The font changes are interesting but...... until other browsers support it, who in their right mind is going to design a chrome-only website?
If you're using Google Fonts for font hosting then you don't link the fonts directly; you link a CSS file on the Google servers that in turn links the font files. And they already serve different CSS files based on your user agent.
Thus, from my understanding, for any site using Google Fonts this can be enabled transparently for supporting browsers without the site developer even knowing about it.
... if there's a secret button combo that reactivates Touch ID if it's been deactivated in this manner, but a combo that Apple only provides to law enforcement and other Government organizations.
If you're going to add a backdoor why not have one that just unlocks the phone without having to involve its original owner. That is, a backdoor that can be used without creating a witness who now knows about it!
ScreenOS uses Dual EC in a strange, non-standard way. Rather than generating all of their random numbers with Dual EC (which would be slow), they only use Dual EC to generate a seed for a fast 3DES-based generator called ANSI X9.17. Since that generator is actually FIPS-140 approved and generally believed to be sufficient to the purpose, it's not clear what value Dual EC is really adding to the system in the first place -- except, of course, its usefulness as a potential backdoor.
The good news here is that the post-processing by ANSI X9.17 should kill the Dual EC backdoor, since the attack relies on the attacker seeing raw output from Dual EC. The ANSI generator appears to completely obfuscate this output, thus rendering Dual EC "safe". This is indeed the argument Juniper made in 2013 when it decided to leave the Dual EC code in ScreenOS.
I'm not defending Uber, but what, as a passenger, do I gain by having the wetware in the taxi driver's head do the path-finding instead of the software on his computer? Even if the software is inferior right now it will continue to improve, unlike humans, and if the Uber driver takes longer to get me to where I want to go then I will continue to use his wetware competitors.
That's nice and all, but nothing of what you said explains why it's a problem that Slashdot doesn't give you a numeric score describing how controversial a post is.
Software updates sometimes change the internal format of its database.
What makes you think that a company that produces a buggy new version is capable of creating bug-free code to backport the upgraded data to the old format?
Hire competent programmers or hire cheap programmers and install a database firewall instead. Some companies are going to opt for the cheap programmers.
Other than that, I guess you could use the database firewall if you have an old legacy system of questionable quality.
You're right, but there's no need to open the box if you're buying it only to prove a point by returning it. The retailer still suffers administrative overhead from having to deal with you.
Apple is dropping MacOS's support for PPC later this year, but you can still get Safari 4 for PPC today. Microsoft never even made Silverlight 2 for PPC.
And it's not that I mind; I've never encountered a site requiring Silverlight in my daily surfing, and if I did I'd just go somewhere else instead of reaching for my MacBook Pro, I'm just saying that Flash beats Silverlight when it comes to platform support.
Transitions between versions of OS X aren't as drastic, or as prone to breaking things as going from XP to Vista*. On the other hand, during the transition from Mac OS 9 to Mac OS X you could still get OS 9 for more than a year after OS X left beta.
You do realize there are about 50 brazillion ways to do this, correct? Indeed, which is why the default configuration for Macs is so troublesome. We may mock Windows users for having to run as admins to get their poorly written software to work, but most Mac users run as admins out of ignorance, because that's just the way the default configuration is. Or was, the last time I installed OS X at least, but I hope I'd heard if things had changed.
Either way, as soon as you're running malicious code, you're already screwed. A malicious application does not need to be root to destroy your photos, movies, pornography or other personal documents. At least with a non-root the damage is localized to one account. Daddy's porn may be gone, but his daughter's homework (and porn) is still safe inside her account.
You should never run applications from a source you do not trust. I certainly agree. Too bad people are so trusting, though.
The problem is not that a malicious admin can gain root access -- of course he can, as you pointed out. No surprise there.
The problem is rather that a trojan or similar run by a clueless admin can gain root access without the user being prompted for his password. Most Mac home users do use an admin account for day-to-day work, and think that they'll be fine. So the real problem is either that too many Mac users are running as admin, or that admin users have too broad write permissions without using sudo.
Personally I've solved this by using a normal user account that's added to sudoers. I can wreak full havoc on my machine when I want to, without having to log in as my admin account, but can't do so unknowingly (I hope).
It's not a maximize button at all, it's a "zoom" button. And exactly how the button changes the window's size is at the discretion of the Application itself rather than the OS. So yes, since changing behaviour could break existing Applications it is "hard", though of course far from impossible.
