Exactly. This reminds me of Internet Explorer deciding to set the "Do Not Track" header by default. If you put it on by default, nobody pays attention to it. The fact that it's on should mean that the user made a conscious decision to tell the website operators they do not want to be tracked. Similarly for ad blocking, the presence of an ad blocker should be a conscious decision made by the user. It means they actually are annoyed by the ads, and want to send a message to advertisers.
I very much agree with this. Web sites need to support themselves. I don't think the web would work quite as well if you had to pay a fee to every website you went to, even if it was a very small amount. As long as the ads don't move or make sounds, and don't try to cover up the content, then I don't really have a problem with them. I think that advertisers are shooting themselves in the foot. If there weren't so many terrible ads on the web, we wouldn't even be having this discussion right now.
I guess that the argument there is that they want you to be able to drive your car anywhere. There are no speed limits on some highways, although obviously safe driving laws are still in effect. There's also the fact that you could take your car to a race track where you are allowed to go whatever speed you want, and it's probably somewhat safe assuming you are properly trained and go at full speed on the correct part of the race track.
Even the 320 kbps version of Stairway to Heaven comes in at around 8 MB, so I'm not sure how you calculated that 5 songs in.mp3 format takes up 80 MB. It would probably be closer to about 20 regular songs.
Really, I try not to buy off sites that look too shady. But a lot of the foreign sites have really good deals, and also look shady. Here's the options:
A) Going to some shady website and entering your credit card info directly into the website where it is saved on their insecure servers forever.
or
B) Going to some shady website and being redirected to a site you can guarantee belongs to your credit card provider and verifying you identity there. And then they just hand off a payment token to the shady site. They can't use that payment token to make unauthorized charges.
This is why I basically always use PayPal unless it's a site that I'm very familiar with such as Amazon. There's no way I would enter my credit card number into a site like dx.com or aliexpress.
Sure, if I find an unauthorized transaction, I can always have it reversed. But that's also time consuming on my part to have to call up the credit card company and do so. I shouldn't have to worry about whether or not my credit card will work when I need it because the information was compromised and they cancelled it without my knowledge.
Having a system like I propose would actually allow people to safely make online purchases without the use of credit cards. The ubiquity of credit cards is putting people in debt. Sure there are ways to control it, but it's much easier to control it if you just never have to use a credit card in the first place.
I don't see it as a huge problem simply because this is not the biggest problem that online payment systems face. The big problem isn't people sniffing transactions over the wire. This almost never happens. What typically tends to happen is that somebody breaks into the actual system that houses all the sensitive information and steals the data directly. This is much more lucrative as you can steal thousands (or tens of thousands, or even more) of credit card numbers at the same time.
Until we get to the point where online retailers aren't storing this data (in 99% of cases they don't need to), there's little reason to complain about much smaller problems such as what encryption methods are being used.
We'd be much better off with a system where we didn't even have to send our credit card numbers to the online retailer. Ideally when paying for something online, you would be redirected to your banks (or the credit card issuers) web site with information on where to direct the money. After verifying you identity, a cryptographically signed message would be sent to the recipient site so they could verify the payment was successful. There is no reason for them to every see your account number or other vital information.
It doesn't have to. There are alternative options that provide much better service to a lot of users. For my cell phone in Canada, I'm on Wind Mobile. I get the use of my cell phone for less than half what I would pay if I was getting similar features from Rogers or Bell. The difference is that if I'm outside one of the major cities they serve, then I'm going to pay significant roaming fees. However, this isn't a problem because I almost never leave the city. And even when I do, I tend not to use my phone very much.
Most mobile plans have high prices in North America specifically because they've always gone with the idea that you can use it anywhere across the entire country without incurring any extra fees on your bill. But the vast majority of users very rarely use most of that network. I think that as things go forward, more and more users will realize this, and more and more companies will come in to fill this need. There's no reason I should have to pay high prices for a cellular tower in the middle of Saskatchewan to be maintained when I'm never going to use that cell tower. Give me cheap access in the high population density cities, and let the rural people fund their own expensive low density network.
That question is about 5 levels above the Fizz Buzz test, so I'm not surprised that you had so much trouble finding people who could pass your test. People who work with databases should definitely be able to answer that question, but it's also common enough to find people with computer science degrees who've never had to deal with a database in their life.
