high ranking Mozilla employees don't understand one very important thing about Firefox: it was this popular because it was powerful with its add-ons/extensions.
Throughout its history Mozilla has made changes to Firefox which rendered thousands of add-ons broken, they changed its look and feel without giving an option to go back, and limited the user's freedom in other ways.
You don't fuck with your user if you want the user to keep using your product. Yet Mozilla is frightening us with the complete abandonment of XUL which will kill Firefox's most powerful add-ons which are able to do the things which WebExtensions API are unsuitable for. Even recently introduced e10s rendered four of my add-ons dead - they are marked "enabled" yet don't work at all.
It's a sad story really. Once a powerful web browser, now a weak shadow of itself.
While I commend him for trying to bring down the price of decent Android phones to this range, I'd love to see the problem of Android updates to be solved. That's a pressing issue and it should be given the highest priority at Google.
It sucks when 90% of Apple devices already run iOS 10, while less than 1% of Android phones run Android 7.1.1. Maybe Android updates cannot be solved because ARM devices are basically different platforms but there must be a way to at least fix all the vulnerabilities which are a plenty. Google has the resources to force all vendors follow the same update protocol and have them release their firmware as open source so that Google could apply security fixes/patches and distribute OTA updates instead of uncaring OEMs and network operators.
It's OK when you come to a movie theater and you're given a pair of glasses. Nice and clean, and later you can take them off and forget about them.
It's not OK when you have to inconvenience yourself with 3D glasses at home. Also, unlike a TV remote you must keep them clean and tidy or they become unpleasant to use.
Other minor problems in my opinion are: 1) 3D has a degraded quality (only half vertical resolution) 2) you have to manually enable the 3D mode when you need it (never seen TV sets which do that automatically) 3) the novelty effect wears off far too quickly 4) strictly speaking TVs are home appliances which are often watched in/as background/in quick sessions and people couldn't be bothered with 3D.
Strangely the industry doesn't ask itself why 4K displays slowly replace FullHD panels and 4K hasn't failed. Two many reasons: 1) it only started happening when prices fell 2) 4K doesn't require any additional tinkering on behalf of the user: you turn the TV set on and it just works. It's not that people actually see those eight megapixels - nope, most people watch TVs so far from the screen, there's zero different between FullHD and 4K resolutions for them.
New technologies for home must not be cumbersome and difficult to use. 3D is.
It's been already noted on several occasions that very large bitcoin purchases/sell outs significantly alter bitcoin's price because people still don't believe in it like they for instance trust fiat money, so whenever they see major fluctuations they start to panic and exacerbate whatever trend is currently in effect. This explains almost every time when bitcoin has lost/gain its value.
Bitcoin is a currency of pure faith (there's no bank/government or any financial entity behind it) and only when a number of agents using it increases 10-100fold or more, it'll probably become stabler.
My bet is that someone decided to cash out a lot of bitcoins (up to tens of thousands) which swayed the market however it's already recovering - as of this moment bitcoin is trading at $985 at BitMex (the largest USD bitcoin exchange).
As for the Chinese yuan getting stronger - I call it BS. It hasn't become 10% more valuable, more like 1% at the most, yet bitcoin has suddenly lost ~30% (~1100->~880) of its value in a matter of a an hour(!). Nope. These two events seem to be related but one didn't cause the other one.
Just a week ago I visited the closest to my apartment mall and compared 2016 SUHD Quantum Dot Samsung TVs and LG's OLED TVs.
And you know what? LG's blacks are just mind boggling, I mean the contrast ratio of LG's display was head and shoulders above what Samsung can manage.
Maybe Samsung can claim and does have higher brightness (not sure if it's relevant since most people have their TVs at apartments/houses and usually watch them in the evening/at night) and a wider gamut, but when it comes to darkness/dim lights, OLEDs are miles better. I'd have deeper blacks over higher brightness/wider gamut any time, please.
One cannot imagine how freaking tired I am of hearing about Moore's Law - there's no law, there's never been one. There was a mere observation that the number of transistors doubled every 18 months or so.
Whoever decided to call this observation a law must forever be held up to shame. And the ones who keep repeating this nonsense.
If they use bulk interception that way, the site operator may well notice eventually - it's trivial to check for. Just contact a few random site users and ask them what cert hash they are seeing.
