No, it rather means that the browser code is generic and correct. If an element is overlaid over a video, then that means that there could be content in it that would need to be overlaid on the video during rendering, meaning the video content now needs to be software rendered and can't make use of hardware acceleration, which is the issue at hand.
The browser can't just pretend the div isn't there because it's empty, because in today's javascript-driven world, any element can be changed at any time, so you can't drop empty elements even if it looks like they're doing nothing.
Given that thus far the div appears to be useless, and that YouTube refuses to remove it, it appears that it's been added purely to sabotage benchmarks for other browsers, since Google can optimize it away, knowing that it's useless. But no other browser can do that, because, given Google's behaviour of late, as soon as Edge starts dropping this useless element, Google will start inserting something into it, and then claim that Edge isn't rendering their site correctly.
Not really, no. Most websites these days are entirely driven by javascript, so an empty div could be filled with content at some random point in the future, and only the site developer can say for certain if the div can be safely ignored or not. Meaning that Google, as YouTube's owner, can know if that div can be ignored, and optimize it away, but nobody else can. And since it appears to serve no purpose, and YouTube refuses to remove it, one can only conclude that its presence is deliberately there to sabotage benchmarks of other browsers.
I also noticed a lot of comments on the other discussion around this topic that Edge had coded specifically to YouTube's HTML structure, and the added div broke that. That's extremely unlikely, because websites change all the time, and it would be very silly to depend on actual HTML structure. What is more likely is that Edge uses hardware acceleration for videos, but the presence of an element over the video canvas means that there could be content that must be overlaid on top of the video. Meaning that the video can't be hardware accelerated any more, as any overlaid elements must be rendered in software. So MS is actually doing the right thing here by dropping to software rendering.
The only real benefit of Edge switching to Chromium internally is that Google won't be able to do all of the browser-specific tricks that it puts in all of its sites to make the experience crappy everywhere except Chrome.
It sounds a lot less straightforward than that to me. I (obviously) haven't RTFA but from the summary, it sounds like the addition of the empty div over the video frame caused Edge's hardware acceleration to suffer, which makes perfect sense. If there's an element over the video, then that element could have content in it, which means the video area can't be hardware accelerated because there's potentially additional content to be overlaid on top of the video. That overlay will have to happen in software, meaning switching over to software rendering, losing the hardware acceleration and the performance improvements that come along with it.
You can't even decide to drop the empty div, because with today's sites that are driven entirely by javascript, who knows if that div will at some point include content that must be rendered? From the sounds of it, this div is doing nothing of the sort, which means that it was maliciously added by YouTube, especially if they're refusing to remove it despite it serving no purpose.
I don't think MS is stupid enough to depend on the actual HTML structure of any site, since that can, and does, change at any time without notice. So it's more likely that Google is trying to cheat, because they can know if that div can be silently dropped or not, and can enable hardware acceleration where other browsers cannot.
Nobody's saying Google is breaking standards, but it definitely does sound like they are deliberately trying to sabotage Edge's benchmark results, rather than Edge trying to cheat the benchmarks.
If your engine is only reading a string of bytes, it's not much of an engine. You're probably dealing with something naive that merely looks for known strings or byte sequences out of a dictionary.
A modern anti-malware engine on the other hand, must do a lot more. Once it reads the string of bytes, it needs to examine it to determine what type of data this string of bytes represents. Then, once it knows what type of data it is dealing with, it needs to pass that string of bytes through some sort of parser or analyser to determine if the string of bytes represents a threat _for that data type_.
There have been file format parser exploits in all sorts of applications on all sorts of platforms, so it's not unreasonable to expect that there may be bugs or exploits in the scanning engine itself.
Isolating the engine to run in a sandbox ensures that if any such bug becomes exploitable in the engine, its ability to cause damage is contained to within the sandbox.
You clearly don't understand how the sandbox concept works.
The part outside the sandbox, which does have SYSTEM privileges, no longer examines the contents of the file for malware. It passes it to the part inside the sandbox, which scans the content for malware. If the malware triggers an error in the scanning engine, it cannot be exploited because the scanning engine is in a sandbox and is running with reduced privileges, compared to previously when there was no sandbox and the scanning engine ran as SYSTEM as well.
So your password is 'hunter2', and clientside, you hash that to 'asdflkjh1234poiu'. That still has to be sent back to the server, and the server has to validate it somehow. Congrats, your password is now 'asdflkjh1234poiu'. It doesn't matter that I don't know that you typed in 'hunter2' to get to 'asdflkjh1234poiu', all I care about is that if I send 'asdflkjh1234poiu' down the wire in the password field with username 'Highdude702', the server lets me in. I don't care that your password is 'hunter2' and not 'asdflkjh1234poiu', I care about accessing your account.
