I think the noscript extension provides the best of both worlds.
Flash doesn't load at all unless I explicitly click it -- but for handfulls of websites where I want it to play, I can set noscript to whitelist those.
MBA's took over too fast at Yahoo after the founders took their money and ran...
Even a bit worse than that --- after they watched AOL buy Time Warner they wanted to emulate that they hired some Warner Brothers guy as their CEO who didn't know much about the internet.
And they never invest in the technologies they have. Consider all the times they aquired the leading company in a space --- only to *not* invest in it and kill it:
Broadcast.com - that Yahoo bought for ~$4 billion - was the leading audio/video site of its time, and could have been Youtube + Hulu + Netflix
Geocities.com - that Yahoo bought for ~3 billion - was the leading social network of its time - could have been MySpace+Facebook
Egroups - for a half a billion - another social network component.
del.icio.us - another social network component
Altavista as part of Overture - that Yahoo bought for i-forget-how-much - was the leading search engine of it's time - and yahoo doesn't even use them, preferring to pay competitors for search results.
MusicMatch - that coulda been Pandora.
And such irony that they *now* descide to focus on Search --- after having bought what was once the best search engine on the internet (AltaVista), yet have since then been paying competitors to do search for them.
LOL at how C++ gets new smart pointers every couple years.
It's like they're trolling their own users with their:
classes are kinda like structs, so you can use 'typedef struct... *' for classes and 'void *' for generic functions (Everything from CFront in 83 through ARM in 99)
no! 'void *' pointers are broken! use 'auto_ptr' instead (C++03)
no! 'auto_ptr' is broken! use 'shared_ptr' instead (C++07/TR1)
no! 'shared_ptr' is broken!(for most use cases) use
'boost::scoped_ptr' instead (non-standard, but more useful than the standard's shared_ptr)
no! 'boost::scoped_ptr' is broken! use 'std::unique_ptr const' instead (C++11)
no! 'std::unique_ptr const' is fugly! use "auto" and hope C++14's "return type deduction" will guess a safe type and hope C++17's "new rules for auto deduction" won't break stuff (C++14)
crap.
How the heck can people take an "object oriented" language seriously when it takes literally 30 years (1983 to 2014) for them to come up with a non broken way of making a reference to an object....
... and in the end they give it a syntax like "std::unique_ptr const".
something leaner and meaner, focused militantly on privacy and even going so far as to deliberately not support portions of HTML5 (e.g. DRM).
Pretty close to what Chromium is.
It stripped AAC, Flash, and other patent-encumbered parts.
I had hope for the dillo minimal browser, but not supporting javascript is getting pretty tough with many websites these days.
Also hopeful that IceWeasel becomes the sane alternative if the Mozilla guys go crazy like this.
Also -- why the focus on a tiny subset (just Metadata) of a dying communiation system (phone).
It'd be far more interesting if they'd do something about far more invasive (not just metadata, but content too) that's being captured from (presumably) all internet traffic (skype, email, etc).
Doesn't work that well; since there are enough close-partner-countries that much of that work can go oversees as well. For example, you'll notice the [Navy's new railguns have BAE logos on them](https://www.youtube.com/watch?v=ygHN-vplJZg) so those jobs can be offshored to the UK. Outsourcing internationally is everywhere now.
It's also not outside the jurisdiction of the NSA.
Recall that the NSA is a DoD sub-agency --- so is quite restriced from spying on US Citizens inside the US. However DoD intel agencies are much more free to spy on international -- in fact, it's their main job.
It seems to me this moves it INSIDE the jurisdiction of the NSA.
The whole thing is silly because it's re-directing the focus to a tiny subset of some archaic historical communication system (phone call metadata).
It's like saying that they shouldn't get to make maps of smoke signal fire pit locations.
This is all just to distract people from their bulk collection of internet communications; and giving politicians an opportunity to say "see, I'm tough on privacy" without actually accomplishing anything significant.
Sadly, you were probably better than the guy before you and the guy after you.
I venture to say that just because you realized you were doing a bad job, you were already doing a better job than the vast majority of managers (especially ones who think of themselves as "good").
"We're sorry we've solve you shitty products but will replace it at our expense" is actually doing something.
The ideal response in my mind would be:
"We're sorry - so here's how to unlock the boot-loader and here are third-party open source firmware providers that we tested for you."
Is it reasonable to expect browser makers to hold their own in an arms race against exploits?
The problem is that browsers are trying to become an OS - with all the complexities associated with one.
If we want back to a world where HTML was mostly about content -- that could be displayed in everything down to things like the Lynx browser -- they coudl be made secure.
People wanted more, though -- so they decided to allow extensions like Java Applets, Flash Plugins, and ActiveX controls. Obviously more complex, those were not surprisingly insecure.
So now people decide to take all the complexity and insecurity and build it directly into the browser itself?!? WTF.
Makes me miss gopher clients. Maybe we should go back.
TL/DR: Javascript+HTML5 is the new Java applet + Flash Player + ActiveX control.
Slashdot Mirror
Most admins
That's not true.
A few Admins, perhaps.
Not most.
Linus remains the sole gatekeeper for what goes or doesn't go in the kernel
He isn't.
You're free to release your kernel with whatever patches you want to approve or reject just as much as Linus can.
In fact - just about every major distro works that way - applying not necessarily the exact same set of patches that Linus does.
Of course many people trust Linus, so most distros follow him pretty closely.
