Not sure which release was worse, Gnome 3 or KDE 4. In both cases, the UI devs went insane and for some reason, all of the other devs followed their lead.
RE the bolded part, it's a well known syndrome known as the second system effect: http://en.wikipedia.org/wiki/S... "The second-system effect (also known as second-system syndrome) is the tendency of small, elegant, and successful systems to have elephantine, feature-laden monstrosities as their successors due to inflated expectations. The phrase was first used by Fred Brooks in his classic The Mythical Man-Month. It described the jump from a set of simple operating systems on the IBM 700/7000 series to OS/360 on the 360 series."
You may be asking why it was gnome 3, rather than 2, and that's because 1 wasn't really a success (2 was a simple evolution of 1). In 3, major changes were made to meet some new design ideas. Ditto on KDE4... they made it through 3 major releases before succumbing to the need to re-write.
I honestly hope the following is helpful... It sounds like you just need a decent window manger, rather than a whole desktop environment.
You can configure it as one would have done with startx (editing ~/.xinitrc), and instead just edit ~/.xsession. For example, have it include: #!/usr/bin/env bash export LANG="en_US.UTF-8" export LC_ALL="en_US.UTF-8" export LANGUAGE="en_US.UTF-8" export LC_CTYPE="en_US.UTF-8" xterm & exec xfwm4
You may have to tweak your desktop manager (gdm/xdm/kdm/lightdm/etc) to use an xsession. For lightdm (default in ubuntu 12.04), here's an example of how to do it: https://wiki.ubuntu.com/Custom...
You can add on whatever panels, launchers, etc you'd like that way, and keep it as light or heavy as you want. Replace the xfwm4 with whatever window manger you want. NOTE: that xfwm4 won't run the whole xfce desktop... it's just the window manger. Personally, I'd suggest taking a look at sawfish, but to each their own.
The test run was the former SNET region. ( Last year )
If this all means that the new ma bells will be selling off all their landline stuff, I'm all for it! http://en.wikipedia.org/wiki/B...
All the systems have re-united under either AT&T or Verizon. There is a spattering of smaller LEC's, but those two hold the vast majority of system. Why did we break up Bell before? Why in the world did they (regulators) allow these to coalesce?
... My monthly Verizon bill is ~$100. How would I save by paying, say, $600 for a blank phone?... Yeah, I could have bought such a phone and gone w/ a no-name carrier. How much would I have saved per month to make it worth my while?
I was curious. MetroPCS isn't the cheapest, but it's was popped in my head. $40/month for unlimitted talk, text, and data (first 4gb is at full 4g LTE speed, rest is rate limitted). 12 months * $60 savings = $720 savings a year. You'd pay for your $600 phone in 10 months, and then you'd save $840 by the end of 2 years.
Is almost a grand a year worth it?
Since you only have a 250mb/month data plan, I'm guessing (could be wrong) you don't use it much for calls or text either. How about a pay-as-you-go. For example, T-Mobile: * $3/month for 30min or 30 texts (or any combination) * $0.10/min after that, or $0.10/message * $5/day for a day pass of data (up to 500mb, twice what you get monthly), or $10/week (up to 1gb)
IMHO, most self-driving cars will be operated by a networked JohnnyCab-like service that will combine the efficiency of public transportation and the freedom of personally-owned vehicles.
HAHAHA!!! "efficiency of public transportation", like how it takes 2-3 times as long to get somewhere via public trans? and how about dealing with the mess and disrepair? "freedom of personally-owned vehicles"!??!?! JohnnyCab is going to provide no more freedom than a taxi. Every try to pick up a taxi in Manhattan while trying to get over a river, let alone get to the beach or something?
I see fully autonomous self driving cars as the worst of all situations, except in dreamy idealistic situations that aren't going to happen. Maybe/Hopefully I'll be wrong.
They're building out a new subway line in NYC in Manhattan down 2nd ave. So you are right that it can be done. Not only that, but it IS being done.
Other cities claiming it's too late to add it are exaggerating. They can do it. That's not really a question. Is it worth the cost? In many cases, probably not... but that's a decision people are making, not some fact of life for old cities.
Disagree. Why did some fish go on land, others not? I think there is some element of will, choice, involved.
Fine. Not that I agree, but fine, think what you will.
Now, is that part of Darwin's theory of evolution? No, and that's the part I'm complaining about.
* people say "survival of the fittest" and use that as justification for being smart, or working out more, or war, etc etc. It's not directly related to any of those things.
* people say didn't "need" to change, but "need" has nothing to do with it.
These confuse the situation and make all involved a little bit more dumb because it destroys our ability to communicate clearly and pass on ideas to others. Some people (including some responding to me) basically said that we all understand what was meant (ex. "Anthropomorphising evolution doesn't bother me..."). You, blue trane, are the perfect example of why it SHOULD bother people.
Please note, I'm not judging your opinion on this one way or the other. I'm simply saying that people shouldn't refer to what you're proposing as being Darwin's theory of evolution, or vice-versa (not that you did directly, but that was the point being made).
