post that started this thread was an intentional joke...at least to anybody older than 40.
We had this discussion 25 to 30 years ago and tried to get the media to stop using "Hacker" when they meant "Cracker". It failed. They like the word. We're stuck.
In one fell swoop, people give away birth hospital (city), weight, height, and name. Just add mother's maiden name (usually already there in FB) and hunt around for dog on their profile, and you've everything you need to file a social security number request before the kid is even 15 minutes old.
And yes, it has been done (though not using facebook-originated data).
it still takes a complete and total rewrite to get there. most corporations don't have the money to afford that, esp for a service that was generally free (like the friv game platform).
We're hitting the same issue, where the schools are currently dependent on learning games written in flash. Also my kid's favorite "safe" game platform is Friv, and they run on flash as well.
Then there's the entire kids programming language Scratch from MIT, which still does not have a non-flash version online (a download, yeah, but it uses adobe air I think, so there we go - still has a flash-based runtime).
So there's still work to go to get rid of it, and unfortunately these types of sites don't have the financial resources to go and rewrite everything they have, as opposed to some huge corporate website that just needed to replace their splash screen with something less obnoxious.
the solution to the issue of exFAT may be to set up your own Kodi or Plex (and there are others, possibly without subscription fees) server elsewhere in your home, preferably on the wire instead of the wifi, and have that box host the removable media.
of course, again that's costing more than just replacing that card. but the long term effects, like having your collection available to you when not at home, may be worth it.
That's if you have a large collection of home media, of course.
The postal service's losses are due to a ridiculous stupid law, created solely to allow the government to eliminate the USPS. Congress imposed a rule that the USPS must pre-pay some 75 years of retirement pensions, something no other corporation on the planet has had to do. If they didn't have to make those payments on such a large scale, they would be in the black every year, by a significant amount.
But the Republicans in Congress want to destroy everything the federal government does, and this was their way of destroying the USPS without breaking the Constitution.
and with no stake of 'ownership' of the material posted here or commented here. There's a difference when one has a personal feeling of 'ownership' of the material, in this case, the files uploaded that are totally legal possessions from their original sources (cd, purchases, whatever), and a need to access those files again later.
Nobody really goes back to/. with the intention of going "hey, i want that post I made on June 13th, 2006".
not a good option if you have a lot of live and alternate versions of songs. Some bands release a lot of legal soundboard recordings (King Crimson, Marillion) and a matching service simply doesn't react well when those songs are uploaded.
plex subsonic emby even the somewhat old music player daemon
there are others. some are totally free but low support of apps and platforms. others cost for app support. I personally use plex and subsonic, and have written the FireOS (tv/stick) app for subsonic.
most rely on the fact that external USB hard drives are cheap these days. which they are. a $100 2-T drive from Costco can hold pretty much any mp3 collection (gets stickier if you're a flac fan), and between that and a low per-year cost, YOUR music is always YOUR'S to play or share with friends and family.
1) you shouldn't be showing ANY code samples from a current job (unless it is open-source licensed). that stuff is proprietary and for many companies, HIGHLY confidential. It leaks copyright, and possibly potential patentable materials. In most big companies, that's grounds for more than just getting fired, but getting sued, too.
2) this is why you should be doing your own "home" projects. make an app, a back-end, a docker instance, anything, that you can share that is yours...especially if you open-source license it. show you can support and maintain a project. be able to talk about areas you did first time that you updated and refactored into something better (so you can demonstrate refactoring knowledge, as well as code structure).
indeed. biggest problem i have with android app support is scrolling. they don't respond to mouse wheel or two-finger on the touchpad, so half of the apps (like email clients) are useless.
my only issue with Scratch is 2 part. 1) the resultant source files are binary so they can't read them (yes, i accept that the sprites need to be binary, but one could base64 that or something), and 2) it remains dependent on Flash. time to just put that crap away, but as a school project, it doesn't have the resources to do such a migration.
Agreed - it would be just as likely as an app store like Apple or Google Play, or Microsoft's Windows 10 store, or Amazon apps (but keep reading). The *account* was what was compromised, not the app. When the account was compromised, the app could be modified.
At the heart of it is that Chrome's web store doesn't do safety-checking on extensions and apps for malicious content. You want to publish, it publishes. Instant. Done. Everybody gets the hacked version and everybody is at risk.
Chrome needs to do what Amazon does and at least have automatic reviews on things. Amazon in particular for their app store runs visual checks for some level of usability compliance, and programs automated tests. It takes me 6 hours between submission and publication for my app, but the security of my users is more assured.
"Indeed, the examiner considered only patents and patent applications."