Now, lets think about the practicality of this situation. You HAD to have transmitted hunter2 to the server during registration. If you didn't, the server couldn't have been able to generate a hashed version of it. It's pointless saying 'but you can use 'asdflkjh1234poiu' which I hashed clientside for you already', because then that's the equivalence of a cleartext password.
Next, you need to understand how bcrypt works. It takes your cleartext password 'hunter2'. It then adds a salt to it, performs a random number of iterations of a hashing algorithm on it, and stores the salt and the random number along with the resulting hash. You can't reverse this, even knowing the number and hash. What you can do is take a given input from the user, e.g. 'hunter2' and add the same salt to it, and repeat the algorithm the same number of times, and compare the resulting hash to what you've got stored.
Let's say you no longer want to transmit plaintext passwords. So you ask the server for the random number and salt associated with Highdude702, and you do the bcrypt clientside, and transmit that to the server, so the server only has to compare what you transmitted with the bcrypt it's got stored. Congrats, your bcrypted password is now a cleartext password, because you're just doing a straightforward string compare. If I get the db from the server, I can login to your account with not extra effort whatsoever. You can't change the salt or the number of iterations clientside, because you'd then be unable to validate your password against the hashed version on the server. The whole point of it is that it's not reversible to get your cleartext password out.
There are of course ways of transmitting an encrypted password to the server, but at some point they have to be decrypted on the server to be able to re-hash them and compare against the one-way hash that the server is storing. So you're back to transmitting a password, except its reversibly encrypted (since it has to be decryptable on the server), which means that someone else could also decrypt it if they breached the server (or your client), so it's only slightly better than transmitting the cleartext password. So you might as well just use TLS and send the cleartext password anyways, because with TLS, you know upfront if someone is MITM your connection via a cert validation failure.
Then there are other ways of transmitting your password securely, but they introduce additional complexity on server and client, and everywhere that additional complexity is introduced, you increase the potential for bugs, which could be security issues. You also typically introduce user-unfriendliness, which means that the majority of users will either not use your platform because its too unfriendly, or will choose to use the less secure login method, because its more friendly. Either way, you're back at square one.
There's nothing wrong with transmitting your password in cleartext over TLS, as long as the server is storing the passwords as a one-way hash, which Twitter (and GitHub) are doing.
For the desktop you have things like C#, where array.Sort() might not be the most optimal solution but it works and takes about a second to type.
I code in C# all day long. A few years ago I was maintaining a system built in C# by a team whose primary forte was Java. You'd expect some inefficiencies there from the java devs who maybe didn't know about some C# library or language feature which would have made things easier for them, and that would have been fine. I cut down a database query from 20 minutes to under a second by removing a few dozen pointless joins and adding a few indexes, and reordering some loops in the code. None of that would have been any different regardless of what language was being used. The problem was that the people who wrote the original code simply didn't put any thought into the resource implications of the decisions they made.
You don't necessarily have to be able to understand assembly fluently to be a good dev, but you have to understand what your code is doing behind the scenes, how your operating system is servicing requests from your application runtime, etc, in order to write proper, efficient code. I always see answers on StackOverflow suggesting to just call.ToList() on a linq query to solve all your problems, which is fine when you're writing a high school assignment, but when your.ToList() is going to end up materializing a multi-million row database table, you're going to end up in a world of pain. It's better to understand what your compiler, framework, runtime and operating system are doing behind the scenes, even if just at a high level, in order to be able to write good code, rather than just code that works.
The ANC just elected their new leadership for the next 5 years a few weeks ago. Thankfully, NDZ lost the vote for president of the ANC, so she will not succeed him as president of the country after the 2019 election. Cyril Ramaphosa, the new ANC president (and currently the Deputy President of the country) ran his entire campaign pretty much around fighting corruption, and has reportedly already had a number of meetings with Zuma around an exit strategy.
However, reports came out today about the terms under which JZ wants to step down - he wants NDZ as interim president until the general elections in 2019, and he wants certain ministers to retain their portfolios as well. He's also reported insisted on immunity from prosecution for both the fraud charges that he's already facing, as well as anything else that comes up from the upcoming inquiry into state capture. It's quite laughable because by requesting those terms, he's basically admitting that he's guilty of everything he's been accused of - why else would he insist on the minister of energy retaining his portfolio, if not to ensure a corrupt nuclear deal with Russia is completed successfully?