I honestly haven't looked that up. That said, I'm not sure if Google Wallet or Apple Pay have ever said they support such a use case. They both still use normal cards under the hood, so I suspect you'd still use those for your automated payments.
How do you get your money back for fraud and prevent the vendor(s) from further charging your compromised card?
Money back from fraud? You claim it was fraud; chargeback is issued; merchant must prove what happened to get their money; this continue past that, just like with a normal card. No difference. Prevent vendors from further charging your compromised card? I guess you didn't read what I wrote at all, and don't understand any of the digital wallets at all...
* Google wallet: the vendor has what is essentially a one time card number. They can't make any other purchases on it if they wanted to. * Apple Pay: the vendor has your DAN and a dynamic security code. They can't make another purchase without the correct (next random) security code. If you're really paranoid, you can reset the DAN without changing any of your card numbers. The vendor does not have your card number (and neither does apple after initial setup).
McDonalds may serve billions, but no one is trying to pass it off as gourmet food.
But if you want to learn a skill that will almost certainly get you a job somewhere, then learning to flip burgers is a pretty safe way to ensure a job (quality of job not considered).
This type of popularity *does* have a purpose and implications and value. It's good to know. You still need other factors before you make your decisions, but it's a valuable one. It'd be nice if the various indexes had a page that also allowed them to be cross referenced and weighted to produce new calculated scores (ex. pay scaled by a factor of 1.5; lines of code in the wild scaled by factor of 0.5; most growth in past N years scaled by factor of 1.2; job postings for it scaled by 1; etc etc; combine them and calculate new scores). I don't know if I'd actually get any more usable value out of that, but it'd be (arguably) better than these stats we've been given lately.
Next "top languages" post I see, I hope it just combines all the other existing stats to provide a weightable index (allow you to tweak what's most important). Maybe BH can address that:-)
sometimes there is no force nor need for evolution.
.. and from TFS:
...made further adaptations unnecessary.
It really bugs me when I see the theory of evolution referred to this way. There is no "need" or "desire" or "necessary" involved. Similarly, "survival of the fittest" has nothing to do with who is in the (subjectively) best shape or who is the smartest (though there may be correlations). Fish did not decide that they'd like to walk on land or breath air (if they did, it had nothing to do with that happening).
If these things haven't evolved in 2 billion years, it simply means that any mutations that may have occurred resulted in lines that did not reproduce as effectively. That's still a very impressive feat, but it's not because it didn't "need" to, it's because when it did change it didn't do as well. In this case, it's very likely that this is at least partially due to the simplistic nature of this bacteria (fewer dip switches in its DNA, so to speak) and, of course, as the article points out, the very consistent environment (allowing for an optimized implementation to consistently out perform any random brethren).
What kind of crappy card company removes a fraudulent charge without issuing a new card with a new number?
This is one nice side effect of the digital wallets. Your actual card number is not used in the transaction*. So, if there's a fraudulent charge via the wallet, it can be contested/removed/etc without any need to re-issue the underlying card number.
* Google uses a temporary mastercard number for each transaction * Apple uses a DAN (device account number) and dynamic security codes
Pay by phone is not really any more convenient than pay by card. In fact, it may be less convenient. I've never understood the appeal from a consumer point of view. I do understand why many companies want it to take hold, its another place to insert yourself in the money stream.
I agree that pay by phone is LESS convenient than pay by card. IMO, the industry is doing a disservice to its users by attempting to push that agenda.
However, pay by phone *should* be MUCH MUCH more secure than the typical (US) pay by card (mag stripe).
All you need to make transactions online or by phone as someone else is an impression of their card. Some businesses require the security code from the back of the card. Some require your home zip code. But not everyone does, so you can still make huge purchases without those. You can also clone the card by converting that info into the mag stripe info and writing it to a card (and the equipment needed for that is cheap and readily available).
Let's ignore a lot of that for now and focus on the transaction level. Your card number, in the mag swipe method, ends up going through a lot of less-than-ideally secure areas. Look at the recent Target breech for an example. The fact is, it's both the identifier that is presented to the merchant (which could be a shady waiter carrying your card back to their register) and the identifier linking to your account - they're one in the same.
With the virtual wallet implementations, they implemented cryptographically secure key generation and all kinds of stuff like that. Google doesn't ever see your card number, and neither does the merchant. There's some calculated tokens passed about that confirm your account and the result from the bank. With the virtual wallet implementations, your credit card number is not seen by google/apple nor the merchant during the transaction. In googles case, there's a virtual card used with randomly changing security codes to prevent reuse. In apples case, a DAN is used (device account number) issued by your bank, and dynamic security codes unique to each transaction are generated during transactions. There's a bunch of other stuff involved but, in short, it's much more secure than your mag stripe.
