I always wondered why there is no distinction between macros that only modify the document in which they are embedded, and all other macros.
Why are there other macros? It seems to me that macros should only be able to modify the document in which they are embedded. If you need something other than that, then you don't need a macro-- you need some kind of different application. Like if you're cobbling together some elaborate database application by having a series of macros that write different things to different Excel files or something, you should give it up and admit you need a database application.
Let documents be documents. Opening a PDF or Word document should not have any ability to make changes to your filesystem.
You're right, but the problem is that the "key management complications" are very hard to get rid of.
The problem with end-to-end encryption is that normal people can't be trusted to manage encryption keys. But then there are only two options: either you manage the keys, or someone else manages them for you. If someone else manages them for you, then whoever is managing the key also has access to your email. If your email provider is managing your keys for you, then your end-to-end encryption scheme is not meaningfully different then those messages being unencrypted on the server-- either way, you're entrusting your mail provider to secure the messages.
Personally, I think we need a new breed of identity management providers, SSO solutions, etc. Overall the way we handle encryption certificates and passwords is absurdly primitive.
Well I think part of what people find so worrisome is that there seems to be an increasing number of people "monitored" in terms of collecting data, but not necessarily 'monitored" in terms of paying attention. The reason that's such a distressing situation is that collecting data without paying attention is not going to be very helpful for predicting unknown plots, but more likely it will be helpful in digging up information on known targets.
So essentially, the system that has been built is not designed to prevent terrorist attacks (it's supposed purpose) but more the kind of system you'd want for digging up dirt on protestors and political rivals.
But with employers & especially SJWs running amok...
For me, honestly, it's a mix of things. I have some concern about my employers, and even more concern about potential employers checking my online presence as part of an interview process.
I worry about SJW even more than that. Not necessarily SJW, but "some asshole on the Internet who gets butthurt over an off-hand comment and decides to try to ruin your life." There's stories about Reddit or Anonymous or just some random SJW deciding someone is a wrong-doer and causing all kinds of trouble for that person. That scares me a bit, since although some of the harassment might not be too terrible, you never know what some Internet psycho is going to do.
I've told the story a couple of times on Slashdot so I won't go into it in detail again, but I was once harassed for a few days on Reddit because someone decided it'd be fun to claim I was a pedophile for no real reason. It resulted in a few days of my inbox being flooded with threatening messages, until I deleted the account. So... I do think there's some danger in the anonymous do-gooders out there.
But if I'm being very honest, probably the most practical, immediate reason I want online anonymity is so that I don't have to consider my friends and family before posting. If I want to say that "People who believe [whatever] are a bunch of jackasses," I will inevitably find that I have a couple of friends and a few family members who strongly believe in [whatever]. Thanksgiving suddenly becomes very awkward, and someone will be mad at me the next time I go to a party. That's why I make no controversial statements to my Facebook account, but will say whatever I want here.
Thing is, they do need to get everyone. Read my comment. You can't reduce support for a product that still has users.
You absolutely can reduce support for a product that still has users. You just might face a backlash.
How much you care depends on how big and pronounced the backlash is, but that depends on a few different factors, including how many users there are for that product. If they were to get 99% of users on Windows 10, they might still officially provide support for the 10-year period, but I can tell you that they wouldn't put as much money, effort, or focus into providing that support.
I agree to an extent. Complaining about the design (that it looks like a garbage can) is pretty silly. Even complaining about expandability and upgradeability is a bit off the mark-- Mac Pros have always had limited hardware compatibility, but the new ones can be expanded and upgraded pretty effectively via the Thunderbolt interfaces, assuming an appropriate Thunderbolt hardware exists.
However, I would agree that Apple has a big gap in their lineup: A non-pro headless Mac with some power. They have iMacs, if you want an all-in-one. Mac Pros are pretty powerful, but are really in the realm of "professional workstation". Mac minis are a bit anemic. I think Apple would be well served by making an even smaller Mac mini (more like an Intel NUC or Gigabyte Brix), a big/powerful/expensive Mac Pro, and in between the two, a product just called "Mac". The Mac could be in the same price range as an iMac, but let's say... two or three times the size of a Mac mini, with a quad-core desktop processor and discrete gaming video card.
I think that if they were to do something like that, it would be a popular product.
It's worth pointing out that Windows10 isn't free.
Right, they're only making upgrades free, but still it's noteworthy that they're doing that, and the question is "why?"
