This is absolutely true, but if it's a PKI signing key, trust is binary, so that's not one of the options (correct me if I'm wrong here—this is my understanding).
This is a tough question, because arguably corporate-held keys aren't trustworthy either, but if we are to trust government keys, we need to know what the terms of governance are, and in general we don't. In the U.S., for example, government eavesdropping rules are secret. So trusting a PKI cert issued by the U.S. government is crazy. Of course, governments can also often compel private industry, and as we've seen, private industry can also engage in corrupt practices or careless practices. Honestly, PKI is pretty rickety.
Yeah, the main issue I have with this is that it just seems silly. Why not cut to the chase and just do micropayments. But if it's a path to micropayments, I guess that's okay too.
FWIW, Google actually had a micropayment service, but O(nobody) on the provider side went for it.
Take two sheets of glass, tape them into a V shape with cardboard to hold them up, place the book open on the V, take a picture from below with your cell phone camera. Repeat for each pair of pages.
Gutenberg is curating and only scanning things that are out of copyright. Very useful work, but not the same thing. I'm talking about having a database and essentially gamifying the process, with the goal of seeing how many titles we can get, rather than the goal of getting the stuff people think of to add.
I saw this go by back in April and was made sad by it. Now I am being made sad by it again. I wonder how hard it would be to crowdsource the same work. Like, just have everybody who thinks this is a tragedy do 10 books, and see how many that adds up to. The Google OCR API is available for use, and I think they may even have open sourced it so you don't have to run it in the cloud.
Actually, I think the lesson here is that when you source material, you need to actually test to see if it meets the specifications. You should never assume that the seller is telling the truth.
But holy crap, the touch-bar is a bad bit of UI design. I'm constantly accidentally triggering it. When I'm typing it offers spelling tweaks, so if my finger grazes the touchbar I wind up changing the word I typed unintentionally. I hit the escape (or cancel) button frequently. It's a nightmare. I was curious to try it, but now I wish there was some way I could switch back.
The great thing about solving that problem is that if you do, you also make the streets safer. The problem is that it's too easy for cars to jump kerbs and hit people. This is a technical problem, not something magically insurmountable.
What I mean by "the headers didn't get rewritten" is that the sender didn't get rewritten to a sender that would validate. If I forward your message from my server, you aren't sending it, and so the DKIM isn't going to validate. I have to send it as me.
It's push-based because of history. The number of connections is the same either way: the sender has to announce that a message is available. The difference with a pull-based solution is that the receiver ignores announcements from senders it doesn't know, and decides when/if to pull. You use pull-based solutions every day. Facebook is pull-based. Reddit is pull-based. The reason SMTP isn't pull-based is that back in the day, we didn't realize that there would be assholes. It's really that simple and that sad.
Tweak your mailer so that it sends mail from gi-request instead of google-issues-request, and don't mention "Google Account". Granted, this sucks, but the Internet routes around brokenness, and that's what you need to do in a situation like this. Is that a sad thing? Yes, of course. If we had a mail architecture that was pull- rather than push-based, maybe we could have nice things, but until that magic day, the whole thing is bubble gum and bailing wire, and it's honestly not Google's fault that that's so.
As another example of brokenness, I often get mail that is marked spam because it went through a mailing list expander and the headers didn't get rewritten, so that it fails DKIM validation. Yes, we can all rail about how evil and awful DKIM is, but the bottom line is that if you don't want that to happen, you rewrite the headers. Again, a system that's pull-based rather than push-based would make this a lot better.
They said Ambient OS would be "open source, like android," but there's nothing about that on their web site. Give me a phone on which I can run software I built from source, and that would be worth dropping some cash on. As it is, I have a perfectly nice Google phone that is sort-of open source-ish. I realize that this is a bit of a niche, but it astonishes me that nobody has attempted to suck in developers by doing this. An open source phone ecosystem would really enable some out-of-the-box innovation. But no, this is just Yet Another Brick.
When someone says "good sir" that way, it's a polite way of saying "asshole." The second "asshole" was redundant, just in case you didn't understand the first one.:)
Or the helicopter was below 500 ft. It's interesting that they used such an exact number. What the hell is a military helicopter doing flying that low near a residential neighborhood anyway?
Right, and this article gives concrete and serious criticisms of the study, of which "it was funded by Coca-cola" is not one. That's just an attempt at an explanation for how such a crappy study got funded at all.
So essentially what you're saying is that they negotiated a better deal than you, and instead of blaming your employer, who is actually not giving you the time off you want, or yourself, for not negotiating it, you are blaming them, for succeeding at it.
I say this not to be mean to you, but just to point out to you that there is a knob here you can turn, and it's not blaming your Indian colleague. If you aren't worth enough to the company that you can negotiate three weeks a year off, then figure out what company you can be valuable enough to that you can negotiate that amount of time of (or, ideally, more).
What I see in Silicon Valley is that people are "at work" all the time, but spend a lot of it on/., because their goal in being "at work" is to appear to be at work, not to get work done. This is totally counterproductive: you are living indoors because of peer pressure. Fuck peer pressure. If they don't like it that you work eight hours a day, get a different job. If the recruiter gives you hints that they want you at the office working all day, don't even interview for that job. Have a little faith in yourself.
Slashdot Mirror
This is exactly right. If a browser trusts a signing authority, that authority can sign for any domain.
This is absolutely true, but if it's a PKI signing key, trust is binary, so that's not one of the options (correct me if I'm wrong here—this is my understanding).