This article could have been written 15 to 20 years ago, word for word except the details of the patent itself. The PTO ONLY looks at their own database. The basic requirements of checking for preexisting art, obviousness, etc, just beyond them. That's not their job. 1) they're not paid enough, 2) the PTO is "in the business of selling patents", according to a former head.
Look at it this way: if you pass a patent, you're done. You don't need to deal with it anymore. It is up to the courts and lawyers to argue about obviousness and preexisting and all that crap and you don't have to deal with it.
However, if you fail a patent, YOU have to appear before the company's appeal to defend why you rejected it.
The incentive is to pass it and go home and not care. Until that changes, or until software patents are invalidated universally, this status quo will remain as it has for the entire history of/. posting about it.
Nothing has changed since I first signed on almost 20 years ago.
The problem with Electron, and PhoneGap/Cordova, is adding all that weight. Yeah, I can package my app in those two services and get it to work and be deployed in web stores and app stores...but then I'm bundling in it a bunch of stuff that the browser already has done for me.
The problem with Chrome apps is that we had all these nice HTML5 standard features (local storage, history which is html-*3*) and threw them away and made you use proprietary APIs. That made for UNportable code (the hackery I had to do to get my app to work as a Chrome app AND a Fire TV/Stick html5 app...painful). Had Chrome apps just used the html standards, they probably would not have felt the pinch of developers going "I'm not doing this" in the first place, and the webstore as a place to 'purchase' webapps, as a means to having them vetted and validated by an independent entity and a way to search for a web app as a service, would still be alive today.
The heart of is that people want an "app" experience on a phone/tablet. You could say it is just a browser page, but it isn't. They don't like running shit in browsers. Browsers are for reading crap that apps redirect them to. They aren't for, say, music players, video players, or games.
Yet html5/javascript can do all that.
PWA, through the manifest, is a way to package the html5 application so that it doesn't need the heavyweight crap that a Cordova/PhoneGap packaged app carries. You like this app? Add it to your homescreen. Great, now it will act independently of a browser tab, use full-frame so you don't see the address bar (the ugliest part of the browser experience and the most wasted space), and just like a real app with its background services (something ALL apps have the ability to add, things you're VERY used to like Facebook notifications, email notifications, twitter notifications), it can do polls against a server and let you know stuff, and a click on that will bring up the app. JUST LIKE Facebook, Twitter, Email.
From a development perspective, it takes all of the platform specific bullshit out. I get to write a service worker in javascript that will run on every hardware platform because javascript is what it is, and my clients will have the same experience. That's even IF you want a service worker and have a need for that.
For one app I maintain, a basic music client for Subsonic, I don't even need that. All I need is the manifest file to be respected so that when launched from the homescreen, it takes over full-screen instead of being treated like a browser tab (hello firefox, fix that crap), because NOBODY likes a music player that sits in a browser.
THAT is what PWAs give you: the ability to write your application code, including its background processes, in javascript, to standard APIs.
Treating "push notifications" as if their only purpose was to shove advertising in your face is totally ignoring the very experience of notifications in apps you have been living with since the invention of the iphone in the first damn place.
Vetting, as this article describes it, is verifying that the site asking for the cert is not intending to use it for nefarious purposes. Its lying about how CAs work in order to direct people to the pay services and away from LetsEncrypt.
Follow the money: he's using FUD tactics to direct people to pay services by saying that you can't trust the sites that use the free service, in order to try to get the vendors to stop accepting those certs.
But that's different from anybody throwing out a cert on a site claiming to be what it isn't because they hijacked the domain (briefly) but don't have proof of ownership necessary to get a CA to give them a valid cert for it.
Either you encourage encryption everywhere and make it easy to get a cert, or you stop nagging people every time they go to a plain http site and say http is just fine.
Pick one.
HTTPS is meant to ensure that your communications are secure. They can help protect you from hitting a site that isn't what it claims to be.
But issuing certs is not some magical means of "vetting" ANYTHING. The very idea is absurd. Anybody should be able to buy and get signed a cert for a site they own. It isn't anybody's job to ask them if they plan to use it for illegal purposes or not. They are not the government police and asking them, expecting them to be, is asking for trouble.
Slashdot Mirror
No the point and the "Whoosh" was that the Cracker post that started this thread was an intentional joke...at least to anybody older than 40.
We had this discussion 25 to 30 years ago and tried to get the media to stop using "Hacker" when they meant "Cracker". It failed. They like the word. We're stuck.
In one fell swoop, people give away birth hospital (city), weight, height, and name. Just add mother's maiden name (usually already there in FB) and hunt around for dog on their profile, and you've everything you need to file a social security number request before the kid is even 15 minutes old.