They may not make tons of money from Windows upgrade licenses, but they've made some. It appears that they've decided they're willing to lose that money in favor of encouraging upgrades. My post was meant to explain why upgrades helps Microsoft, even in cases where they don't directly make money from it.
When you compare performance you ONLY compare the single-thread performance...
I would go further and say that if you're comparing phones based on benchmarks, you're kind of missing the point. The speed and efficiency of the process matter, but only insofar as it lets you do something. Very few people are actually going to care about the raw processing power of their phone. They care about features and usability, and processing power only comes into play if it enables additional features, or if it's too lacking and the phone isn't responsive.
A benchmark like battery lifetime matters to people. CPU performance largely doesn't.
Thing is, they aren't get to get everyone. And as long as anyone is still on Win7/8, they can't reduce support for it early.
Thing is, they don't need to get everyone. If they don't have to support old stuff, that reduces their costs and improves their strategic plans in a way that is (arguably) worth some dollar amount. Let's call that number $[x]. In dropping support (or just providing very poor support) for old versions of their software, they will also lose business that is worth $[y]. If [x] is a much larger number than [y]... well...
There have been theories that Microsoft is gathering a lot of telemetry that they intend on leveraging or selling, but there is a pretty simple, non-nefarious reason why they would want to push people to the latest version: support costs.
This was one of the theories for why Apple stopped charging for OS upgrades, that it's easier and cheaper for developers to deal with support and patching if almost everyone is running the same version. In a weird way, Microsoft has sort of shot themselves in both feet by basing such a large part of their business into vendor lock-in and backwards compatibility. It's left them trying to support their old OS for a very long time, and even if they discontinue support 13 years later, large portions of their customers complain and freak out. The vendor lock-in part of their plan created vast amounts of software that needs to run on Windows XP and IE 6, and trying to make a lot of that stuff work on newer versions of Windows leaves them maintain legacy code.
I suspect a lot of the Windows 10 stuff (e.g. making it free, pushing people to update, making it hard to disable automatic updates on Windows 10) is about getting everyone to get the latest version and then keep up to date with the latest version. That way, MS can start breaking backwards compatibility and stop wasting their time making updates for an release from 10 years ago.
Oddly, this seems to be a big part of the message of this article. Right at the top:
I believe a growing consensus exists in the IT industry that talent has become so expensive that it makes more sense to develop your own talent... Candidly, the people that have been loyal to the organization, that are active employees, that are eager and hungry to learn – those are the ones that I’m willing to invest in to keep.
Clearly this is being repackaged as some kind of new managerial innovation-- complete with new buzzwords. But at its heart, it seems to be saying, "We've been acting like it's easy to just bring in new talent whenever we want, as though employees can be treated as nameless, faceless cogs in a machine, to be swapped out whenever it's convenient. But maybe it's better to invest in your employees and keep them around, as though they're important members of your organization. Keep your good employees happy, and promote from within." I don't know what any of that has to do with 18-month org charts. Org charts aren't meant to be permanent. Change them whenever people's positions change.
To me, the real question is "How long until Microsoft open sources Windows?" I suspect that they're realizing that Windows can't be their cash cow, but maybe it can be leveraged to sell things like Office 365, Azure, etc.
It's not just Windows 10. There have been several bad patches involving other versions of Windows and Microsoft Office recently. Microsoft just seems to be botching things recently.
The fact that the tool could exist means that the design of the iPhone is itself compromised, so they could be compelled, or somebody could unlawfully construct a version on their own.
I was under the impression that the method of circumventing security in this case would still require that Apple push or side-load some kind of software change that would need to be signed by Apple. If that's the case, it's not quite as simple as "somebody could unlawfully construct a version of their own."
However, I do agree that part of the solution here is that Apple should modify any upcoming iPhone versions to disallow this kind of attack. If Apple is simply unable to assist the FBI, then they can't be legally compelled.
It's not just about Constitutional law, but also about security principles. My sense of his argument is that he's saying, "You may want to put up a fight some other time, but in this instance, you know that they're guilty, so you should do what the government is asking." In other words, "Security is important, but in this one instance the person should probably be authorized, so build a new backdoor into the system for that person that allows them to circumvent your security protocols."
If this guy is any kind of security expert, he should know that it's a bad idea to build in backdoors that are permanently excluded from going through security protocols. Honestly, sometimes you want to build some way to circumvent a security measure in case of an emergency, but any such method to circumvent security should fit into a larger security scheme, and it should have its own security measures to disallow abuse. Simply introducing an uncontrolled backdoor is irresponsible.