Most computer science degrees are only going to have a single course on databases, and it's probably easy enough that you can get through by kind of understanding how databases work just enough to pass the exam, and proceed to forget it all a couple weeks later. There are plenty of programming jobs out there that don't require databases. There's also plenty of programming jobs where everything has been blocked off, such that the only way to access the database is from a defined list of stored procedures. So it's completely believable that a very competent programmer might just have not had any exposure to databases and might struggle with a question like this. Just as some other people would have trouble answering questions dealing with something like how sorting algorithms work. Because the last time we had to do it was during some second year computer science course, and from that point on all we were concerned with was calling the correct function to get the job done.
I'm not sure about Postges, but the default install of MySQL will only listen on localhost. So you have to change your config file to even get it to respond from a remote computer. Then there's the account you're actually accessing it from. By default, the root account in MySQL is also only accessible from localhost. So that's 2 things you have to change simply to even allow a connection from a remote machine in MySQL.
I agree that there''s a bigger problem with people just wanting to "get the job done". Even those two steps only take about 20 minutes to figure out how to get around them and leave your root account accessible from the internet, even if you have no idea what you are doing. But shipping the database with such lack security is right up there with default passwords on home routers and other such problems. Stuff like this just shouldn't happen. Even if the security can be easily disabled by a determined user, it shouldn't be insecure by default. That way, if they have an insecure setup, at least it's because of something they actively went out and did themselves.
If all your hobbies can be completed in the car, then you are right. But what if you'd rather spend your time doing something more active like playing a game of basketball. You now have 30 minutes less in your day in which you can enjoy your chosen activity. Maybe it's alright with you to sit in a car for 1.5 hours every day, but I'd rather not be sitting in a car for any longer than necessary.
How are laws like this even legal? I doubt that even a single representative who voted on this bill read the entire bill. With a 2000 page bill, that is probably changing until minutes before it hits the house floor, there is no way that anybody could possibly know what's in it. They should keep the laws short and simple so that both the representatives and citizens can actually understand what the law means.
I've been running firefox continuously on my development machine since early september. It's still only using 400 MB of RAM. I'm pretty sure that firefox using a lot of memory is due to some extension or plug-in that people are using. Because I've never seen Firefox using 2 GB of memory when I was running plain old Firefox without any extensions.
Uber is very interested in self driving cars. They know what the end game is. Having human drivers is just a stop gap step in getting their foot in the door in the taxi industry. The same way that Netflix used DVD delivery by mail to jump start their online streaming services, Uber is definitely thinking about the next step that they are going to be taking.
But we already have laws stating what employers can and cannot do to employees. We have laws detailing how long a shift can be and how long you must have off between shifts. We have laws about what kind of breaks you have to have during your shift. We have laws about the employer not being able to discriminate pay rates or hiring practices based on things like gender or ethnicity. There are laws about minimum wages.
Unions were very good at one point in history when corporations were actually abusing their employees. Now that there are ample laws in place protecting employees, unions have become less necessary. They seem to have the opposite effect that they once had. They continue to push for higher and higher wages, and more benefits, until it becomes financially irresponsible to the shareholders to continue to pay those rates, when they know that there are cheaper workers who will do the job in other countries.
There already a is a way to do this. I'm pretty sure it's been available for quite a long time. Although I don't know why autoplay is on by default. Same goes for Youtube. Their's is even worse, as I can't find a way to disable it permanently. You can disable it for a session, but if you leave and come back the next day, then the setting is back on again.
How else do you expect internet providers to limit people from using up all the available bandwidth? Even with a relatively slow connection of 5 Mbit/s, you could pull down 1.6 Terabytes every month if you left your connection running 24/7. And a 5 Mbit connection is probably slower than most people want in their homes. Because they want to be able to download a small number of things relatively quickly.
I'd much rather have a 100 Mbit connection that was limited to a certain number of gigabytes a month than have a 1 Mbit connection to ensure that I wasn't able to download more than my fair share in a month even if I maxed it out every second of the month.
I'll admit that 40 GB per month is pretty low, but there has to be limits on how much people will consume. Especially with more and more content being made available over the internet. Back when cable internet first came out, most ISPs didn't have bandwidth caps, simply because there wasn't enough content out there for most people to use an appreciable amount of bandwidth. Now with providers coming online with 4K video at 60 FPS, it starts to become a real concern and even the average person can use 500 GB per month without even trying. Having limits makes people think about how much of the limited resource they are using and budget accordingly.
I've seen people doing similar things during elections. Put up a sign from every party on their lawn, along with a sign that just says "please vote". It works especially well here in Canada because there's about 4 or 5 (depending on if you are in Quebec or not) that have a reasonable chance of at least getting 1 representative elected.
