Slashdot Mirror


User: tepples

tepples's activity in the archive.

Stories
0
Comments
68,260
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 68,260

  1. Apart from a few very early devices sold by U.S. carrier AT&T, essentially all Android phones and tablets have an option to allow installation of applications from outside Google Play Store. This means that Gab can use any or all of three options:

    • Submit its app to Amazon Appstore.
    • Make its app available for unknown sources.
    • Publish an API so that the developer of a microblogging application can make a client as free software and submit its source code to F-Droid.

    In fact, Android 8 "Oreo" makes this less monopolistic by letting the user designate any app as a store rather than using the system-wide, all-or-nothing "Unknown sources" setting of previous versions.

  2. F bombs correlated with personal attacks on The Father of Mobile Computing Is Not Impressed (fastcompany.com) · · Score: 1

    Perhaps readers discriminate against writers who use "fuck" because of the high overall correlation between forms of that word and fallacious arguments, particularly those that use personal attacks or other appeals to emotion. Someone who reads Cracked, for example, might not have this bias because though its articles contain the occasional F-bomb, they are on the whole well reasoned.

  3. Re:Nope. The developers don't care. on The Father of Mobile Computing Is Not Impressed (fastcompany.com) · · Score: 1

    Nexus and Pixel users pay Google for hardware. Are they also "the product"?

  4. Perhaps the bottom half of the point scale is for asset flips and other comparably bad material.

  5. A failed WebDAV PUT can be resumed with a second PUT specifying a Content-Range.

  6. Let me know when Xcode is ported to iPad.

  7. Or unless it's a video whose publisher doesn't want it sent in the clear to be viewed by other people who haven't paid for it.

  8. You mean like the eBay and Amazon listers that I revised over the course of six years for an online toy seller? Yup, Python.

  9. The MITM could insert malicious code into files transferred through FTP. Even if the file looks like a video, several video containers such as WMV have contained functionality to download DRM code to obtain a license needed to decrypt the video in the WMV file. This functionality can be and has been used for dropping trojans.

  10. Two factor authentication costs more w/o cookies on Every Major Advertising Group Is Blasting Apple for Blocking Cookies in the Safari Browser (adweek.com) · · Score: 1

    The problem with blowing away your cookies every time you restart is that it breaks sites that use two factor authentication. Because receiving the verification code through SMS on a prepaid U.S. cellular plan costs money each time, sites using 2FA offer a "Remember this computer as mine" option. If you disable persistent cookies, you end up having to receive SMS every time. For whom would this be worth ten cents per day times the number of sites that one logs into per day?

  11. Re:Wget is a download manager on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    What would the CLI counterpart to said derpy clients look like? I imagine not unlike Wget.

  12. Re:STARTTLS stripping on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    Unless the server sincerely doesn't support STARTTLS. Without some counterpart to HSTS, how is a client supposed to distinguish a server that doesn't support TLS from one that does but is behind a proxy that changes "Send a STARTTLS command first" to "Send a XXXXXXXX command first"?

  13. You can just as easily spoof a UI image over an encrypted channel as you can over a cleartext channel.

    With an encrypted channel, the browser has a fully qualified domain name with which to associate all images transmitted over that channel. With an unencrypted channel, the browser can't tell what domain has injected the images.

  14. Re:Ad groups always try to flip this... on Every Major Advertising Group Is Blasting Apple for Blocking Cookies in the Safari Browser (adweek.com) · · Score: 1

    A better user experience doesn't involve ads.

    I agree. A user experience is possible without ads. You just have to chan...

    To read the rest of this comment, log in to your comments by tepples account or subscribe to comments by tepples.

  15. The idea that "consumers" want ads, much less that they want "timely and useful" ads is mistaken.

    Most viewers want to read articles without having to pay a dollar per page (to compensate for per-transaction fees typical of credit card processors) or pay per site per year. They accept ads as a means to this end.

  16. No JS means you can run only 1 OS's apps on Every Major Advertising Group Is Blasting Apple for Blocking Cookies in the Safari Browser (adweek.com) · · Score: 1

    Now if they also stop supporting javascript it would definitely be a browser worth using !

    If web browser developers were to stop supporting JavaScript, web application developers would make native applications instead. And many such developers aren't going to have the resources to make and thoroughly test five versions of each native application, one for each of GNU/Linux, Android, Windows, macOS, and iOS. This means users will end up unable to use some applications that they would have been able to use had they been web applications.

    Or should a developer deliver a Windows application that has been tested in Windows and Wine, expect GNU/Linux and macOS users to use Wine, and expect Android and iOS users to do without?

  17. To get you to buy another as a gift on Every Major Advertising Group Is Blasting Apple for Blocking Cookies in the Safari Browser (adweek.com) · · Score: 1

    My guess as to the retargeting apologist's reply: "Have you bought another of the helmet as a gift for another biker in your circle of friends?"

  18. Enjoy looking at paywall notices on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    The biggest benefit I can think of would be for all of the advertisers to join all of the lawyers at the bottom of the ocean.

    That won't work in practice for one simple reason. Publishers will sw...

    To read the rest of this comment, log in to your comments by tepples account or subscribe to comments by tepples.

  19. Re:So how about FTPS on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    The explicit FTPS method allows a client to revert to an unencrypted control channel after authentication, but it is only at the client's discretion. The FTPS server can't tell the client to issue a CDC command. So if your site requires it, you have to tell your users to configure their FTPS client that way.

    And that's a good thing. Otherwise, neither side can be sure that the file that is received is identical to the file that was sent.

  20. Re:MITM can alter the hash on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    There are use cases where you really honestly don't care if the cat video you're getting to kill time is authentic or not.

    But you do care whether the operating system UI presented after the conclusion of the cat video is authentic and not a phishing attempt.

  21. There still exists a subset of FTP that's simple to support if the server operator doesn't need FXP functionality, namely PASV-only. Or is FXP too important in practice to consider it expendable?

  22. And then every malware bother will use your HTTP server with a PUT enabled to distribute itself.

    401 Authorization Required

  23. What follows the cat video? on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    Do I need to watch cat videos over SSL?

    TLS ensures that you're watching only the cat video, not the cat video followed by an ad inserted by a man in the middle, nor the cat video followed by a full-screen phishing form inserted by a man in the middle.

  24. Modern FTP clients and servers support STARTTLS as a command to initiate TLS

    Unless the ISP intercepts the STARTTLS command sent by the client and turns it into a garbage command that produces a 502 Method Not Supported response, fooling the client into thinking the server doesn't support TLS. This has happened, Ars Technica has reported on it, and there's even a proof of concept in PyPI. What's FTP's counterpart to HSTS?

  25. Re:Mozilla or Chrome on FTP Resources Will Be Marked Not Secure in Chrome Starting Later This Year (google.com) · · Score: 1

    It would seem that the only unsecure bit of an ftp download would be some asshole manipulating packets at a router somewhere down the line. That should be illegal anyway, imagine if they did that with TV.

    Cable TV operators already replace a small number of commercials per hour per their retransmission contracts with the networks. You can tell this is happening on (say) The Weather Channel because the crawl at the bottom disappears.