Right. I think some people are arguing about the particular case ("Why don't they want to let the FBI access this particular phone? It was used by terrorists!") and missing that this is really an issue of the precedent that it creates. Speaking generally, can the government use the All Writs Act to force a software developer to develop new software, and what are the consequences if the developer doesn't comply?
It just doesn't make sense. Can they use the All Writs Act to force Ford and GM to create new models of cars that make it easier for the FBI to pay on drivers? Can they use it to force architects to design buildings such that it's easier for the FBI to monitor what's going on in the building? It's even worse that the issue is for security services-- as many have pointed out, it's like forcing a safe manufacturer to develop a method of cracking their own safes.
And what none of this really addresses is, what if it's not possible? What if Apple tries to create the requested software and finds that they can't figure out how to do it? What are the legal consequences of that failure to create the requested software, and who pays the penalty? Does Tim Cook go to jail because one of his developers can't break a security system? Can the government then force Apple to change their manufacturing designs to allow a backdoor going forward?
I jumped over some parts and plan to go back and reread, so forgive me if an answer was mentioned, but I have a question that has bugged me: Why can't we come up with a single text standard that works for everyone? Is it just the standard problem with standards?
Well I think the question is, what phones are included in the list of "vulnerable phones"?
They only mention on model, the "Snom 320". So is this a problem with a particular model of phones, a particular design, or a particular protocol? Is it a widespread problem?
Yes, that too. My understanding (though this was before my time) was that "application" used to refer to the use, whereas "program" was the thing you ran. So "word processing" is an application of your computer, while "Microsoft Word" is the program you use to do that. That was according to my dad, who worked for IBM back in the days of punch cards, but it's possible that was just his own distinction.
But by the 90s, you could describe Microsoft Word as either an "application" or "program" (or "app"). They were all fairly interchangeable. Admittedly, though, it could have been a regional thing, since we didn't really have the Internet yet (yes, it existed, but it wasn't in heavy practical use for most people).
I've been working in the IT industry since the early 90s, and the term "app" has been used as a shorthand for "application" since then at least. It has fairly recently taken the connotation of a mobile app, or some other kind of mini-application (web apps?), but that's actually something from the last 10 years. I forget exactly when that started because I have a bad memory too.
Slashdot Mirror
I always wondered why there is no distinction between macros that only modify the document in which they are embedded, and all other macros.
Why are there other macros? It seems to me that macros should only be able to modify the document in which they are embedded. If you need something other than that, then you don't need a macro-- you need some kind of different application. Like if you're cobbling together some elaborate database application by having a series of macros that write different things to different Excel files or something, you should give it up and admit you need a database application.
Let documents be documents. Opening a PDF or Word document should not have any ability to make changes to your filesystem.
That's exactly why we need pre-airport security screening! How is this not obvious???
I think they have that. At least... I got groped in a bar last Thursday, and I assumed it was part of a security screening.
You're right, but the problem is that the "key management complications" are very hard to get rid of.
The problem with end-to-end encryption is that normal people can't be trusted to manage encryption keys. But then there are only two options: either you manage the keys, or someone else manages them for you. If someone else manages them for you, then whoever is managing the key also has access to your email. If your email provider is managing your keys for you, then your end-to-end encryption scheme is not meaningfully different then those messages being unencrypted on the server-- either way, you're entrusting your mail provider to secure the messages.
Personally, I think we need a new breed of identity management providers, SSO solutions, etc. Overall the way we handle encryption certificates and passwords is absurdly primitive.
Well I think part of what people find so worrisome is that there seems to be an increasing number of people "monitored" in terms of collecting data, but not necessarily 'monitored" in terms of paying attention. The reason that's such a distressing situation is that collecting data without paying attention is not going to be very helpful for predicting unknown plots, but more likely it will be helpful in digging up information on known targets.
So essentially, the system that has been built is not designed to prevent terrorist attacks (it's supposed purpose) but more the kind of system you'd want for digging up dirt on protestors and political rivals.
But with employers & especially SJWs running amok...
For me, honestly, it's a mix of things. I have some concern about my employers, and even more concern about potential employers checking my online presence as part of an interview process.
I worry about SJW even more than that. Not necessarily SJW, but "some asshole on the Internet who gets butthurt over an off-hand comment and decides to try to ruin your life." There's stories about Reddit or Anonymous or just some random SJW deciding someone is a wrong-doer and causing all kinds of trouble for that person. That scares me a bit, since although some of the harassment might not be too terrible, you never know what some Internet psycho is going to do.