It's actually old news. They announced that they had completed the switch to Intel processors back when they announced the Mac Pro's. After that they've just been selling what PPC machines they still had left.
Slashdot Mirror
The font changes are interesting but...... until other browsers support it, who in their right mind is going to design a chrome-only website?
If you're using Google Fonts for font hosting then you don't link the fonts directly; you link a CSS file on the Google servers that in turn links the font files. And they already serve different CSS files based on your user agent. Thus, from my understanding, for any site using Google Fonts this can be enabled transparently for supporting browsers without the site developer even knowing about it.
... if there's a secret button combo that reactivates Touch ID if it's been deactivated in this manner, but a combo that Apple only provides to law enforcement and other Government organizations.
If you're going to add a backdoor why not have one that just unlocks the phone without having to involve its original owner. That is, a backdoor that can be used without creating a witness who now knows about it!
There's a "Cast..." item wasting space in my context menu but I don't own a Chromecast.
http://blog.cryptographyengine...
Perhaps this? https://wiki.mozilla.org/Telem...
I'm not asking why we have regulation. I'm asking why the Londoners have regulation that requires taxi drivers to memorize the entire city map.
I'm not defending Uber, but what, as a passenger, do I gain by having the wetware in the taxi driver's head do the path-finding instead of the software on his computer? Even if the software is inferior right now it will continue to improve, unlike humans, and if the Uber driver takes longer to get me to where I want to go then I will continue to use his wetware competitors.
That's nice and all, but nothing of what you said explains why it's a problem that Slashdot doesn't give you a numeric score describing how controversial a post is.
Most likely referring to this bug or one of its duplicates: https://bugzilla.mozilla.org/s...
So, seeing as they are becoming competitors, when will Spotify disappear from the Apple App Store?
Has Apple ever removed a major competitor's app from the store? After it was approved?
Software updates sometimes change the internal format of its database. What makes you think that a company that produces a buggy new version is capable of creating bug-free code to backport the upgraded data to the old format?
He disagrees about which subjects are valuable. I don't see any hypocrisy in that, just a difference of opinions.
Hire competent programmers or hire cheap programmers and install a database firewall instead. Some companies are going to opt for the cheap programmers.
Other than that, I guess you could use the database firewall if you have an old legacy system of questionable quality.
You're right, but there's no need to open the box if you're buying it only to prove a point by returning it. The retailer still suffers administrative overhead from having to deal with you.
The battery on my MBP is built-in. I'd expect most other brands to allow you to replace the battery without resorting to screwdrivers.
Just remember to start counting from the day the bug was reported and not from today.
Apple is dropping MacOS's support for PPC later this year, but you can still get Safari 4 for PPC today. Microsoft never even made Silverlight 2 for PPC.
And it's not that I mind; I've never encountered a site requiring Silverlight in my daily surfing, and if I did I'd just go somewhere else instead of reaching for my MacBook Pro, I'm just saying that Flash beats Silverlight when it comes to platform support.
The Mac version of Silverlight only works on Intel Macs, where Flash works on both PPC and Intel.
Transitions between versions of OS X aren't as drastic, or as prone to breaking things as going from XP to Vista*. On the other hand, during the transition from Mac OS 9 to Mac OS X you could still get OS 9 for more than a year after OS X left beta.
*Though that is not saying much
The problem is not that a malicious admin can gain root access -- of course he can, as you pointed out. No surprise there.
The problem is rather that a trojan or similar run by a clueless admin can gain root access without the user being prompted for his password. Most Mac home users do use an admin account for day-to-day work, and think that they'll be fine. So the real problem is either that too many Mac users are running as admin, or that admin users have too broad write permissions without using sudo.
Personally I've solved this by using a normal user account that's added to sudoers. I can wreak full havoc on my machine when I want to, without having to log in as my admin account, but can't do so unknowingly (I hope).
IIRC Apple uses their own java runtime environment, not Sun's.
command-a, for select all
or
tripple-click on the url
or
control-a, control-k to kill the current url
or
open a new tab instead
It's not a maximize button at all, it's a "zoom" button. And exactly how the button changes the window's size is at the discretion of the Application itself rather than the OS. So yes, since changing behaviour could break existing Applications it is "hard", though of course far from impossible.
It's actually old news. They announced that they had completed the switch to Intel processors back when they announced the Mac Pro's. After that they've just been selling what PPC machines they still had left.