I live in a house over 100 years old with original heavy wood frame windows. The windows have rope that goes to counter-weight anchors inside of the window frame to balance the weight while the window is open. On one window, the rope broke...
I now open the window and place an old AT keyboard from the '80s on the side to prop the thing open.
The section "The Start Button: Up and Running in Seconds" is something in particular that is really important that just isn't explored in modern UX/UI design, sadly.
Am I the only one that seems to remember that GOOGLE ALREADY HAD THIS FEATURE years ago. Back in the earlier days of Buzz, your Buzz account could be connected to a Twitter account. Google would pull friend's tweets on a particular topic, and show them intermixed with search results. This was just another one of the brazzilion tweeks Google has added/removed/fuckedwith/whoknowswhatelse over the years, and I'm quite honestly surprised to see it make a comeback.
Here, let me give you an itemized list of every item I keep on my person at all times while away from the house so you have an exacting idea of what to expect when you mug me and steal all my shit!
Oh, you mean like virtually every internet tech company out there that went bust during the.com bubble? Good thing nobody has decided to attempt to build an internet company after that, since that was such a disaster.
All of the "X" variants of MS Office documents stand for "XML" - that is, the documents are stored in a series of XML files inside of a ZIP file that is renamed to formatX (docx, xlsx, etc). There is no real need to even have Windows or Office installed to index these documents. Just write up a basic script to extract the ZIP file and parse out the related XML documents. Note: this isn't as trivial as it sounds at first, though. This would assume that Microsoft's XML structures (yes, plural), had an easy to comprehend standard that was logical to work with. It'll take a little digging but totally doable.
TLDR: not by choice, my company heavily relies on Excel documents, and this is how I ended up managing them, importing their contents into a SQL database for indexing and other purposes .
According to Passmark, this chip is clocked at 1.2GHz with a "Turbo" speed of 2.9GHz. In other words, it can do very short bursts at nearly 2.5x the clock speed, then have to scale back down to normal because of the heat it would generate. So while this thing looks awesome in synthetic benchmarks, how would it seriously handle in a sustained computing environment?
Yeah, right. We've also heard that from Adobe about their Creative Suite switching over the Creative Cloud. All we've gotten instead is more and more new bugs in each release, and without failure, new DRM failures with each and every release. How are we supposed to trust Microsoft with the same thing, when they already royally fucked up Windows 8? How can we trust them to not simply pull an Adobe, and spend all their time developing new DRM that constantly fucks up, instead of new actual features and functionality for end users?
Seriously guys. File this one under "NO SHIT" - Of course C is going to have the most ugly hacks. Why? Because it is by design able to access a hell of a lot more than other languages. How many languages have direct hardware access? Or inline ASM code? And does the word "hack" in the code really make it an "ugly" hack? Seriously? I wrote a micro-kernel for an ARM platform about a decade ago, and there was an assload of inline ASM code and direct pointer manipulation to access the underlying hardware, there is no other way to do this. Yeah, I'm sure the word "hack" appeared countless times in my code, because that's the general term we use. That doesn't make it "ugly" or bad by any means.
Re-read the summary. It is a little more complex than you may realize.
Attacker inserts malicious JS code into a comment box. JS code is viewed and thus executed by site's administrator. JS code was specifically crafted to modify/edit PHP files on the server - a common function of WordPress, allowing the live editing of templates and plugins. JS code then requests the newly modified PHP files from the server.
Most everyone is commenting about better security software, firewalls, VPNs, encryption, and all that shit. Isn't the article about employee training?
For example: call up a bank. Try to get the balance on someone's account. This is a task well within reason for the person on the other end of the phone, ASSUMING it is your account, right? That's the point of employee training. The human element is the weakest element of any security system. What training do these employees need in order to not leak out your private information to any random person who calls in? Is simply stating your name on the account enough? Is there more verification steps required?
An example of social engineering security policies at various companies to the extreme that can happen: http://www.wired.com/2012/08/a...
I'm in this weird bubble where I live. I'm currently on the city owned cable internet here in Tacoma WA. This ISP has some really shitty upstream connections depending on what site I'm trying to access. I also have Hurricane Electric's IPv6 Tunnel Broker service on my router itself, so my entire network has public IPv6 over IPv4. The route to the HE server in Seattle WA (~35mi away) seems to ALWAYS be stable. HE's backbone is also rock-solid world wide. Sites that are IPv6 enabled, I generally have a much better / faster / lower latency route to them, simply because my ISP has shit IPv4 routes leaving our local region.