You must be smoking some strong weed if you believe that the average Joe even grasps the concept of CA. Most of them don't even understand what connection encryption is. All they understand is that if there's a green lock sign next to the domain name then they are secure. Then we've already seen how a lock sign can be faked, how the domain name can be faked, etc. etc. etc. Most people don't even understand what the address bar is - they usually enter domain names into... a search string of their favorite search engine. Just a week ago I had a client who said he couldn't access the URL I'd sent to him earlier because... it turned out the client tried to enter it into... Google. And since the URL was internal Google of course couldn't index it and showed zero results.
Unless we make HTTPS more or less unbreakable (so that it is fully transparent to the user and doesn't require any additional actions) your "measures" aren't worth a penny: "the site operator", "check a website hash against the known hash", etc. etc. etc. - this all won't work ever.
Over the years we've seen millions of websites being hacked because site operators "forgot" to update their software. Over the years we've seen many high profile attacks against users who opened whatever attachments they received via e-mail. Computing and the Internet are way too difficult for most people - they regard it as an instrument.
It would have been all great if governments couldn't exert power over certificate authorities. The reality however is different.
We need a universally adopted system which doesn't allow to circumvent the process of issuing certificates or at least protect against rogue certificates - then we may sing praises.
First of all, it could have been him who installed said "malware".
Secondly, he could have tried installing a nonmalware application infected with a trojan after the original developer has his credentials stolen/lost/whatever.
Thirdly, Google regularly removes malware from the Play Store.
Fourhtly, your expressed schadenfreude looks at the very least awkward.
Fifthly, moderation at/. has recently turned to shit. Insightful/informative posts are often ignored, hateful/factually incorrect comments are promoted.
Let me copy this comment since I believe it's kinda relevant.
Kaby Lake is an embarrassment and should have never seen the light of day - at least not as a "new" architecture - it's anything but "new". The CPU core is completely the same, the GPU core is minimally improved. Intel should have released it as SkyLake with XX50 postfix (6750/6650/etc) because it's what it is.
I'm quite sure it's Intel's marketing department and investors who insisted that Intel should release something "new". I want to believe Ryzen will pan out to give a good blow to Intel and then we'll have some real improvement/competition.
Washington tries to improve its ability to spot and deny entry to individuals who have ties to terrorist groups like the Islamic State.
Is this measure meant for complete imbeciles or I'm missing something here? What if I'm a real terr orist? I will either specify no social profile at all, or specify the one meant for fooling everyone.
Ah, I get it, it's not about terrorism. It's about pilfering taxpayer money. Oh, and it's about security theater as well. As if more people die of terrorism than people on the roads... oh, wait.
"inexplicable experimental evidence of elemental transmutations"
Alchemy is... real? I'm not talking about turning stuff into gold but turning some elements into others using certain... what-looks-to-be chemical reactions?
but know that virtual machine escapes aren't uncommon
For my entire life I've heard of maybe 10 cases of exploits which actually allowed to escape VM while at the same time each popular web browser (IE, Firefox, Chrome, Opera, Safari) has already had at least 300 remotely exploitable vulnerabilities (close to 1500 vulnerabilities overall).
Which means that when you're running your web browser in a VM you decrease your chances of being p0wned by at least two orders of magnitude. Also, since most attacks nowadays are carried out automatically, those attacks will stop at your VM because the exploit kit will not try to break out of VM since 99.999% of users out there don't bother virtualizing their browser and also there are ways to conceal your VM.
I've been thinking about this issue for quite some time already, and I'm gonna ask it again, how do you virtualize your web browser (actually it's the only way to be fully protected against local root (kernel/system daemons) vulnerabilities, keyloggers, data theft, etc.)?
Here are my minimum requirements:
Kernel syscalls protection and user account protection - i.e. web browser must be fully virtualized
Decent performance and 2D acceleration
Ability to use a shared folder (for downloads and stuff)
Ability to easily update your web browser and virtualized environment
Lightweight!
Audio output
Nice to have things
Ability to use your microphone
Decent video playback speed for video web hostings (youtube/vimeo/etc.)