But yes, he's all kinds of awful. On the eve of the ANC elective conference last month, he made a surprise announcement that government would provide free tertiary education for those who could not afford it. Despite releasing a report weeks earlier that stated with no uncertainty that government absolutely cannot afford to do this. Purely to drum up political support for NDZ in the vote for ANC president. The finance ministry "noted the announcement by the president", meaning that they weren't consulted either. And now, we have thousands of unregistered learners demanding access to universities to claim the free education Zuma promised them. In the 8 years that he's been president, I can't think of a single thing that's done for the good of the country.
Exactly. Instead of coming up with all this gimmicky stuff like voice-controlled thermostats, they should rather focus their energy on making the service available to everyone on Windows 10. MS has an infuriating habit of going overboard with features for en-US and treating the rest of the world as an afterthought.
Years ago, before Win10 was officially released, and when Cortana was first being developed, I read an interview with one of the high-ups in the Cortana project, who said that they were really keen on making it available in an alpha state to as many users as possible, as the key way to train it properly to work in different regions and cultures is to expose it to as much input as possible. That never happened, and the list of supported countries and regions is the same as when I last looked at it over a year ago.
If Cortana's uptake is struggling, it's purely because they limited the user-base themselves to a market that's already invested in Siri, Alexa and Google Now, instead of entrenching its use in the regions where the other players aren't yet fully available. I also believe that's the real reason that Windows Phone failed as well. They did very badly in the US market because iPhones and Android were both already entrenched, but there were a lot of other regions where WP did really well despite the lack of attention from MS. So naturally, instead of solidifying their market position in those regions, they continued ignoring them and focusing on the US where they had already lost the battle, and eventually lost support from the regions which actually had it. Then Joe Belfiore complains that they had no support from developers, ignoring the fact that there's a huge number of developers outside of the US who were hesitant to invest in a platform that MS themselves showed no interest in supporting for their markets.
TL;DR: MS needs to abandon this habit of region-locking features, and then complaining that people aren't supporting or using those features.
Not sure why you got a funny mod here. Windows Phone allows you to download maps for your region onto the device so you can navigate in areas with poor/no coverage.
I went back to the offices of a previous employer a year or two after I left, and I noticed that the AC control panels each had a metal plate padlocked over them. Turns out one of the guys in the team I used to work in used to keep going through the office dropping the temperature to the minimum, and everyone else would be freezing. Apparently they spoke to him and he kept doing it, and the metal plates and padlocks worked out cheaper than having to go through the hassle of a disciplinary hearing.
If retrieving a copy of an email while leaving the original intact creates "no meaningful interference" with the account holder's "possessory interest" of that email, how long before this ruling is used as a defence against the RIAA and MPAA's copyright infringement efforts?
Since making a copy of a movie does not create a meaningful interference with the account holder's possessory interest of the movie, surely it can't be worth all those lawsuits?
Here in South Africa, part of the documentation required when effecting a property transfer is an Electrical Compliance Certificate, and not every electrician is licensed to issue them. The purpose is to cover this exact situation, where the homeowner installed their own connections which may not be up to code. If the property has an electric fence, that requires a separate certificate as well. And an etymological certificate is required to ensure that the purchaser isn't receiving a home filled with wood borers or termites. There may be other compliance certificates required, these are the 3 I've encountered personally.
I would argue for combining 3 and 4 together. And the only difference between 1 and 2 should be a pricing discount for students. The alternative would be to get rid of plans entirely, and just check off what products/services you want, and pay for those.
Interestingly, Microsoft also collects telemetry related to Windows usage, but then it's labelled spyware. When Google uses telemetry and correlation to identify that the people viewing cert details also typically make use of developer tools, it's called cleaning up 'yet another option [that] just adds to the confusion for end users'. When Microsoft uses telemetry and correlation to reposition OS features, it's called spyware that sends all your documents to the NSA.
Star Wars Rogue One was also the movie which made me realise how much the 3D glasses affect the colour of the picture. There were lots of scenes that looked very dull and dark - taking the glasses off for a moment, the colours were much brighter and "normal". I've now started noticing that in other 3D movies as well... surely the studios should master the 3D videos with brighter/lighter colours to compensate for the darkening of the glasses?
I wouldn't call for 3D cinema to go though, I enjoy watching movies in 3D at the cinema... but as the summary/article states, despite having a 3D capable TV at home for 2.5 years, I think we've watched a total of 4 movies in 3D on it, despite havingÂthe option to watch many more in 3D.