I'm surprised that they haven't made a database driver that requires you to use parameters for all queries. Basically the query should refuse to run and throw an exception if it finds a place where you provided a literal value instead of providing it via a parameter.
The entire idea of even having an "escape string" function is stupid because there will be places where people forget to use it. Especially when there are cases where you're not supposed to use it, such as when you have a variable that represents a number.
This is my main problem with the Raspberry Pi. It's very well suited to certain tasks. But there are many places where it falls behind even very old technology.
I had one that I wanted to use as to download my torrents. It turns out that downloading to the SD Card caused the thing to lock up because it was writing data faster than the device could handle it. I was able to get around this problem by writing to a USB stick. It no longer crashed, but there was still a bottleneck writing to disk, which caused the torrents to download significantly slower than they did on my desktop.
It wasn't even due to bad memory stick or SD card. It was similar SD card and memory sticks that I used on my tablet that allow full speed torrent downloads. But something about the architechture of the Raspberry Pi that caused any kind of extensive writing to the SD or USB to cause a CPU spike every few seconds.
These tiny ARM computers probably have enough CPU and RAM at this point to run as a desktop. But until they get proper interfaces for hooking up storage and networking, they won't be of much use to anybody.
My guess is they don't want to have to support Windows 7 and 8 any longer than they have to. Windows XP was supported until 2014, 7 years after it's predecessor was released. If they can a high enough percentage of people to migrate away from Windows 7/8, then they can stop supporting them faster. If 95% of people are no longer using the old OS, then it's much easier to say they are cutting off support for the old versions. If they make upgrades free going forward, they can support just the newest version, and still get licensing fees from new computers which are sold. They won't be able to make money from people paying for upgrades, but very few people paid for upgrades on old computers anyway.
That's a nice little story, but I don't believe it. Somebody else (child, significant other) must have done the upgrade for them when they were away. I have 10+ machines with Windows 7 and 8 on them that I manager (work and home), and none of them have installed Windows 10 unless I explicitly told them to. A good number of them are still running 7 or 8 because I've chosen not to upgrade those machines.
Slashdot Mirror
Exactly. This reminds me of Internet Explorer deciding to set the "Do Not Track" header by default. If you put it on by default, nobody pays attention to it. The fact that it's on should mean that the user made a conscious decision to tell the website operators they do not want to be tracked. Similarly for ad blocking, the presence of an ad blocker should be a conscious decision made by the user. It means they actually are annoyed by the ads, and want to send a message to advertisers.
I very much agree with this. Web sites need to support themselves. I don't think the web would work quite as well if you had to pay a fee to every website you went to, even if it was a very small amount. As long as the ads don't move or make sounds, and don't try to cover up the content, then I don't really have a problem with them. I think that advertisers are shooting themselves in the foot. If there weren't so many terrible ads on the web, we wouldn't even be having this discussion right now.
I guess that the argument there is that they want you to be able to drive your car anywhere. There are no speed limits on some highways, although obviously safe driving laws are still in effect. There's also the fact that you could take your car to a race track where you are allowed to go whatever speed you want, and it's probably somewhat safe assuming you are properly trained and go at full speed on the correct part of the race track.
I'm not familiar with the SYNC software, but if Android is anything to go by, I definitely don't want Google making the software for my car.
Even the 320 kbps version of Stairway to Heaven comes in at around 8 MB, so I'm not sure how you calculated that 5 songs in .mp3 format takes up 80 MB. It would probably be closer to about 20 regular songs.
Super Mario 64 only used 8 MB, and was way more advanced than SuperTux.
Really, I try not to buy off sites that look too shady. But a lot of the foreign sites have really good deals, and also look shady. Here's the options:
A) Going to some shady website and entering your credit card info directly into the website where it is saved on their insecure servers forever.
or
B) Going to some shady website and being redirected to a site you can guarantee belongs to your credit card provider and verifying you identity there. And then they just hand off a payment token to the shady site. They can't use that payment token to make unauthorized charges.
This is why I basically always use PayPal unless it's a site that I'm very familiar with such as Amazon. There's no way I would enter my credit card number into a site like dx.com or aliexpress.
Sure, if I find an unauthorized transaction, I can always have it reversed. But that's also time consuming on my part to have to call up the credit card company and do so. I shouldn't have to worry about whether or not my credit card will work when I need it because the information was compromised and they cancelled it without my knowledge.
Having a system like I propose would actually allow people to safely make online purchases without the use of credit cards. The ubiquity of credit cards is putting people in debt. Sure there are ways to control it, but it's much easier to control it if you just never have to use a credit card in the first place.