Things that come to mind:
Full virtualization via VirtualBox/VMWare Player + some OS: it's unclear how much RAM I should allocate to the guest OS and also I'm not sure 2D acceleration will work
Various KVM/Linux containers based solutions: I suspect there'll be no 2D acceleration whatsoever and video playback speed will be awful.
So, have you got any solutions? ideas? proposals? Something working? Please share.
Public Key Cryptography won't save you from a beating using a $5 wrench. What's more - if the assailant understands you don't have a key to decrypt your footage, your footage and camera might be destroyed and you may end your life in a ditch.
With unencrypted video you can at least show the evidence you haven't shot more than everyone is comfortable with and you might be let go.
Slashdot Mirror
high ranking Mozilla employees don't understand one very important thing about Firefox: it was this popular because it was powerful with its add-ons/extensions.
Throughout its history Mozilla has made changes to Firefox which rendered thousands of add-ons broken, they changed its look and feel without giving an option to go back, and limited the user's freedom in other ways.
You don't fuck with your user if you want the user to keep using your product. Yet Mozilla is frightening us with the complete abandonment of XUL which will kill Firefox's most powerful add-ons which are able to do the things which WebExtensions API are unsuitable for. Even recently introduced e10s rendered four of my add-ons dead - they are marked "enabled" yet don't work at all.
It's a sad story really. Once a powerful web browser, now a weak shadow of itself.
True, but at least they stylize certain letters unlike Mozilla which hasn't done even that.
There's just "moz://a" written in some fancy font.
When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.
Also relevant to like 0.2% of slashdot readers?
While I commend him for trying to bring down the price of decent Android phones to this range, I'd love to see the problem of Android updates to be solved. That's a pressing issue and it should be given the highest priority at Google.
It sucks when 90% of Apple devices already run iOS 10, while less than 1% of Android phones run Android 7.1.1. Maybe Android updates cannot be solved because ARM devices are basically different platforms but there must be a way to at least fix all the vulnerabilities which are a plenty. Google has the resources to force all vendors follow the same update protocol and have them release their firmware as open source so that Google could apply security fixes/patches and distribute OTA updates instead of uncaring OEMs and network operators.
and that's goggles.
It's OK when you come to a movie theater and you're given a pair of glasses. Nice and clean, and later you can take them off and forget about them.
It's not OK when you have to inconvenience yourself with 3D glasses at home. Also, unlike a TV remote you must keep them clean and tidy or they become unpleasant to use.
Other minor problems in my opinion are: 1) 3D has a degraded quality (only half vertical resolution) 2) you have to manually enable the 3D mode when you need it (never seen TV sets which do that automatically) 3) the novelty effect wears off far too quickly 4) strictly speaking TVs are home appliances which are often watched in/as background/in quick sessions and people couldn't be bothered with 3D.
Strangely the industry doesn't ask itself why 4K displays slowly replace FullHD panels and 4K hasn't failed. Two many reasons: 1) it only started happening when prices fell 2) 4K doesn't require any additional tinkering on behalf of the user: you turn the TV set on and it just works. It's not that people actually see those eight megapixels - nope, most people watch TVs so far from the screen, there's zero different between FullHD and 4K resolutions for them.
New technologies for home must not be cumbersome and difficult to use. 3D is.
It's been already noted on several occasions that very large bitcoin purchases/sell outs significantly alter bitcoin's price because people still don't believe in it like they for instance trust fiat money, so whenever they see major fluctuations they start to panic and exacerbate whatever trend is currently in effect. This explains almost every time when bitcoin has lost/gain its value.
Bitcoin is a currency of pure faith (there's no bank/government or any financial entity behind it) and only when a number of agents using it increases 10-100fold or more, it'll probably become stabler.
My bet is that someone decided to cash out a lot of bitcoins (up to tens of thousands) which swayed the market however it's already recovering - as of this moment bitcoin is trading at $985 at BitMex (the largest USD bitcoin exchange).
As for the Chinese yuan getting stronger - I call it BS. It hasn't become 10% more valuable, more like 1% at the most, yet bitcoin has suddenly lost ~30% (~1100->~880) of its value in a matter of a an hour(!). Nope. These two events seem to be related but one didn't cause the other one.
Just a week ago I visited the closest to my apartment mall and compared 2016 SUHD Quantum Dot Samsung TVs and LG's OLED TVs.