IMO, the only real concern from the user end is that Google and Apple are essentially MITM to at least some parts of the transaction. They way the two work is quite different, so they both have different data flows. Either way, we're introducing another middle man to the process, and it'll probably only have a couple big players that are in that space skimming little bits of money off every transaction. I wish we were getting rid of some of the rest of the old kruft with this move, but we're not, and we're just adding more to it. It does help get rid of the mag stripe though, and that thing needs to go.
I left for red-hat derivative Scientific Linux (Fedora is too bleeding edge and I don't trust the NSA with non-European Linux anyway, so Centos and Mint aren't quite independent enough for my paranoia ).
But redhat / Scientific linux repos have been too conservative. But ever since the start I've been plagued with insufficient repositories, versions that are TOO old and dependency problems when I try to add my own repos or download / compile my own.
You picked the wrong distro. If you want stuff that is up to date, don't pick a distro designed to be stable and lagging. RHEL 6 was released in 2010. It does get updates, but the 6 line maintains significant compatibility across that line which will greatly limit its ability to easily run all the latest and greatest, as you have found out.
You were using Ubuntu and left due to Gnome 3. You could have just went to any of the ubuntu spins (kubuntu, xubuntu, lubuntu, etc etc) or to mint or to debian etc etc etc. if you wanted to go to an rpm based distro, and wanted something that kept current, then both fedora and suse were options.... but you said fedora was too bleeding edge for you. Sorry, but you have to pick your poison. Perhaps debian testing or mint would suit your goals a bit better?
Waiting a short bit until the latest bleeding edge of a given program has been tested and updated in the main distribution is, IMO, completely reasonable, and also desirable (it's one of the main reasons I chose the distro I use).
That said, for any app you want to keep as up to date as possible, there is usually an option such as the following one for inkscape on ubuntu (or many other debian derived distros):
Downloading an mp3 is not a crime. Only downloading a copyrighted mp3 is...
Uploading/Sharing said copyrighted is where the line is crossed. Many people got busted because they were using programs which did this by default (or they enabled it). Most of the peer-to-peer programs upload what you have while you download what others have. I can't recall any cases were anyone was busted for JUST downloading (feel free to correct me if I'm wrong). IMO, this is a significant detail I think more people should be aware of.
Unless there are other holes in the host that allow remote addition of server keys, but not stealing them directly. Say some logging facility that can be abused to add but not overwrite files in/etc/ssh
Nope. The new keys would need to be signed by the original key. So, even if you can add new files to/etc/ssh, you'd still need read access to the private host key. If you have read access to that, you can just steal it carte blanche and use it on your MITM.
Granted, I'd still probably keep the feature disabled [server side] until I needed to use it. For example, if you want to rotate your host key, then: 1. make the new keys and sign them with the old key 2. update sshd_config to enable the feature 3. let it run like that for a week or so 4. disable old keys and the config entry That should make it seemless for those that want it seemless and significantly reduce admin costs while not introducing significant risk (updating the host key cache on the client side of 100's/1000's of devices is bound to introduce more risk).
When installing windows, updating, sourcing all his various apps and licenses, and getting them all installed and updated, all takes many times longer than either the 3 hour example or an analogous operation in Linux land, then his money argument is horribly flawed.
Agreed! However, I've read this far and have not seen anyone actually answer his direct question.
So: D-Link DCS-930L: * about $30 * wired or wireless network * IP camera * 640x480 (may be low-ish, but should be enough for a menu if properly framed in the FoV) * FTP client support
If it was me, I'd just have them write the menu twice: 1. on chalkboard 2. on a form that updates the webpage (or just in a markdown doc and have that uploaded; or in something else and have them export to pdf and upload; etc)
They're already having someone write it by hand on a chalkboard whenever it changes. That takes WAY more time than writing by hand on paper, and both take longer than typing.
If they *really* need the fully automated chalkboard-to-web solution, then the Raspberry Pi is a perfect solution. You could also use any old or new mini pc (zotac zbox; asus eee box; chrombox; etc) + any camera or webcam you want. Install linux and "motion". Have motion upload new images when the image changes, or use a cron job to schedule it (ex. if they turn the lights off at night, you probably don't want motion to upload a black snapshot). You could also combine the two - enable motion during the day and disable it at night via cron but use it to decide when to upload.
Maybe this is "too much work". As others have pointed out, there's more than one way to skin this cat. Cheapest and most readily available and very simple would be to have them take the picture with their phone and upload it. This could be tweaked an any number of ways as needed. For example: a) write a mini app to do this. This would hide the file renaming, ftp settings, etc, and it's just be a button to take a picture and a button to say "ok, upload that". Writing apps is like that is REALLY easy. b) save the photos to dropbox or upload to twitter etc. Then, server side, script it to find the most recent when displaying the menu. c) Just tell them how and write that on a piece of paper for them to follow: take picture; save it; go into ftp app; select it; rename it to "menu.jpg"; click upload
My time has value, so if I have to spend 3 extra hours researching stuff on Linux that either Just Works or that I know how to do on Windows, Linux ends up more expensive. My last handful of attempts to switch to Linux ended taking a lot more than 3 hours, and I never got to a working config, or to a nicely working config, for a vareity of reasons (grub2 choking on AMD controllers, nice multiscreen handling and video support requiring different drivers, Upstart having no end-user doc,...). Sorry but I don't see a need to spend hours and tear my hair out over software.