We watched it with our 7yo daughter, who has played the game once or twice when I showed it to her, but is nowhere near an addict. She's been waiting for this moving for months, purely based on the trailers and implied entertainment value, and not at all because of the game itself.
I suspect the 9 month marketing onslaught was to ensure that the movie would be watched by people who haven't played the game, and it clearly worked, having opened at #1. While Angry Birds has been a very popular game across all mobile platforms for a few years now, there's no way they could rely purely on their gamers to support the movie and allow it to be a huge success.
In fact, after watching the movie, I introduced the game to my daughter again, and she still hasn't really taken to it. While I'm sure they got a huge number of new installs after people watched the movie, I'd be surprised if their long-term player base increases in line with the movies success. Just because the movie is based on a game doesn't mean it's aimed only at the gamers.
It adds nothing of value over the browser based solution because that's exactly what it is. This "desktop client" is a wrapper around an embedded browser that launches WhatsApp Web by default. From the looks of it, it's Chrome Embedded Framework that's been used. I'm guessing they chose that route to make it easier to support both Windows and OSX without much difficulty, but it does raise the question of how they plan to handle updates and patches to the Chrome core... while they might not need any new features that get added, they would definitely need to keep up to date with security patches, even if it's a single-purpose browser.
It should be trivially easy to do the key exchange without WhatsApp being able to intercept the keys, even though they are relaying them between the two parties.*
Assume Alice and Bob both use WhatsApp. Each generates a certificate with a private and public key. They publish their public keys via some directory service. Alice wants to chat to Bob securely. They currently don't have a relationship set up between them. So Alice looks up Bob's public key, and generates a random encryption key to be used for chatting with Bob. She encrypts this key with Bob's public key and sends this encrypted key to Bob over WhatsApp. Only Bob can decrypt this because only Bob has the private key - WhatsApp doesn't. Bob can either then use the same key to send messages to Alice, or he can repeat the process, so that even if one key is exposed somehow, only one half of the conversation can be decrypted.
Yes, WhatsApp's app must ultimately be trusted to be storing the private keys securely and not leaking them back to WhatsApp somehow, but if they're going to the trouble of implementing end-to-end encryption, then entire point is that they want to be able to simply auto-respond to any law enforcement requests with 'We simply cannot decrypt the messages even if we want to." Given that WhatsApp already has been encrypting messages between client and server for some time now before this, it doesn't make sense for them to implement such an elaborate encryption scheme and then leave a backdoor in it, which will inevitably be discovered, either by a security researcher or when they give in to a law enforcement request.
* I haven't actually read up on how WhatsApp is doing their key exchange, so they may be doing exactly this.
This morning, I saw it on my phone in my darkened bedroom, and it was clearly blue and brown. Just now, I opened the Washington Post link on my 24" screen in a sunlit room, and it was clearly white and gold. I then found the link that I had seen on my phone this morning (not Washington Post, so I wanted to confirm that it just wasn't two different pictures that I was looking at), opened it up, and it was white and gold there too. Went back to my bedroom and closed the curtains, and it remained white and gold for a bit, but after I left the room (after my eyes had adjusted a bit to the darkness), it was blue and brown again. The picture on the Washington Post was also now blue and brown. Now that my eyes have adjusted to the sunlit room again (and the white Slashdot background), I switch back to the Washington Post tab, and it's white and gold again. My wife (who's now gotten fed up with following me around to look at this picture under different lighting conditions) has had pretty much the same experience as me.
So it appears to be linked to the lighting conditions that your eyes are adjusted to when seeing the image initially... even after they've adjusted to the ambient light, the brain appears to stick to the image it created initially.
I am closely related to someone who works at Eskom.
His "insider's view" is that the power cuts and load shedding are not due to pressure on the supply, but just to create the impression that there is pressure on the supply, to justify their price increases to pay for the new power stations (and of course sponsoring The New Age breakfasts).
He had a good laugh at the 'wet coal' excuse for the problems earlier in the year (conveniently around the time that NERSA was reviewing their tariff increase application) because all the coal arriving at the power plants gets sprayed down with water as soon as it arrives anyways, because coal dust is extremely flammable.
We have two new power stations under construction, both coal-fired... when South African engineers are designing safe nuclear power stations that are being used by other countries but not our own. (see http://en.wikipedia.org/wiki/P...)