And you know what? LG's blacks are just mind boggling, I mean the contrast ratio of LG's display was head and shoulders above what Samsung can manage.
Maybe Samsung can claim and does have higher brightness (not sure if it's relevant since most people have their TVs at apartments/houses and usually watch them in the evening/at night) and a wider gamut, but when it comes to darkness/dim lights, OLEDs are miles better. I'd have deeper blacks over higher brightness/wider gamut any time, please.
While we are at it, here's all 60 games in the SGF format.
An official confirmation from Demis Hassabis, a co-founder of DeepMind.
One cannot imagine how freaking tired I am of hearing about Moore's Law - there's no law, there's never been one. There was a mere observation that the number of transistors doubled every 18 months or so.
Whoever decided to call this observation a law must forever be held up to shame. And the ones who keep repeating this nonsense.
You must be smoking some strong weed if you believe that the average Joe even grasps the concept of CA. Most of them don't even understand what connection encryption is. All they understand is that if there's a green lock sign next to the domain name then they are secure. Then we've already seen how a lock sign can be faked, how the domain name can be faked, etc. etc. etc. Most people don't even understand what the address bar is - they usually enter domain names into ... a search string of their favorite search engine. Just a week ago I had a client who said he couldn't access the URL I'd sent to him earlier because ... it turned out the client tried to enter it into ... Google. And since the URL was internal Google of course couldn't index it and showed zero results.
Unless we make HTTPS more or less unbreakable (so that it is fully transparent to the user and doesn't require any additional actions) your "measures" aren't worth a penny: "the site operator", "check a website hash against the known hash", etc. etc. etc. - this all won't work ever.
Over the years we've seen millions of websites being hacked because site operators "forgot" to update their software. Over the years we've seen many high profile attacks against users who opened whatever attachments they received via e-mail. Computing and the Internet are way too difficult for most people - they regard it as an instrument.
It would have been all great if governments couldn't exert power over certificate authorities. The reality however is different.
We need a universally adopted system which doesn't allow to circumvent the process of issuing certificates or at least protect against rogue certificates - then we may sing praises.
First of all, it could have been him who installed said "malware".
Secondly, he could have tried installing a nonmalware application infected with a trojan after the original developer has his credentials stolen/lost/whatever.
Thirdly, Google regularly removes malware from the Play Store.
Fourhtly, your expressed schadenfreude looks at the very least awkward.
Fifthly, moderation at /. has recently turned to shit. Insightful/informative posts are often ignored, hateful/factually incorrect comments are promoted.
Because for the price of these earbuds one can buy a decent ... smartphone and wired earbuds which won't sound any worse.
But why isn't it marked as such?
Is this measure meant for complete imbeciles or I'm missing something here? What if I'm a real terr orist? I will either specify no social profile at all, or specify the one meant for fooling everyone.
Ah, I get it, it's not about terrorism. It's about pilfering taxpayer money. Oh, and it's about security theater as well. As if more people die of terrorism than people on the roads ... oh, wait.
is that they got tired of backporting security fixes and decided to sync codebases instead.
Alchemy is ... real? I'm not talking about turning stuff into gold but turning some elements into others using certain ... what-looks-to-be chemical reactions?
For my entire life I've heard of maybe 10 cases of exploits which actually allowed to escape VM while at the same time each popular web browser (IE, Firefox, Chrome, Opera, Safari) has already had at least 300 remotely exploitable vulnerabilities (close to 1500 vulnerabilities overall).
Which means that when you're running your web browser in a VM you decrease your chances of being p0wned by at least two orders of magnitude. Also, since most attacks nowadays are carried out automatically, those attacks will stop at your VM because the exploit kit will not try to break out of VM since 99.999% of users out there don't bother virtualizing their browser and also there are ways to conceal your VM.
Nice to have things
Things that come to mind:
So, have you got any solutions? ideas? proposals? Something working? Please share.
Public Key Cryptography won't save you from a beating using a $5 wrench. What's more - if the assailant understands you don't have a key to decrypt your footage, your footage and camera might be destroyed and you may end your life in a ditch.
With unencrypted video you can at least show the evidence you haven't shot more than everyone is comfortable with and you might be let go.