I really don't understand this. You're complaining about 3 hours? Do you have someone else doing your windows setup/installs, app installs, updates, etc? Every time I setup a windows box (it is rare, but it tends to happen at least once every 2 years, and last two happened a month ago - one win 7 enterprise and one win 8.1 pro)... every time, the updates alone take forever (days). Then there's finding and setting up all the programs that I need (which isn't much - browsers, email client, pidgin, putty, vim, some music players, video players, virtualbox, etc). We're no longer talking hours. I keep hearing people saying windows is much better now, and that they can go from bare metal to fully updated with their standard apps installed in hardly any time... I don't believe it. And whenever I ask those same people what the right thing to click is to make it go the fastest, it's exactly what I'm doing and they go, "oh yeah... just reboot and let it pick back up while you go get some food or something". Ok, so let's ignore that for a bit and just pretend that's all my little edge case and it's something I did...
If you don't want to learn, that's fine. However, you can go from bare metal to installed and fully updated linux desktop WITH 99% of the apps you need, all within a very short time (~30min) and 2 reboots total: * install (from whatever media you want: usb, cd, dvd, network, etc... those are all standard and easily supported without jumping through hoops for all versions) * reboot into OS * sudo apt-get update && sudo apt-get upgrade * sudo apt-get install...whatever stuff you want... ex: firefox libreoffice gimp inkscape vim emacs * reboot so you're into the new kernel. you're done.
Note that all that can be done faster and with fewer steps (ex. using kickstart or other tools like that), or can be done fully with GUI's, and anywhere in between. I know windows can be installed via deployment scripts, or manually, and a variety in between as well, but those things are not very accessible to most people.
When windows changes again (as it does every 2 releases) and things change significantly and what you know no longer "just works", do you also say it's more expensive? You're welcome to stay with that, but claiming that Linux is more expensive because your stuck in your ways is a bit disingenuous. You could easily learn most of the applications well ahead of the switch and make the migration much less abrupt. You probably know many of them already (Firefox, LibreOffice/OpenOffice.org, pidgin, chrome, vlc, inkscape, etc). Many others also run on windows, like much of the KDE suite. Find replacements for your apps before switching, and use them if you can (in most cases, you will be able to use them). Then setup a vm and run it full screen as your desktop. In this way you can identify any issues that affect your workflow without damaging your workflow... if you hit an issue, just drop back to windows and get the job done, then review how to do that in Linux when you have time. Eventually, you'll want to switch that setup: linux as base OS and windows in a vm... but the linux in the vm can work very well for a very very long time (especially since you can drop back to windows for native games, one of the few things with thorough support in linux).
Yeah, but it's also easier to compromise a host, send out fake server keys, and then patch things up so the server looks fine again but intercept targeted clients....
I didn't RTFA, but based on the summary it seems like this is unlikely. If you can compromise a host to the point that you have read access to the private host key, then your MITM can simply use that private key. No need to change to a new key to exploit that. AFAICT, you would need access to the existing host key pair in order to sign the new keys. If this was done right, then it seems like this would be adding very little (if any) additional risk.
That said, I'd want to have the option of being prompted. I could set that for all my interactive shells (or it could be the default), and I could set my automated jobs to auto-sync the new keys.
The idea of "CTRL+ALT+F1, CTRL+ALT+F2,..." is that you may get a local vt that DOES have a logged in session. That's less likely these days, but it used to be very common to login to one of those, then run "startx". If you got back to that, you'd just CTRL+Z then "bg" then start running whatever you want as the user. Less shocking, it also means that, if you have a login, you can login, and thus can start doing more stuff. If the machine is hooked up to networked logins (AD, LDAP, etc) such as is common at work, then many people *may* be able to login this way.
Personally, I like to lock all local consoles and prevent console switching, thus my vlock suggestion. There are others can do that as well and possibly better (physlock?), I'm just familiar with vlock.
Maybe you're safe from all those because you disabled all the features that make those work. Are you sure you're safe? Now try "vlock -nas" and see if any of those work.
Slashdot Mirror
Not sure which release was worse, Gnome 3 or KDE 4. In both cases, the UI devs went insane and for some reason, all of the other devs followed their lead.
RE the bolded part, it's a well known syndrome known as the second system effect: http://en.wikipedia.org/wiki/S...
"The second-system effect (also known as second-system syndrome) is the tendency of small, elegant, and successful systems to have elephantine, feature-laden monstrosities as their successors due to inflated expectations.
The phrase was first used by Fred Brooks in his classic The Mythical Man-Month. It described the jump from a set of simple operating systems on the IBM 700/7000 series to OS/360 on the 360 series."