And yes, it has been done (though not using facebook-originated data).
it still takes a complete and total rewrite to get there. most corporations don't have the money to afford that, esp for a service that was generally free (like the friv game platform).
We're hitting the same issue, where the schools are currently dependent on learning games written in flash. Also my kid's favorite "safe" game platform is Friv, and they run on flash as well.
Then there's the entire kids programming language Scratch from MIT, which still does not have a non-flash version online (a download, yeah, but it uses adobe air I think, so there we go - still has a flash-based runtime).
So there's still work to go to get rid of it, and unfortunately these types of sites don't have the financial resources to go and rewrite everything they have, as opposed to some huge corporate website that just needed to replace their splash screen with something less obnoxious.
...to prove that climate change is real. someday people will listen, when it is too late.
the solution to the issue of exFAT may be to set up your own Kodi or Plex (and there are others, possibly without subscription fees) server elsewhere in your home, preferably on the wire instead of the wifi, and have that box host the removable media.
of course, again that's costing more than just replacing that card. but the long term effects, like having your collection available to you when not at home, may be worth it.
That's if you have a large collection of home media, of course.
if you want video games, don't go for an android-based box. streaming tv and music is 'easy'. being a fast and efficient gaming box is harder.
If gaming is your primary need, get a gaming box that supports streaming apps, not a streaming device that has a few games on it.
When Chrome is running, Windows continues to run background processes like system updates.
When Edge is running instead, I noticed the CPU and network usage of those background processes to drop to near 0.
This is the exact same type of b.s. that got them sued by the DOJ 23 years ago.
The postal service's losses are due to a ridiculous stupid law, created solely to allow the government to eliminate the USPS. Congress imposed a rule that the USPS must pre-pay some 75 years of retirement pensions, something no other corporation on the planet has had to do. If they didn't have to make those payments on such a large scale, they would be in the black every year, by a significant amount.
But the Republicans in Congress want to destroy everything the federal government does, and this was their way of destroying the USPS without breaking the Constitution.
and with no stake of 'ownership' of the material posted here or commented here. There's a difference when one has a personal feeling of 'ownership' of the material, in this case, the files uploaded that are totally legal possessions from their original sources (cd, purchases, whatever), and a need to access those files again later.
Nobody really goes back to /. with the intention of going "hey, i want that post I made on June 13th, 2006".
apples-oranges.
not a good option if you have a lot of live and alternate versions of songs. Some bands release a lot of legal soundboard recordings (King Crimson, Marillion) and a matching service simply doesn't react well when those songs are uploaded.
home-hosting your own cloud server. some options:
plex
subsonic
emby
even the somewhat old music player daemon
there are others. some are totally free but low support of apps and platforms. others cost for app support. I personally use plex and subsonic, and have written the FireOS (tv/stick) app for subsonic.
most rely on the fact that external USB hard drives are cheap these days. which they are. a $100 2-T drive from Costco can hold pretty much any mp3 collection (gets stickier if you're a flac fan), and between that and a low per-year cost, YOUR music is always YOUR'S to play or share with friends and family.
CPU time and network time should be better spent on the really important stuff that computers are supposed to do: check for app and o/s updates.
1) you shouldn't be showing ANY code samples from a current job (unless it is open-source licensed). that stuff is proprietary and for many companies, HIGHLY confidential. It leaks copyright, and possibly potential patentable materials. In most big companies, that's grounds for more than just getting fired, but getting sued, too.
2) this is why you should be doing your own "home" projects. make an app, a back-end, a docker instance, anything, that you can share that is yours...especially if you open-source license it. show you can support and maintain a project. be able to talk about areas you did first time that you updated and refactored into something better (so you can demonstrate refactoring knowledge, as well as code structure).
indeed. biggest problem i have with android app support is scrolling. they don't respond to mouse wheel or two-finger on the touchpad, so half of the apps (like email clients) are useless.
indeed. and based on the # of entries that came down the RSS feed, they had to fix it twice.
seriously, I expect better.
my only issue with Scratch is 2 part. 1) the resultant source files are binary so they can't read them (yes, i accept that the sprites need to be binary, but one could base64 that or something), and 2) it remains dependent on Flash. time to just put that crap away, but as a school project, it doesn't have the resources to do such a migration.
Agreed - it would be just as likely as an app store like Apple or Google Play, or Microsoft's Windows 10 store, or Amazon apps (but keep reading). The *account* was what was compromised, not the app. When the account was compromised, the app could be modified.
At the heart of it is that Chrome's web store doesn't do safety-checking on extensions and apps for malicious content. You want to publish, it publishes. Instant. Done. Everybody gets the hacked version and everybody is at risk.