Slashdot Mirror
I think you meant: until someone ports it to EMACS
No, it rather means that the browser code is generic and correct. If an element is overlaid over a video, then that means that there could be content in it that would need to be overlaid on the video during rendering, meaning the video content now needs to be software rendered and can't make use of hardware acceleration, which is the issue at hand.
The browser can't just pretend the div isn't there because it's empty, because in today's javascript-driven world, any element can be changed at any time, so you can't drop empty elements even if it looks like they're doing nothing.
Given that thus far the div appears to be useless, and that YouTube refuses to remove it, it appears that it's been added purely to sabotage benchmarks for other browsers, since Google can optimize it away, knowing that it's useless. But no other browser can do that, because, given Google's behaviour of late, as soon as Edge starts dropping this useless element, Google will start inserting something into it, and then claim that Edge isn't rendering their site correctly.
Not really, no. Most websites these days are entirely driven by javascript, so an empty div could be filled with content at some random point in the future, and only the site developer can say for certain if the div can be safely ignored or not. Meaning that Google, as YouTube's owner, can know if that div can be ignored, and optimize it away, but nobody else can. And since it appears to serve no purpose, and YouTube refuses to remove it, one can only conclude that its presence is deliberately there to sabotage benchmarks of other browsers.
I also noticed a lot of comments on the other discussion around this topic that Edge had coded specifically to YouTube's HTML structure, and the added div broke that. That's extremely unlikely, because websites change all the time, and it would be very silly to depend on actual HTML structure. What is more likely is that Edge uses hardware acceleration for videos, but the presence of an element over the video canvas means that there could be content that must be overlaid on top of the video. Meaning that the video can't be hardware accelerated any more, as any overlaid elements must be rendered in software. So MS is actually doing the right thing here by dropping to software rendering.
The only real benefit of Edge switching to Chromium internally is that Google won't be able to do all of the browser-specific tricks that it puts in all of its sites to make the experience crappy everywhere except Chrome.
It sounds a lot less straightforward than that to me. I (obviously) haven't RTFA but from the summary, it sounds like the addition of the empty div over the video frame caused Edge's hardware acceleration to suffer, which makes perfect sense. If there's an element over the video, then that element could have content in it, which means the video area can't be hardware accelerated because there's potentially additional content to be overlaid on top of the video. That overlay will have to happen in software, meaning switching over to software rendering, losing the hardware acceleration and the performance improvements that come along with it.
You can't even decide to drop the empty div, because with today's sites that are driven entirely by javascript, who knows if that div will at some point include content that must be rendered? From the sounds of it, this div is doing nothing of the sort, which means that it was maliciously added by YouTube, especially if they're refusing to remove it despite it serving no purpose.
I don't think MS is stupid enough to depend on the actual HTML structure of any site, since that can, and does, change at any time without notice. So it's more likely that Google is trying to cheat, because they can know if that div can be silently dropped or not, and can enable hardware acceleration where other browsers cannot.
Nobody's saying Google is breaking standards, but it definitely does sound like they are deliberately trying to sabotage Edge's benchmark results, rather than Edge trying to cheat the benchmarks.
So you're posting on /. from where, exactly?
If your engine is only reading a string of bytes, it's not much of an engine. You're probably dealing with something naive that merely looks for known strings or byte sequences out of a dictionary.
A modern anti-malware engine on the other hand, must do a lot more. Once it reads the string of bytes, it needs to examine it to determine what type of data this string of bytes represents. Then, once it knows what type of data it is dealing with, it needs to pass that string of bytes through some sort of parser or analyser to determine if the string of bytes represents a threat _for that data type_.
There have been file format parser exploits in all sorts of applications on all sorts of platforms, so it's not unreasonable to expect that there may be bugs or exploits in the scanning engine itself.
Isolating the engine to run in a sandbox ensures that if any such bug becomes exploitable in the engine, its ability to cause damage is contained to within the sandbox.
You clearly don't understand how the sandbox concept works.
The part outside the sandbox, which does have SYSTEM privileges, no longer examines the contents of the file for malware. It passes it to the part inside the sandbox, which scans the content for malware. If the malware triggers an error in the scanning engine, it cannot be exploited because the scanning engine is in a sandbox and is running with reduced privileges, compared to previously when there was no sandbox and the scanning engine ran as SYSTEM as well.
So your password is 'hunter2', and clientside, you hash that to 'asdflkjh1234poiu'. That still has to be sent back to the server, and the server has to validate it somehow. Congrats, your password is now 'asdflkjh1234poiu'. It doesn't matter that I don't know that you typed in 'hunter2' to get to 'asdflkjh1234poiu', all I care about is that if I send 'asdflkjh1234poiu' down the wire in the password field with username 'Highdude702', the server lets me in. I don't care that your password is 'hunter2' and not 'asdflkjh1234poiu', I care about accessing your account.