You may be asking why it was gnome 3, rather than 2, and that's because 1 wasn't really a success (2 was a simple evolution of 1). In 3, major changes were made to meet some new design ideas. Ditto on KDE4... they made it through 3 major releases before succumbing to the need to re-write.
I honestly hope the following is helpful...
It sounds like you just need a decent window manger, rather than a whole desktop environment.
You can configure it as one would have done with startx (editing ~/.xinitrc), and instead just edit ~/.xsession. For example, have it include:
#!/usr/bin/env bash
export LANG="en_US.UTF-8"
export LC_ALL="en_US.UTF-8"
export LANGUAGE="en_US.UTF-8"
export LC_CTYPE="en_US.UTF-8"
xterm &
exec xfwm4
You may have to tweak your desktop manager (gdm/xdm/kdm/lightdm/etc) to use an xsession. For lightdm (default in ubuntu 12.04), here's an example of how to do it:
https://wiki.ubuntu.com/Custom...
You can add on whatever panels, launchers, etc you'd like that way, and keep it as light or heavy as you want. Replace the xfwm4 with whatever window manger you want. NOTE: that xfwm4 won't run the whole xfce desktop... it's just the window manger. Personally, I'd suggest taking a look at sawfish, but to each their own.
The test run was the former SNET region. ( Last year )
If this all means that the new ma bells will be selling off all their landline stuff, I'm all for it!
http://en.wikipedia.org/wiki/B...
All the systems have re-united under either AT&T or Verizon. There is a spattering of smaller LEC's, but those two hold the vast majority of system. Why did we break up Bell before? Why in the world did they (regulators) allow these to coalesce?
... My monthly Verizon bill is ~$100. How would I save by paying, say, $600 for a blank phone? ... Yeah, I could have bought such a phone and gone w/ a no-name carrier. How much would I have saved per month to make it worth my while?
I was curious. MetroPCS isn't the cheapest, but it's was popped in my head.
$40/month for unlimitted talk, text, and data (first 4gb is at full 4g LTE speed, rest is rate limitted).
12 months * $60 savings = $720 savings a year.
You'd pay for your $600 phone in 10 months, and then you'd save $840 by the end of 2 years.
Is almost a grand a year worth it?
Since you only have a 250mb/month data plan, I'm guessing (could be wrong) you don't use it much for calls or text either. How about a pay-as-you-go. For example, T-Mobile:
* $3/month for 30min or 30 texts (or any combination)
* $0.10/min after that, or $0.10/message
* $5/day for a day pass of data (up to 500mb, twice what you get monthly), or $10/week (up to 1gb)
And this is all within the US.
IMHO, most self-driving cars will be operated by a networked JohnnyCab-like service that will combine the efficiency of public transportation and the freedom of personally-owned vehicles.
HAHAHA!!!
"efficiency of public transportation", like how it takes 2-3 times as long to get somewhere via public trans? and how about dealing with the mess and disrepair?
"freedom of personally-owned vehicles"!??!?! JohnnyCab is going to provide no more freedom than a taxi. Every try to pick up a taxi in Manhattan while trying to get over a river, let alone get to the beach or something?
I see fully autonomous self driving cars as the worst of all situations, except in dreamy idealistic situations that aren't going to happen. Maybe/Hopefully I'll be wrong.
They're building out a new subway line in NYC in Manhattan down 2nd ave. So you are right that it can be done. Not only that, but it IS being done.
Other cities claiming it's too late to add it are exaggerating. They can do it. That's not really a question. Is it worth the cost? In many cases, probably not... but that's a decision people are making, not some fact of life for old cities.
Disagree. Why did some fish go on land, others not? I think there is some element of will, choice, involved.
Fine. Not that I agree, but fine, think what you will.
Now, is that part of Darwin's theory of evolution? No, and that's the part I'm complaining about.
* people say "survival of the fittest" and use that as justification for being smart, or working out more, or war, etc etc. It's not directly related to any of those things.
* people say didn't "need" to change, but "need" has nothing to do with it.
These confuse the situation and make all involved a little bit more dumb because it destroys our ability to communicate clearly and pass on ideas to others. Some people (including some responding to me) basically said that we all understand what was meant (ex. "Anthropomorphising evolution doesn't bother me..."). You, blue trane, are the perfect example of why it SHOULD bother people.
Please note, I'm not judging your opinion on this one way or the other. I'm simply saying that people shouldn't refer to what you're proposing as being Darwin's theory of evolution, or vice-versa (not that you did directly, but that was the point being made).
So how do automated recurring payments work?
I honestly haven't looked that up. That said, I'm not sure if Google Wallet or Apple Pay have ever said they support such a use case. They both still use normal cards under the hood, so I suspect you'd still use those for your automated payments.
How do you get your money back for fraud and prevent the vendor(s) from further charging your compromised card?
Money back from fraud? You claim it was fraud; chargeback is issued; merchant must prove what happened to get their money; this continue past that, just like with a normal card. No difference.
Prevent vendors from further charging your compromised card? I guess you didn't read what I wrote at all, and don't understand any of the digital wallets at all...