Chrome needs to do what Amazon does and at least have automatic reviews on things. Amazon in particular for their app store runs visual checks for some level of usability compliance, and programs automated tests. It takes me 6 hours between submission and publication for my app, but the security of my users is more assured.
oh, but then you're asking Apple users to run Javascript.
As we saw from the post on PWAs last week, that's like asking Disney to give up its Copyrights.
"Indeed, the examiner considered only patents and patent applications."
This article could have been written 15 to 20 years ago, word for word except the details of the patent itself. The PTO ONLY looks at their own database. The basic requirements of checking for preexisting art, obviousness, etc, just beyond them. That's not their job. 1) they're not paid enough, 2) the PTO is "in the business of selling patents", according to a former head.
Look at it this way: if you pass a patent, you're done. You don't need to deal with it anymore. It is up to the courts and lawyers to argue about obviousness and preexisting and all that crap and you don't have to deal with it.
However, if you fail a patent, YOU have to appear before the company's appeal to defend why you rejected it.
The incentive is to pass it and go home and not care. Until that changes, or until software patents are invalidated universally, this status quo will remain as it has for the entire history of /. posting about it.
Nothing has changed since I first signed on almost 20 years ago.
The problem with Electron, and PhoneGap/Cordova, is adding all that weight. Yeah, I can package my app in those two services and get it to work and be deployed in web stores and app stores...but then I'm bundling in it a bunch of stuff that the browser already has done for me.
The problem with Chrome apps is that we had all these nice HTML5 standard features (local storage, history which is html-*3*) and threw them away and made you use proprietary APIs. That made for UNportable code (the hackery I had to do to get my app to work as a Chrome app AND a Fire TV/Stick html5 app...painful). Had Chrome apps just used the html standards, they probably would not have felt the pinch of developers going "I'm not doing this" in the first place, and the webstore as a place to 'purchase' webapps, as a means to having them vetted and validated by an independent entity and a way to search for a web app as a service, would still be alive today.
A LOT more.
The heart of is that people want an "app" experience on a phone/tablet. You could say it is just a browser page, but it isn't. They don't like running shit in browsers. Browsers are for reading crap that apps redirect them to. They aren't for, say, music players, video players, or games.
Yet html5/javascript can do all that.
PWA, through the manifest, is a way to package the html5 application so that it doesn't need the heavyweight crap that a Cordova/PhoneGap packaged app carries. You like this app? Add it to your homescreen. Great, now it will act independently of a browser tab, use full-frame so you don't see the address bar (the ugliest part of the browser experience and the most wasted space), and just like a real app with its background services (something ALL apps have the ability to add, things you're VERY used to like Facebook notifications, email notifications, twitter notifications), it can do polls against a server and let you know stuff, and a click on that will bring up the app. JUST LIKE Facebook, Twitter, Email.
From a development perspective, it takes all of the platform specific bullshit out. I get to write a service worker in javascript that will run on every hardware platform because javascript is what it is, and my clients will have the same experience. That's even IF you want a service worker and have a need for that.
For one app I maintain, a basic music client for Subsonic, I don't even need that. All I need is the manifest file to be respected so that when launched from the homescreen, it takes over full-screen instead of being treated like a browser tab (hello firefox, fix that crap), because NOBODY likes a music player that sits in a browser.
THAT is what PWAs give you: the ability to write your application code, including its background processes, in javascript, to standard APIs.
Treating "push notifications" as if their only purpose was to shove advertising in your face is totally ignoring the very experience of notifications in apps you have been living with since the invention of the iphone in the first damn place.
Vetting, as this article describes it, is verifying that the site asking for the cert is not intending to use it for nefarious purposes. Its lying about how CAs work in order to direct people to the pay services and away from LetsEncrypt.
Follow the money: he's using FUD tactics to direct people to pay services by saying that you can't trust the sites that use the free service, in order to try to get the vendors to stop accepting those certs.
But that's different from anybody throwing out a cert on a site claiming to be what it isn't because they hijacked the domain (briefly) but don't have proof of ownership necessary to get a CA to give them a valid cert for it.
Either you encourage encryption everywhere and make it easy to get a cert, or you stop nagging people every time they go to a plain http site and say http is just fine.
Pick one.
HTTPS is meant to ensure that your communications are secure. They can help protect you from hitting a site that isn't what it claims to be.
But issuing certs is not some magical means of "vetting" ANYTHING. The very idea is absurd. Anybody should be able to buy and get signed a cert for a site they own. It isn't anybody's job to ask them if they plan to use it for illegal purposes or not. They are not the government police and asking them, expecting them to be, is asking for trouble.