Now, lets think about the practicality of this situation. You HAD to have transmitted hunter2 to the server during registration. If you didn't, the server couldn't have been able to generate a hashed version of it. It's pointless saying 'but you can use 'asdflkjh1234poiu' which I hashed clientside for you already', because then that's the equivalence of a cleartext password.
Next, you need to understand how bcrypt works. It takes your cleartext password 'hunter2'. It then adds a salt to it, performs a random number of iterations of a hashing algorithm on it, and stores the salt and the random number along with the resulting hash. You can't reverse this, even knowing the number and hash. What you can do is take a given input from the user, e.g. 'hunter2' and add the same salt to it, and repeat the algorithm the same number of times, and compare the resulting hash to what you've got stored.
Let's say you no longer want to transmit plaintext passwords. So you ask the server for the random number and salt associated with Highdude702, and you do the bcrypt clientside, and transmit that to the server, so the server only has to compare what you transmitted with the bcrypt it's got stored. Congrats, your bcrypted password is now a cleartext password, because you're just doing a straightforward string compare. If I get the db from the server, I can login to your account with not extra effort whatsoever.
You can't change the salt or the number of iterations clientside, because you'd then be unable to validate your password against the hashed version on the server. The whole point of it is that it's not reversible to get your cleartext password out.
There are of course ways of transmitting an encrypted password to the server, but at some point they have to be decrypted on the server to be able to re-hash them and compare against the one-way hash that the server is storing. So you're back to transmitting a password, except its reversibly encrypted (since it has to be decryptable on the server), which means that someone else could also decrypt it if they breached the server (or your client), so it's only slightly better than transmitting the cleartext password. So you might as well just use TLS and send the cleartext password anyways, because with TLS, you know upfront if someone is MITM your connection via a cert validation failure.
Then there are other ways of transmitting your password securely, but they introduce additional complexity on server and client, and everywhere that additional complexity is introduced, you increase the potential for bugs, which could be security issues. You also typically introduce user-unfriendliness, which means that the majority of users will either not use your platform because its too unfriendly, or will choose to use the less secure login method, because its more friendly. Either way, you're back at square one.
There's nothing wrong with transmitting your password in cleartext over TLS, as long as the server is storing the passwords as a one-way hash, which Twitter (and GitHub) are doing.
I code in C# all day long. A few years ago I was maintaining a system built in C# by a team whose primary forte was Java. You'd expect some inefficiencies there from the java devs who maybe didn't know about some C# library or language feature which would have made things easier for them, and that would have been fine. I cut down a database query from 20 minutes to under a second by removing a few dozen pointless joins and adding a few indexes, and reordering some loops in the code.
None of that would have been any different regardless of what language was being used. The problem was that the people who wrote the original code simply didn't put any thought into the resource implications of the decisions they made.
You don't necessarily have to be able to understand assembly fluently to be a good dev, but you have to understand what your code is doing behind the scenes, how your operating system is servicing requests from your application runtime, etc, in order to write proper, efficient code. .ToList() on a linq query to solve all your problems, which is fine when you're writing a high school assignment, but when your .ToList() is going to end up materializing a multi-million row database table, you're going to end up in a world of pain. It's better to understand what your compiler, framework, runtime and operating system are doing behind the scenes, even if just at a high level, in order to be able to write good code, rather than just code that works.
I always see answers on StackOverflow suggesting to just call
The ANC just elected their new leadership for the next 5 years a few weeks ago. Thankfully, NDZ lost the vote for president of the ANC, so she will not succeed him as president of the country after the 2019 election. Cyril Ramaphosa, the new ANC president (and currently the Deputy President of the country) ran his entire campaign pretty much around fighting corruption, and has reportedly already had a number of meetings with Zuma around an exit strategy.
However, reports came out today about the terms under which JZ wants to step down - he wants NDZ as interim president until the general elections in 2019, and he wants certain ministers to retain their portfolios as well. He's also reported insisted on immunity from prosecution for both the fraud charges that he's already facing, as well as anything else that comes up from the upcoming inquiry into state capture. It's quite laughable because by requesting those terms, he's basically admitting that he's guilty of everything he's been accused of - why else would he insist on the minister of energy retaining his portfolio, if not to ensure a corrupt nuclear deal with Russia is completed successfully?