* Google wallet: the vendor has what is essentially a one time card number. They can't make any other purchases on it if they wanted to.
* Apple Pay: the vendor has your DAN and a dynamic security code. They can't make another purchase without the correct (next random) security code. If you're really paranoid, you can reset the DAN without changing any of your card numbers. The vendor does not have your card number (and neither does apple after initial setup).
McDonalds may serve billions, but no one is trying to pass it off as gourmet food.
But if you want to learn a skill that will almost certainly get you a job somewhere, then learning to flip burgers is a pretty safe way to ensure a job (quality of job not considered).
This type of popularity *does* have a purpose and implications and value. It's good to know. You still need other factors before you make your decisions, but it's a valuable one. It'd be nice if the various indexes had a page that also allowed them to be cross referenced and weighted to produce new calculated scores (ex. pay scaled by a factor of 1.5; lines of code in the wild scaled by factor of 0.5; most growth in past N years scaled by factor of 1.2; job postings for it scaled by 1; etc etc; combine them and calculate new scores). I don't know if I'd actually get any more usable value out of that, but it'd be (arguably) better than these stats we've been given lately.
... And not sure public github or stack overflow are really as representative as they want to believe
Yeah.. why is this any better than: ... those are all from the past year on slashdot, and there's loads more.
TIOBE index: http://www.tiobe.com/index.php...
This story about python surpassing java as top learning language: http://developers.slashdot.org...
Or this about 5 languages you'll need to learn for the next year and on: http://news.dice.com/2014/07/2...
Next "top languages" post I see, I hope it just combines all the other existing stats to provide a weightable index (allow you to tweak what's most important). Maybe BH can address that :-)
Forget percentage of use, how do they pay compared with each other?
These: http://developers.slashdot.org...
sometimes there is no force nor need for evolution.
.. and from TFS:
...made further adaptations unnecessary.
It really bugs me when I see the theory of evolution referred to this way. There is no "need" or "desire" or "necessary" involved. Similarly, "survival of the fittest" has nothing to do with who is in the (subjectively) best shape or who is the smartest (though there may be correlations). Fish did not decide that they'd like to walk on land or breath air (if they did, it had nothing to do with that happening).
If these things haven't evolved in 2 billion years, it simply means that any mutations that may have occurred resulted in lines that did not reproduce as effectively. That's still a very impressive feat, but it's not because it didn't "need" to, it's because when it did change it didn't do as well. In this case, it's very likely that this is at least partially due to the simplistic nature of this bacteria (fewer dip switches in its DNA, so to speak) and, of course, as the article points out, the very consistent environment (allowing for an optimized implementation to consistently out perform any random brethren).
What kind of crappy card company removes a fraudulent charge without issuing a new card with a new number?
This is one nice side effect of the digital wallets. Your actual card number is not used in the transaction*. So, if there's a fraudulent charge via the wallet, it can be contested/removed/etc without any need to re-issue the underlying card number.
* Google uses a temporary mastercard number for each transaction
* Apple uses a DAN (device account number) and dynamic security codes
Pay by phone is not really any more convenient than pay by card. In fact, it may be less convenient. I've never understood the appeal from a consumer point of view. I do understand why many companies want it to take hold, its another place to insert yourself in the money stream.
I agree that pay by phone is LESS convenient than pay by card. IMO, the industry is doing a disservice to its users by attempting to push that agenda.
However, pay by phone *should* be MUCH MUCH more secure than the typical (US) pay by card (mag stripe).
All you need to make transactions online or by phone as someone else is an impression of their card. Some businesses require the security code from the back of the card. Some require your home zip code. But not everyone does, so you can still make huge purchases without those. You can also clone the card by converting that info into the mag stripe info and writing it to a card (and the equipment needed for that is cheap and readily available).
Let's ignore a lot of that for now and focus on the transaction level. Your card number, in the mag swipe method, ends up going through a lot of less-than-ideally secure areas. Look at the recent Target breech for an example. The fact is, it's both the identifier that is presented to the merchant (which could be a shady waiter carrying your card back to their register) and the identifier linking to your account - they're one in the same.
With the virtual wallet implementations, they implemented cryptographically secure key generation and all kinds of stuff like that. Google doesn't ever see your card number, and neither does the merchant. There's some calculated tokens passed about that confirm your account and the result from the bank.
With the virtual wallet implementations, your credit card number is not seen by google/apple nor the merchant during the transaction. In googles case, there's a virtual card used with randomly changing security codes to prevent reuse. In apples case, a DAN is used (device account number) issued by your bank, and dynamic security codes unique to each transaction are generated during transactions. There's a bunch of other stuff involved but, in short, it's much more secure than your mag stripe.
IMO, the only real concern from the user end is that Google and Apple are essentially MITM to at least some parts of the transaction. They way the two work is quite different, so they both have different data flows. Either way, we're introducing another middle man to the process, and it'll probably only have a couple big players that are in that space skimming little bits of money off every transaction. I wish we were getting rid of some of the rest of the old kruft with this move, but we're not, and we're just adding more to it. It does help get rid of the mag stripe though, and that thing needs to go.