Why not just host email on a completely different system? There's very little reason to have email hosted on the same machines as your web server.
I don't see it as a huge problem simply because this is not the biggest problem that online payment systems face. The big problem isn't people sniffing transactions over the wire. This almost never happens. What typically tends to happen is that somebody breaks into the actual system that houses all the sensitive information and steals the data directly. This is much more lucrative as you can steal thousands (or tens of thousands, or even more) of credit card numbers at the same time.
Until we get to the point where online retailers aren't storing this data (in 99% of cases they don't need to), there's little reason to complain about much smaller problems such as what encryption methods are being used.
We'd be much better off with a system where we didn't even have to send our credit card numbers to the online retailer. Ideally when paying for something online, you would be redirected to your banks (or the credit card issuers) web site with information on where to direct the money. After verifying you identity, a cryptographically signed message would be sent to the recipient site so they could verify the payment was successful. There is no reason for them to every see your account number or other vital information.
It doesn't have to. There are alternative options that provide much better service to a lot of users. For my cell phone in Canada, I'm on Wind Mobile. I get the use of my cell phone for less than half what I would pay if I was getting similar features from Rogers or Bell. The difference is that if I'm outside one of the major cities they serve, then I'm going to pay significant roaming fees. However, this isn't a problem because I almost never leave the city. And even when I do, I tend not to use my phone very much.
Most mobile plans have high prices in North America specifically because they've always gone with the idea that you can use it anywhere across the entire country without incurring any extra fees on your bill. But the vast majority of users very rarely use most of that network. I think that as things go forward, more and more users will realize this, and more and more companies will come in to fill this need. There's no reason I should have to pay high prices for a cellular tower in the middle of Saskatchewan to be maintained when I'm never going to use that cell tower. Give me cheap access in the high population density cities, and let the rural people fund their own expensive low density network.
That question is about 5 levels above the Fizz Buzz test, so I'm not surprised that you had so much trouble finding people who could pass your test. People who work with databases should definitely be able to answer that question, but it's also common enough to find people with computer science degrees who've never had to deal with a database in their life.
Most computer science degrees are only going to have a single course on databases, and it's probably easy enough that you can get through by kind of understanding how databases work just enough to pass the exam, and proceed to forget it all a couple weeks later. There are plenty of programming jobs out there that don't require databases. There's also plenty of programming jobs where everything has been blocked off, such that the only way to access the database is from a defined list of stored procedures. So it's completely believable that a very competent programmer might just have not had any exposure to databases and might struggle with a question like this. Just as some other people would have trouble answering questions dealing with something like how sorting algorithms work. Because the last time we had to do it was during some second year computer science course, and from that point on all we were concerned with was calling the correct function to get the job done.
I'm not sure about Postges, but the default install of MySQL will only listen on localhost. So you have to change your config file to even get it to respond from a remote computer. Then there's the account you're actually accessing it from. By default, the root account in MySQL is also only accessible from localhost. So that's 2 things you have to change simply to even allow a connection from a remote machine in MySQL.
I agree that there''s a bigger problem with people just wanting to "get the job done". Even those two steps only take about 20 minutes to figure out how to get around them and leave your root account accessible from the internet, even if you have no idea what you are doing. But shipping the database with such lack security is right up there with default passwords on home routers and other such problems. Stuff like this just shouldn't happen. Even if the security can be easily disabled by a determined user, it shouldn't be insecure by default. That way, if they have an insecure setup, at least it's because of something they actively went out and did themselves.
If all your hobbies can be completed in the car, then you are right. But what if you'd rather spend your time doing something more active like playing a game of basketball. You now have 30 minutes less in your day in which you can enjoy your chosen activity. Maybe it's alright with you to sit in a car for 1.5 hours every day, but I'd rather not be sitting in a car for any longer than necessary.
How are laws like this even legal? I doubt that even a single representative who voted on this bill read the entire bill. With a 2000 page bill, that is probably changing until minutes before it hits the house floor, there is no way that anybody could possibly know what's in it. They should keep the laws short and simple so that both the representatives and citizens can actually understand what the law means.
I've been running firefox continuously on my development machine since early september. It's still only using 400 MB of RAM. I'm pretty sure that firefox using a lot of memory is due to some extension or plug-in that people are using. Because I've never seen Firefox using 2 GB of memory when I was running plain old Firefox without any extensions.