But that's because people trust him - not that he's some magical "Gatekeeper".
I have to admit that I didn't test MSIE, due to a fundamental lack of Windows on my home network.
SSL Labs has a website will test HSTS on various IE versions for you: https://www.ssllabs.com/ssltes...
But is .pst the best format to do that?
Personally I'd prefer a Maildir or mbox or MIX as the export format.
I imagine this could become a useful tool for them to take out their competors. Just take selfies at any target they want destroyed, and BOOM.
Flash doesn't load at all unless I explicitly click it -- but for handfulls of websites where I want it to play, I can set noscript to whitelist those.
Tabs don't pre-load until I click on them.
That sounds like a uniquely bad idea.
The single most important reason I use tabs is to pre-load pages while I'm reading a different page.
And how will the governments know if the binaries (of every single Windows Update) delivered match the source code.
but it's actually RUN by the board of directors who are elected by the share holders....
Not really --- note that most Google shareholders hold stock with far fewer voting rights than the class "B" shares that Brin and Page hold. People holding the lesser "A" and "C" shares in Google don't really run anything,
MBA's took over too fast at Yahoo after the founders took their money and ran...
Even a bit worse than that --- after they watched AOL buy Time Warner they wanted to emulate that they hired some Warner Brothers guy as their CEO who didn't know much about the internet. And they never invest in the technologies they have. Consider all the times they aquired the leading company in a space --- only to *not* invest in it and kill it:
And such irony that they *now* descide to focus on Search --- after having bought what was once the best search engine on the internet (AltaVista), yet have since then been paying competitors to do search for them.
unique_ptr ... shared_ptr
LOL at how C++ gets new smart pointers every couple years.
It's like they're trolling their own users with their:
crap.
How the heck can people take an "object oriented" language seriously when it takes literally 30 years (1983 to 2014) for them to come up with a non broken way of making a reference to an object....
W.T.F.
something leaner and meaner, focused militantly on privacy and even going so far as to deliberately not support portions of HTML5 (e.g. DRM).
Pretty close to what Chromium is.
It stripped AAC, Flash, and other patent-encumbered parts.
I had hope for the dillo minimal browser, but not supporting javascript is getting pretty tough with many websites these days. Also hopeful that IceWeasel becomes the sane alternative if the Mozilla guys go crazy like this.
Then market that as the primary product, and give a goofy name to the "chromium-plus-adobe-backdoors-plus-patents" product.
Also -- why the focus on a tiny subset (just Metadata) of a dying communiation system (phone).
It'd be far more interesting if they'd do something about far more invasive (not just metadata, but content too) that's being captured from (presumably) all internet traffic (skype, email, etc).
Or will those be robots controlled remotely from India or China too?
Ah -- if you're in IT -- perhaps a better idea is to be the US guy in an offshore-IT-company.
More seriously -- be your own boss. Start a company and you choose if/when you offshore your own job.
Doesn't work that well; since there are enough close-partner-countries that much of that work can go oversees as well. For example, you'll notice the [Navy's new railguns have BAE logos on them](https://www.youtube.com/watch?v=ygHN-vplJZg) so those jobs can be offshored to the UK. Outsourcing internationally is everywhere now.
That's not a security move
It's also not outside the jurisdiction of the NSA.
Recall that the NSA is a DoD sub-agency --- so is quite restriced from spying on US Citizens inside the US. However DoD intel agencies are much more free to spy on international -- in fact, it's their main job.
It seems to me this moves it INSIDE the jurisdiction of the NSA.
for congress ... behavior of the nsa ...
The whole thing is silly because it's re-directing the focus to a tiny subset of some archaic historical communication system (phone call metadata).
It's like saying that they shouldn't get to make maps of smoke signal fire pit locations.
This is all just to distract people from their bulk collection of internet communications; and giving politicians an opportunity to say "see, I'm tough on privacy" without actually accomplishing anything significant.
It was horrible. I did a really crappy job.
Sadly, you were probably better than the guy before you and the guy after you.
I venture to say that just because you realized you were doing a bad job, you were already doing a better job than the vast majority of managers (especially ones who think of themselves as "good").
Skype help?
Perhaps Microsoft is paying them co-marketing dollars for doing positive PR for Skype? Maybe that's his great vision on saving the company.
should be restricted to communicate only with trusted devices
Sounds like a good policy anyway.
McAfee, Norton, Oracle (that damn Ask toolbar), HP Support Assistant, Razer mice, Skype.
Heck, it seems most Windows software has a "malware" buisness model these days.
"We're sorry we've solve you shitty products but will replace it at our expense" is actually doing something.
The ideal response in my mind would be: "We're sorry - so here's how to unlock the boot-loader and here are third-party open source firmware providers that we tested for you."
I'm sticking to really free stuff now.
Is it reasonable to expect browser makers to hold their own in an arms race against exploits?
The problem is that browsers are trying to become an OS - with all the complexities associated with one.
If we want back to a world where HTML was mostly about content -- that could be displayed in everything down to things like the Lynx browser -- they coudl be made secure.
People wanted more, though -- so they decided to allow extensions like Java Applets, Flash Plugins, and ActiveX controls. Obviously more complex, those were not surprisingly insecure.
So now people decide to take all the complexity and insecurity and build it directly into the browser itself?!? WTF.
Makes me miss gopher clients. Maybe we should go back.
TL/DR: Javascript+HTML5 is the new Java applet + Flash Player + ActiveX control.