This is a tough question, because arguably corporate-held keys aren't trustworthy either, but if we are to trust government keys, we need to know what the terms of governance are, and in general we don't. In the U.S., for example, government eavesdropping rules are secret. So trusting a PKI cert issued by the U.S. government is crazy. Of course, governments can also often compel private industry, and as we've seen, private industry can also engage in corrupt practices or careless practices. Honestly, PKI is pretty rickety.
So that no-one can see the shame of our white hair. Or we wind up in management. Or we retire early.
But honestly I know quite a few old programmers, so you may be experiencng anecdata.
Yeah, the main issue I have with this is that it just seems silly. Why not cut to the chase and just do micropayments. But if it's a path to micropayments, I guess that's okay too.
FWIW, Google actually had a micropayment service, but O(nobody) on the provider side went for it.
Take two sheets of glass, tape them into a V shape with cardboard to hold them up, place the book open on the V, take a picture from below with your cell phone camera. Repeat for each pair of pages.
Gutenberg is curating and only scanning things that are out of copyright. Very useful work, but not the same thing. I'm talking about having a database and essentially gamifying the process, with the goal of seeing how many titles we can get, rather than the goal of getting the stuff people think of to add.
I saw this go by back in April and was made sad by it. Now I am being made sad by it again. I wonder how hard it would be to crowdsource the same work. Like, just have everybody who thinks this is a tragedy do 10 books, and see how many that adds up to. The Google OCR API is available for use, and I think they may even have open sourced it so you don't have to run it in the cloud.
True, but not much tensile strength...
Actually, I think the lesson here is that when you source material, you need to actually test to see if it meets the specifications. You should never assume that the seller is telling the truth.
But holy crap, the touch-bar is a bad bit of UI design. I'm constantly accidentally triggering it. When I'm typing it offers spelling tweaks, so if my finger grazes the touchbar I wind up changing the word I typed unintentionally. I hit the escape (or cancel) button frequently. It's a nightmare. I was curious to try it, but now I wish there was some way I could switch back.
The great thing about solving that problem is that if you do, you also make the streets safer. The problem is that it's too easy for cars to jump kerbs and hit people. This is a technical problem, not something magically insurmountable.
Hm. Isn't this one of the ways we take out turrets in Portal?
Sure. So what happens if From: isn't on that list? Answer: the message is rejected, if the recipient is e.g. yahoo or google.
What I mean by "the headers didn't get rewritten" is that the sender didn't get rewritten to a sender that would validate. If I forward your message from my server, you aren't sending it, and so the DKIM isn't going to validate. I have to send it as me.
No, you'd still have servers, and it's servers that would be on 24x7. Your client would use IMAP or JMAP (hopefully not POP).
It's push-based because of history. The number of connections is the same either way: the sender has to announce that a message is available. The difference with a pull-based solution is that the receiver ignores announcements from senders it doesn't know, and decides when/if to pull. You use pull-based solutions every day. Facebook is pull-based. Reddit is pull-based. The reason SMTP isn't pull-based is that back in the day, we didn't realize that there would be assholes. It's really that simple and that sad.
Tweak your mailer so that it sends mail from gi-request instead of google-issues-request, and don't mention "Google Account". Granted, this sucks, but the Internet routes around brokenness, and that's what you need to do in a situation like this. Is that a sad thing? Yes, of course. If we had a mail architecture that was pull- rather than push-based, maybe we could have nice things, but until that magic day, the whole thing is bubble gum and bailing wire, and it's honestly not Google's fault that that's so.
As another example of brokenness, I often get mail that is marked spam because it went through a mailing list expander and the headers didn't get rewritten, so that it fails DKIM validation. Yes, we can all rail about how evil and awful DKIM is, but the bottom line is that if you don't want that to happen, you rewrite the headers. Again, a system that's pull-based rather than push-based would make this a lot better.
They said Ambient OS would be "open source, like android," but there's nothing about that on their web site. Give me a phone on which I can run software I built from source, and that would be worth dropping some cash on. As it is, I have a perfectly nice Google phone that is sort-of open source-ish. I realize that this is a bit of a niche, but it astonishes me that nobody has attempted to suck in developers by doing this. An open source phone ecosystem would really enable some out-of-the-box innovation. But no, this is just Yet Another Brick.
There are proving grounds where this stuff can be done without endangering civilians.
When someone says "good sir" that way, it's a polite way of saying "asshole." The second "asshole" was redundant, just in case you didn't understand the first one. :)
Or the helicopter was below 500 ft. It's interesting that they used such an exact number. What the hell is a military helicopter doing flying that low near a residential neighborhood anyway?
Right, and this article gives concrete and serious criticisms of the study, of which "it was funded by Coca-cola" is not one. That's just an attempt at an explanation for how such a crappy study got funded at all.
So essentially what you're saying is that they negotiated a better deal than you, and instead of blaming your employer, who is actually not giving you the time off you want, or yourself, for not negotiating it, you are blaming them, for succeeding at it.
I say this not to be mean to you, but just to point out to you that there is a knob here you can turn, and it's not blaming your Indian colleague. If you aren't worth enough to the company that you can negotiate three weeks a year off, then figure out what company you can be valuable enough to that you can negotiate that amount of time of (or, ideally, more).
What I see in Silicon Valley is that people are "at work" all the time, but spend a lot of it on /., because their goal in being "at work" is to appear to be at work, not to get work done. This is totally counterproductive: you are living indoors because of peer pressure. Fuck peer pressure. If they don't like it that you work eight hours a day, get a different job. If the recruiter gives you hints that they want you at the office working all day, don't even interview for that job. Have a little faith in yourself.
That's true, and it's totally okay. The video was a blast. I laughed, I cried. The lesson in this is that being willing to fail is how you succeed.