Uber is very interested in self driving cars. They know what the end game is. Having human drivers is just a stop gap step in getting their foot in the door in the taxi industry. The same way that Netflix used DVD delivery by mail to jump start their online streaming services, Uber is definitely thinking about the next step that they are going to be taking.
But we already have laws stating what employers can and cannot do to employees. We have laws detailing how long a shift can be and how long you must have off between shifts. We have laws about what kind of breaks you have to have during your shift. We have laws about the employer not being able to discriminate pay rates or hiring practices based on things like gender or ethnicity. There are laws about minimum wages.
Unions were very good at one point in history when corporations were actually abusing their employees. Now that there are ample laws in place protecting employees, unions have become less necessary. They seem to have the opposite effect that they once had. They continue to push for higher and higher wages, and more benefits, until it becomes financially irresponsible to the shareholders to continue to pay those rates, when they know that there are cheaper workers who will do the job in other countries.
There already a is a way to do this. I'm pretty sure it's been available for quite a long time. Although I don't know why autoplay is on by default. Same goes for Youtube. Their's is even worse, as I can't find a way to disable it permanently. You can disable it for a session, but if you leave and come back the next day, then the setting is back on again.
How else do you expect internet providers to limit people from using up all the available bandwidth? Even with a relatively slow connection of 5 Mbit/s, you could pull down 1.6 Terabytes every month if you left your connection running 24/7. And a 5 Mbit connection is probably slower than most people want in their homes. Because they want to be able to download a small number of things relatively quickly.
I'd much rather have a 100 Mbit connection that was limited to a certain number of gigabytes a month than have a 1 Mbit connection to ensure that I wasn't able to download more than my fair share in a month even if I maxed it out every second of the month.
I'll admit that 40 GB per month is pretty low, but there has to be limits on how much people will consume. Especially with more and more content being made available over the internet. Back when cable internet first came out, most ISPs didn't have bandwidth caps, simply because there wasn't enough content out there for most people to use an appreciable amount of bandwidth. Now with providers coming online with 4K video at 60 FPS, it starts to become a real concern and even the average person can use 500 GB per month without even trying. Having limits makes people think about how much of the limited resource they are using and budget accordingly.
I've seen people doing similar things during elections. Put up a sign from every party on their lawn, along with a sign that just says "please vote". It works especially well here in Canada because there's about 4 or 5 (depending on if you are in Quebec or not) that have a reasonable chance of at least getting 1 representative elected.
In case anybody is wondering M&A stands for Mergers and Acquisitions.
I'm surprised that they haven't made a database driver that requires you to use parameters for all queries. Basically the query should refuse to run and throw an exception if it finds a place where you provided a literal value instead of providing it via a parameter.
The entire idea of even having an "escape string" function is stupid because there will be places where people forget to use it. Especially when there are cases where you're not supposed to use it, such as when you have a variable that represents a number.
This is my main problem with the Raspberry Pi. It's very well suited to certain tasks. But there are many places where it falls behind even very old technology.
I had one that I wanted to use as to download my torrents. It turns out that downloading to the SD Card caused the thing to lock up because it was writing data faster than the device could handle it. I was able to get around this problem by writing to a USB stick. It no longer crashed, but there was still a bottleneck writing to disk, which caused the torrents to download significantly slower than they did on my desktop.
It wasn't even due to bad memory stick or SD card. It was similar SD card and memory sticks that I used on my tablet that allow full speed torrent downloads. But something about the architechture of the Raspberry Pi that caused any kind of extensive writing to the SD or USB to cause a CPU spike every few seconds.
These tiny ARM computers probably have enough CPU and RAM at this point to run as a desktop. But until they get proper interfaces for hooking up storage and networking, they won't be of much use to anybody.
My guess is they don't want to have to support Windows 7 and 8 any longer than they have to. Windows XP was supported until 2014, 7 years after it's predecessor was released. If they can a high enough percentage of people to migrate away from Windows 7/8, then they can stop supporting them faster. If 95% of people are no longer using the old OS, then it's much easier to say they are cutting off support for the old versions. If they make upgrades free going forward, they can support just the newest version, and still get licensing fees from new computers which are sold. They won't be able to make money from people paying for upgrades, but very few people paid for upgrades on old computers anyway.
That's a nice little story, but I don't believe it. Somebody else (child, significant other) must have done the upgrade for them when they were away. I have 10+ machines with Windows 7 and 8 on them that I manager (work and home), and none of them have installed Windows 10 unless I explicitly told them to. A good number of them are still running 7 or 8 because I've chosen not to upgrade those machines.