But yes, he's all kinds of awful. On the eve of the ANC elective conference last month, he made a surprise announcement that government would provide free tertiary education for those who could not afford it. Despite releasing a report weeks earlier that stated with no uncertainty that government absolutely cannot afford to do this. Purely to drum up political support for NDZ in the vote for ANC president. The finance ministry "noted the announcement by the president", meaning that they weren't consulted either. And now, we have thousands of unregistered learners demanding access to universities to claim the free education Zuma promised them. In the 8 years that he's been president, I can't think of a single thing that's done for the good of the country.
Exactly. Instead of coming up with all this gimmicky stuff like voice-controlled thermostats, they should rather focus their energy on making the service available to everyone on Windows 10. MS has an infuriating habit of going overboard with features for en-US and treating the rest of the world as an afterthought.
The current availability of Cortana's services is pitiful. It is constantly hyped about new features that have been added (they even got it to speak Klingon), yet for most of the world, it's a glorified interface to Bing.
Years ago, before Win10 was officially released, and when Cortana was first being developed, I read an interview with one of the high-ups in the Cortana project, who said that they were really keen on making it available in an alpha state to as many users as possible, as the key way to train it properly to work in different regions and cultures is to expose it to as much input as possible. That never happened, and the list of supported countries and regions is the same as when I last looked at it over a year ago.
If Cortana's uptake is struggling, it's purely because they limited the user-base themselves to a market that's already invested in Siri, Alexa and Google Now, instead of entrenching its use in the regions where the other players aren't yet fully available. I also believe that's the real reason that Windows Phone failed as well. They did very badly in the US market because iPhones and Android were both already entrenched, but there were a lot of other regions where WP did really well despite the lack of attention from MS. So naturally, instead of solidifying their market position in those regions, they continued ignoring them and focusing on the US where they had already lost the battle, and eventually lost support from the regions which actually had it. Then Joe Belfiore complains that they had no support from developers, ignoring the fact that there's a huge number of developers outside of the US who were hesitant to invest in a platform that MS themselves showed no interest in supporting for their markets.
TL;DR: MS needs to abandon this habit of region-locking features, and then complaining that people aren't supporting or using those features.
Not sure why you got a funny mod here. Windows Phone allows you to download maps for your region onto the device so you can navigate in areas with poor/no coverage.
I went back to the offices of a previous employer a year or two after I left, and I noticed that the AC control panels each had a metal plate padlocked over them. Turns out one of the guys in the team I used to work in used to keep going through the office dropping the temperature to the minimum, and everyone else would be freezing. Apparently they spoke to him and he kept doing it, and the metal plates and padlocks worked out cheaper than having to go through the hassle of a disciplinary hearing.
Here you go:
https://github.com/Microsoft
She is his ex-wife.
If retrieving a copy of an email while leaving the original intact creates "no meaningful interference" with the account holder's "possessory interest" of that email, how long before this ruling is used as a defence against the RIAA and MPAA's copyright infringement efforts?
Since making a copy of a movie does not create a meaningful interference with the account holder's possessory interest of the movie, surely it can't be worth all those lawsuits?
Here in South Africa, part of the documentation required when effecting a property transfer is an Electrical Compliance Certificate, and not every electrician is licensed to issue them. The purpose is to cover this exact situation, where the homeowner installed their own connections which may not be up to code. If the property has an electric fence, that requires a separate certificate as well. And an etymological certificate is required to ensure that the purchaser isn't receiving a home filled with wood borers or termites.
There may be other compliance certificates required, these are the 3 I've encountered personally.
I would argue for combining 3 and 4 together. And the only difference between 1 and 2 should be a pricing discount for students.
The alternative would be to get rid of plans entirely, and just check off what products/services you want, and pay for those.
Interestingly, Microsoft also collects telemetry related to Windows usage, but then it's labelled spyware.
When Google uses telemetry and correlation to identify that the people viewing cert details also typically make use of developer tools, it's called cleaning up 'yet another option [that] just adds to the confusion for end users'.
When Microsoft uses telemetry and correlation to reposition OS features, it's called spyware that sends all your documents to the NSA.
Star Wars Rogue One was also the movie which made me realise how much the 3D glasses affect the colour of the picture. There were lots of scenes that looked very dull and dark - taking the glasses off for a moment, the colours were much brighter and "normal". I've now started noticing that in other 3D movies as well... surely the studios should master the 3D videos with brighter/lighter colours to compensate for the darkening of the glasses?