I left for red-hat derivative Scientific Linux (Fedora is too bleeding edge and I don't trust the NSA with non-European Linux anyway, so Centos and Mint aren't quite independent enough for my paranoia ).
But redhat / Scientific linux repos have been too conservative.
But ever since the start I've been plagued with insufficient repositories, versions that are TOO old and dependency problems when I try to add my own repos or download / compile my own.
You picked the wrong distro. If you want stuff that is up to date, don't pick a distro designed to be stable and lagging. RHEL 6 was released in 2010. It does get updates, but the 6 line maintains significant compatibility across that line which will greatly limit its ability to easily run all the latest and greatest, as you have found out.
You were using Ubuntu and left due to Gnome 3. You could have just went to any of the ubuntu spins (kubuntu, xubuntu, lubuntu, etc etc) or to mint or to debian etc etc etc. if you wanted to go to an rpm based distro, and wanted something that kept current, then both fedora and suse were options.... but you said fedora was too bleeding edge for you. Sorry, but you have to pick your poison. Perhaps debian testing or mint would suit your goals a bit better?
Waiting a short bit until the latest bleeding edge of a given program has been tested and updated in the main distribution is, IMO, completely reasonable, and also desirable (it's one of the main reasons I chose the distro I use).
That said, for any app you want to keep as up to date as possible, there is usually an option such as the following one for inkscape on ubuntu (or many other debian derived distros):
sudo add-apt-repository ppa:inkscape.dev/stable
sudo apt-get update
sudo apt-get install inkscape
After that, normal system-wide updates will continue to pull the latest inkscape from that PPA.
Downloading an mp3 is not a crime. Only downloading a copyrighted mp3 is ...
Uploading/Sharing said copyrighted is where the line is crossed. Many people got busted because they were using programs which did this by default (or they enabled it). Most of the peer-to-peer programs upload what you have while you download what others have. I can't recall any cases were anyone was busted for JUST downloading (feel free to correct me if I'm wrong). IMO, this is a significant detail I think more people should be aware of.
Unless there are other holes in the host that allow remote addition of server keys, but not stealing them directly. Say some logging facility that can be abused to add but not overwrite files in /etc/ssh
Nope. The new keys would need to be signed by the original key. So, even if you can add new files to /etc/ssh, you'd still need read access to the private host key. If you have read access to that, you can just steal it carte blanche and use it on your MITM.
Granted, I'd still probably keep the feature disabled [server side] until I needed to use it. For example, if you want to rotate your host key, then:
1. make the new keys and sign them with the old key
2. update sshd_config to enable the feature
3. let it run like that for a week or so
4. disable old keys and the config entry
That should make it seemless for those that want it seemless and significantly reduce admin costs while not introducing significant risk (updating the host key cache on the client side of 100's/1000's of devices is bound to introduce more risk).
When installing windows, updating, sourcing all his various apps and licenses, and getting them all installed and updated, all takes many times longer than either the 3 hour example or an analogous operation in Linux land, then his money argument is horribly flawed.
Agreed! However, I've read this far and have not seen anyone actually answer his direct question.
So: D-Link DCS-930L:
* about $30
* wired or wireless network
* IP camera
* 640x480 (may be low-ish, but should be enough for a menu if properly framed in the FoV)
* FTP client support
If it was me, I'd just have them write the menu twice:
1. on chalkboard
2. on a form that updates the webpage (or just in a markdown doc and have that uploaded; or in something else and have them export to pdf and upload; etc)
They're already having someone write it by hand on a chalkboard whenever it changes. That takes WAY more time than writing by hand on paper, and both take longer than typing.
If they *really* need the fully automated chalkboard-to-web solution, then the Raspberry Pi is a perfect solution. You could also use any old or new mini pc (zotac zbox; asus eee box; chrombox; etc) + any camera or webcam you want. Install linux and "motion". Have motion upload new images when the image changes, or use a cron job to schedule it (ex. if they turn the lights off at night, you probably don't want motion to upload a black snapshot). You could also combine the two - enable motion during the day and disable it at night via cron but use it to decide when to upload.
Maybe this is "too much work". As others have pointed out, there's more than one way to skin this cat. Cheapest and most readily available and very simple would be to have them take the picture with their phone and upload it. This could be tweaked an any number of ways as needed. For example:
a) write a mini app to do this. This would hide the file renaming, ftp settings, etc, and it's just be a button to take a picture and a button to say "ok, upload that". Writing apps is like that is REALLY easy.
b) save the photos to dropbox or upload to twitter etc. Then, server side, script it to find the most recent when displaying the menu.
c) Just tell them how and write that on a piece of paper for them to follow: take picture; save it; go into ftp app; select it; rename it to "menu.jpg"; click upload
My time has value, so if I have to spend 3 extra hours researching stuff on Linux that either Just Works or that I know how to do on Windows, Linux ends up more expensive. My last handful of attempts to switch to Linux ended taking a lot more than 3 hours, and I never got to a working config, or to a nicely working config, for a vareity of reasons (grub2 choking on AMD controllers, nice multiscreen handling and video support requiring different drivers, Upstart having no end-user doc,...).