Some major companies that are or are not IPv6 enabled: google: yes facebook: yes (interesting note: they always have:face:b00c: in their IPv6 addresses) wikipedia: yes mozilla.org: yes amazon: no AWS anything: mostly no (they have some half-assed thing on their load balancer service that sucks ass, but nothing else) slashdot: no twtter: no microsoft.com: no
It's called moderators points... which I just lost my chance to use by leaving a comment.:P One or the other, maybe Facebook should use that system, too!?
What about all the PCs that were shipped with valid licenses, but for whatever reason, techs (such as myself) have had to install a fresh copy of Windows on the box. Could be a failed drive, or other failed hardware, or whatever, reason doesn't matter too much. The point is that it shipped with a legit copy of Windows, and often times doesn't have a recovery disk or an OEM copy of Windows. What are we supposed to do then as techs? Tell the customer "SUCKS TO BE YOU" or "GOTTA PAY FOR THE THING YOU ALREADY PAID FOR, AGAIN" - or just suck it up and install a "non-genuine" license key on the box? Are these users totally SOL out of having a genuine upgrade to Windows 10 because the previous version of Windows that shipped with the system became broken?
You only want an ergo suggestion if it is awesome? As a software engineer, I've been using the Microsoft Narual 4000 for longer than I can remember. Before that, I had an earlier generation Microsoft ergo keyboard. Yeah, this thing is clunky, but honestly it is the most comfortable thing I've ever used for long term typing. Being a software engineer, ya'know that is an assload of typing!
Slashdot Mirror
I live in a house over 100 years old with original heavy wood frame windows. The windows have rope that goes to counter-weight anchors inside of the window frame to balance the weight while the window is open. On one window, the rope broke...
I now open the window and place an old AT keyboard from the '80s on the side to prop the thing open.
A good read (something Microsoft should study)
The section "The Start Button: Up and Running in Seconds" is something in particular that is really important that just isn't explored in modern UX/UI design, sadly.
http://oyvind.servehttp.com/wi...
So their web browser finally caught up to their media player from the '90s? Good job, Microsoft!
Standard Library as in stdlib/stdio or iostream? BECAUSE FUCK IOSTREAM!
Am I the only one that seems to remember that GOOGLE ALREADY HAD THIS FEATURE years ago. Back in the earlier days of Buzz, your Buzz account could be connected to a Twitter account. Google would pull friend's tweets on a particular topic, and show them intermixed with search results. This was just another one of the brazzilion tweeks Google has added/removed/fuckedwith/whoknowswhatelse over the years, and I'm quite honestly surprised to see it make a comeback.
Here, let me give you an itemized list of every item I keep on my person at all times while away from the house so you have an exacting idea of what to expect when you mug me and steal all my shit!
"a massive commercial disaster in the '90s"
Oh, you mean like virtually every internet tech company out there that went bust during the .com bubble? Good thing nobody has decided to attempt to build an internet company after that, since that was such a disaster.
Oh, so like Bitcoin!
All of the "X" variants of MS Office documents stand for "XML" - that is, the documents are stored in a series of XML files inside of a ZIP file that is renamed to formatX (docx, xlsx, etc). There is no real need to even have Windows or Office installed to index these documents. Just write up a basic script to extract the ZIP file and parse out the related XML documents. Note: this isn't as trivial as it sounds at first, though. This would assume that Microsoft's XML structures (yes, plural), had an easy to comprehend standard that was logical to work with. It'll take a little digging but totally doable.
TLDR: not by choice, my company heavily relies on Excel documents, and this is how I ended up managing them, importing their contents into a SQL database for indexing and other purposes .
I still use @Hotmale.com ... what does that say about me!?
According to Passmark, this chip is clocked at 1.2GHz with a "Turbo" speed of 2.9GHz. In other words, it can do very short bursts at nearly 2.5x the clock speed, then have to scale back down to normal because of the heat it would generate. So while this thing looks awesome in synthetic benchmarks, how would it seriously handle in a sustained computing environment?
Damn those eco-friendly nuts always trying to grow things at home!