I wouldn't call for 3D cinema to go though, I enjoy watching movies in 3D at the cinema... but as the summary/article states, despite having a 3D capable TV at home for 2.5 years, I think we've watched a total of 4 movies in 3D on it, despite havingÂthe option to watch many more in 3D.
We watched it with our 7yo daughter, who has played the game once or twice when I showed it to her, but is nowhere near an addict. She's been waiting for this moving for months, purely based on the trailers and implied entertainment value, and not at all because of the game itself.
I suspect the 9 month marketing onslaught was to ensure that the movie would be watched by people who haven't played the game, and it clearly worked, having opened at #1. While Angry Birds has been a very popular game across all mobile platforms for a few years now, there's no way they could rely purely on their gamers to support the movie and allow it to be a huge success.
In fact, after watching the movie, I introduced the game to my daughter again, and she still hasn't really taken to it. While I'm sure they got a huge number of new installs after people watched the movie, I'd be surprised if their long-term player base increases in line with the movies success. Just because the movie is based on a game doesn't mean it's aimed only at the gamers.
It adds nothing of value over the browser based solution because that's exactly what it is. This "desktop client" is a wrapper around an embedded browser that launches WhatsApp Web by default. From the looks of it, it's Chrome Embedded Framework that's been used. I'm guessing they chose that route to make it easier to support both Windows and OSX without much difficulty, but it does raise the question of how they plan to handle updates and patches to the Chrome core... while they might not need any new features that get added, they would definitely need to keep up to date with security patches, even if it's a single-purpose browser.
It should be trivially easy to do the key exchange without WhatsApp being able to intercept the keys, even though they are relaying them between the two parties.*
Assume Alice and Bob both use WhatsApp. Each generates a certificate with a private and public key. They publish their public keys via some directory service. Alice wants to chat to Bob securely. They currently don't have a relationship set up between them. So Alice looks up Bob's public key, and generates a random encryption key to be used for chatting with Bob. She encrypts this key with Bob's public key and sends this encrypted key to Bob over WhatsApp. Only Bob can decrypt this because only Bob has the private key - WhatsApp doesn't. Bob can either then use the same key to send messages to Alice, or he can repeat the process, so that even if one key is exposed somehow, only one half of the conversation can be decrypted.
Yes, WhatsApp's app must ultimately be trusted to be storing the private keys securely and not leaking them back to WhatsApp somehow, but if they're going to the trouble of implementing end-to-end encryption, then entire point is that they want to be able to simply auto-respond to any law enforcement requests with 'We simply cannot decrypt the messages even if we want to." Given that WhatsApp already has been encrypting messages between client and server for some time now before this, it doesn't make sense for them to implement such an elaborate encryption scheme and then leave a backdoor in it, which will inevitably be discovered, either by a security researcher or when they give in to a law enforcement request.
* I haven't actually read up on how WhatsApp is doing their key exchange, so they may be doing exactly this.
This morning, I saw it on my phone in my darkened bedroom, and it was clearly blue and brown. Just now, I opened the Washington Post link on my 24" screen in a sunlit room, and it was clearly white and gold. I then found the link that I had seen on my phone this morning (not Washington Post, so I wanted to confirm that it just wasn't two different pictures that I was looking at), opened it up, and it was white and gold there too. Went back to my bedroom and closed the curtains, and it remained white and gold for a bit, but after I left the room (after my eyes had adjusted a bit to the darkness), it was blue and brown again. The picture on the Washington Post was also now blue and brown. Now that my eyes have adjusted to the sunlit room again (and the white Slashdot background), I switch back to the Washington Post tab, and it's white and gold again. My wife (who's now gotten fed up with following me around to look at this picture under different lighting conditions) has had pretty much the same experience as me.
So it appears to be linked to the lighting conditions that your eyes are adjusted to when seeing the image initially... even after they've adjusted to the ambient light, the brain appears to stick to the image it created initially.
I am closely related to someone who works at Eskom. His "insider's view" is that the power cuts and load shedding are not due to pressure on the supply, but just to create the impression that there is pressure on the supply, to justify their price increases to pay for the new power stations (and of course sponsoring The New Age breakfasts). He had a good laugh at the 'wet coal' excuse for the problems earlier in the year (conveniently around the time that NERSA was reviewing their tariff increase application) because all the coal arriving at the power plants gets sprayed down with water as soon as it arrives anyways, because coal dust is extremely flammable. We have two new power stations under construction, both coal-fired... when South African engineers are designing safe nuclear power stations that are being used by other countries but not our own. (see http://en.wikipedia.org/wiki/P...)