Sorry but I don't see a need to spend hours and tear my hair out over software.
I really don't understand this. You're complaining about 3 hours? Do you have someone else doing your windows setup/installs, app installs, updates, etc? Every time I setup a windows box (it is rare, but it tends to happen at least once every 2 years, and last two happened a month ago - one win 7 enterprise and one win 8.1 pro)... every time, the updates alone take forever (days). Then there's finding and setting up all the programs that I need (which isn't much - browsers, email client, pidgin, putty, vim, some music players, video players, virtualbox, etc). We're no longer talking hours. I keep hearing people saying windows is much better now, and that they can go from bare metal to fully updated with their standard apps installed in hardly any time... I don't believe it. And whenever I ask those same people what the right thing to click is to make it go the fastest, it's exactly what I'm doing and they go, "oh yeah... just reboot and let it pick back up while you go get some food or something". Ok, so let's ignore that for a bit and just pretend that's all my little edge case and it's something I did...
If you don't want to learn, that's fine. However, you can go from bare metal to installed and fully updated linux desktop WITH 99% of the apps you need, all within a very short time (~30min) and 2 reboots total: ...whatever stuff you want... ex: firefox libreoffice gimp inkscape vim emacs
* install (from whatever media you want: usb, cd, dvd, network, etc... those are all standard and easily supported without jumping through hoops for all versions)
* reboot into OS
* sudo apt-get update && sudo apt-get upgrade
* sudo apt-get install
* reboot so you're into the new kernel. you're done.
Note that all that can be done faster and with fewer steps (ex. using kickstart or other tools like that), or can be done fully with GUI's, and anywhere in between. I know windows can be installed via deployment scripts, or manually, and a variety in between as well, but those things are not very accessible to most people.
When windows changes again (as it does every 2 releases) and things change significantly and what you know no longer "just works", do you also say it's more expensive? You're welcome to stay with that, but claiming that Linux is more expensive because your stuck in your ways is a bit disingenuous. You could easily learn most of the applications well ahead of the switch and make the migration much less abrupt. You probably know many of them already (Firefox, LibreOffice/OpenOffice.org, pidgin, chrome, vlc, inkscape, etc). Many others also run on windows, like much of the KDE suite. Find replacements for your apps before switching, and use them if you can (in most cases, you will be able to use them). Then setup a vm and run it full screen as your desktop. In this way you can identify any issues that affect your workflow without damaging your workflow... if you hit an issue, just drop back to windows and get the job done, then review how to do that in Linux when you have time. Eventually, you'll want to switch that setup: linux as base OS and windows in a vm... but the linux in the vm can work very well for a very very long time (especially since you can drop back to windows for native games, one of the few things with thorough support in linux).
Yeah, but it's also easier to compromise a host, send out fake server keys, and then patch things up so the server looks fine again but intercept targeted clients. ...
I didn't RTFA, but based on the summary it seems like this is unlikely.
If you can compromise a host to the point that you have read access to the private host key, then your MITM can simply use that private key. No need to change to a new key to exploit that. AFAICT, you would need access to the existing host key pair in order to sign the new keys. If this was done right, then it seems like this would be adding very little (if any) additional risk.
That said, I'd want to have the option of being prompted. I could set that for all my interactive shells (or it could be the default), and I could set my automated jobs to auto-sync the new keys.
This has been solved for a long time. Not sure why this is really an issue.
Because the poster stepped out of a way-back machine and didn't notice ...
That's one hell of a way-back machine! vlock 1.2 came out in 1998!
The idea of "CTRL+ALT+F1, CTRL+ALT+F2, ..." is that you may get a local vt that DOES have a logged in session. That's less likely these days, but it used to be very common to login to one of those, then run "startx". If you got back to that, you'd just CTRL+Z then "bg" then start running whatever you want as the user.
Less shocking, it also means that, if you have a login, you can login, and thus can start doing more stuff. If the machine is hooked up to networked logins (AD, LDAP, etc) such as is common at work, then many people *may* be able to login this way.
Personally, I like to lock all local consoles and prevent console switching, thus my vlock suggestion. There are others can do that as well and possibly better (physlock?), I'm just familiar with vlock.
Screen lockers protect against physical access; you're welcome to try and get around an X11 lock screen by tapping at the keyboard. Good luck.
1. CTRL+ALT+Backspace ...
2. CTRL+ALT+F1, CTRL+ALT+F2,
3. ALT+SYSREQ+F
4. CTRL+ALT+KP_MULTIPLY
Maybe you're safe from all those because you disabled all the features that make those work. Are you sure you're safe? Now try "vlock -nas" and see if any of those work.