Yeah, right. We've also heard that from Adobe about their Creative Suite switching over the Creative Cloud. All we've gotten instead is more and more new bugs in each release, and without failure, new DRM failures with each and every release. How are we supposed to trust Microsoft with the same thing, when they already royally fucked up Windows 8? How can we trust them to not simply pull an Adobe, and spend all their time developing new DRM that constantly fucks up, instead of new actual features and functionality for end users?
Seriously guys. File this one under "NO SHIT" - Of course C is going to have the most ugly hacks. Why? Because it is by design able to access a hell of a lot more than other languages. How many languages have direct hardware access? Or inline ASM code? And does the word "hack" in the code really make it an "ugly" hack? Seriously? I wrote a micro-kernel for an ARM platform about a decade ago, and there was an assload of inline ASM code and direct pointer manipulation to access the underlying hardware, there is no other way to do this. Yeah, I'm sure the word "hack" appeared countless times in my code, because that's the general term we use. That doesn't make it "ugly" or bad by any means.
Sharing Is Caring!
Re-read the summary. It is a little more complex than you may realize.
Attacker inserts malicious JS code into a comment box.
JS code is viewed and thus executed by site's administrator.
JS code was specifically crafted to modify/edit PHP files on the server - a common function of WordPress, allowing the live editing of templates and plugins.
JS code then requests the newly modified PHP files from the server.
Most everyone is commenting about better security software, firewalls, VPNs, encryption, and all that shit. Isn't the article about employee training?
For example: call up a bank. Try to get the balance on someone's account. This is a task well within reason for the person on the other end of the phone, ASSUMING it is your account, right? That's the point of employee training. The human element is the weakest element of any security system. What training do these employees need in order to not leak out your private information to any random person who calls in? Is simply stating your name on the account enough? Is there more verification steps required?
An example of social engineering security policies at various companies to the extreme that can happen:
http://www.wired.com/2012/08/a...
This is why: https://tools.ietf.org/html/rf...
I'm in this weird bubble where I live. I'm currently on the city owned cable internet here in Tacoma WA. This ISP has some really shitty upstream connections depending on what site I'm trying to access. I also have Hurricane Electric's IPv6 Tunnel Broker service on my router itself, so my entire network has public IPv6 over IPv4. The route to the HE server in Seattle WA (~35mi away) seems to ALWAYS be stable. HE's backbone is also rock-solid world wide. Sites that are IPv6 enabled, I generally have a much better / faster / lower latency route to them, simply because my ISP has shit IPv4 routes leaving our local region.
Some major companies that are or are not IPv6 enabled: :face:b00c: in their IPv6 addresses)
google: yes
facebook: yes (interesting note: they always have
wikipedia: yes
mozilla.org: yes
amazon: no
AWS anything: mostly no (they have some half-assed thing on their load balancer service that sucks ass, but nothing else)
slashdot: no
twtter: no
microsoft.com: no
I have absolutely no idea what you're talking about! https://www.youtube.com/watch?...
It's called moderators points... which I just lost my chance to use by leaving a comment. :P One or the other, maybe Facebook should use that system, too!?
What about all the PCs that were shipped with valid licenses, but for whatever reason, techs (such as myself) have had to install a fresh copy of Windows on the box. Could be a failed drive, or other failed hardware, or whatever, reason doesn't matter too much. The point is that it shipped with a legit copy of Windows, and often times doesn't have a recovery disk or an OEM copy of Windows. What are we supposed to do then as techs? Tell the customer "SUCKS TO BE YOU" or "GOTTA PAY FOR THE THING YOU ALREADY PAID FOR, AGAIN" - or just suck it up and install a "non-genuine" license key on the box? Are these users totally SOL out of having a genuine upgrade to Windows 10 because the previous version of Windows that shipped with the system became broken?
You only want an ergo suggestion if it is awesome? As a software engineer, I've been using the Microsoft Narual 4000 for longer than I can remember. Before that, I had an earlier generation Microsoft ergo keyboard. Yeah, this thing is clunky, but honestly it is the most comfortable thing I've ever used for long term typing. Being a software engineer, ya'know that is an assload of typing!
OR how about just get a chain for your wallet? Sometimes low tech is the best tech. Don't lose your shit in the first place.
SIMPLE! He'll just revert the patch. Problem solved!