I've told the story a couple of times on Slashdot so I won't go into it in detail again, but I was once harassed for a few days on Reddit because someone decided it'd be fun to claim I was a pedophile for no real reason. It resulted in a few days of my inbox being flooded with threatening messages, until I deleted the account. So... I do think there's some danger in the anonymous do-gooders out there.
But if I'm being very honest, probably the most practical, immediate reason I want online anonymity is so that I don't have to consider my friends and family before posting. If I want to say that "People who believe [whatever] are a bunch of jackasses," I will inevitably find that I have a couple of friends and a few family members who strongly believe in [whatever]. Thanksgiving suddenly becomes very awkward, and someone will be mad at me the next time I go to a party. That's why I make no controversial statements to my Facebook account, but will say whatever I want here.
Thing is, they do need to get everyone. Read my comment. You can't reduce support for a product that still has users.
You absolutely can reduce support for a product that still has users. You just might face a backlash.
How much you care depends on how big and pronounced the backlash is, but that depends on a few different factors, including how many users there are for that product. If they were to get 99% of users on Windows 10, they might still officially provide support for the 10-year period, but I can tell you that they wouldn't put as much money, effort, or focus into providing that support.
I agree to an extent. Complaining about the design (that it looks like a garbage can) is pretty silly. Even complaining about expandability and upgradeability is a bit off the mark-- Mac Pros have always had limited hardware compatibility, but the new ones can be expanded and upgraded pretty effectively via the Thunderbolt interfaces, assuming an appropriate Thunderbolt hardware exists.
However, I would agree that Apple has a big gap in their lineup: A non-pro headless Mac with some power. They have iMacs, if you want an all-in-one. Mac Pros are pretty powerful, but are really in the realm of "professional workstation". Mac minis are a bit anemic. I think Apple would be well served by making an even smaller Mac mini (more like an Intel NUC or Gigabyte Brix), a big/powerful/expensive Mac Pro, and in between the two, a product just called "Mac". The Mac could be in the same price range as an iMac, but let's say... two or three times the size of a Mac mini, with a quad-core desktop processor and discrete gaming video card.
I think that if they were to do something like that, it would be a popular product.
It's worth pointing out that Windows10 isn't free.
Right, they're only making upgrades free, but still it's noteworthy that they're doing that, and the question is "why?"
They may not make tons of money from Windows upgrade licenses, but they've made some. It appears that they've decided they're willing to lose that money in favor of encouraging upgrades. My post was meant to explain why upgrades helps Microsoft, even in cases where they don't directly make money from it.
When you compare performance you ONLY compare the single-thread performance...
I would go further and say that if you're comparing phones based on benchmarks, you're kind of missing the point. The speed and efficiency of the process matter, but only insofar as it lets you do something. Very few people are actually going to care about the raw processing power of their phone. They care about features and usability, and processing power only comes into play if it enables additional features, or if it's too lacking and the phone isn't responsive.
A benchmark like battery lifetime matters to people. CPU performance largely doesn't.
Thing is, they aren't get to get everyone. And as long as anyone is still on Win7/8, they can't reduce support for it early.
Thing is, they don't need to get everyone. If they don't have to support old stuff, that reduces their costs and improves their strategic plans in a way that is (arguably) worth some dollar amount. Let's call that number $[x]. In dropping support (or just providing very poor support) for old versions of their software, they will also lose business that is worth $[y]. If [x] is a much larger number than [y]... well...
... and kept collecting their OEM licensing checks.
As Apple, Google, and others slowly eroded that market...
Where is the ability to choose???
I don't think Microsoft has ever really cared about that.
There have been theories that Microsoft is gathering a lot of telemetry that they intend on leveraging or selling, but there is a pretty simple, non-nefarious reason why they would want to push people to the latest version: support costs.
This was one of the theories for why Apple stopped charging for OS upgrades, that it's easier and cheaper for developers to deal with support and patching if almost everyone is running the same version. In a weird way, Microsoft has sort of shot themselves in both feet by basing such a large part of their business into vendor lock-in and backwards compatibility. It's left them trying to support their old OS for a very long time, and even if they discontinue support 13 years later, large portions of their customers complain and freak out. The vendor lock-in part of their plan created vast amounts of software that needs to run on Windows XP and IE 6, and trying to make a lot of that stuff work on newer versions of Windows leaves them maintain legacy code.
I suspect a lot of the Windows 10 stuff (e.g. making it free, pushing people to update, making it hard to disable automatic updates on Windows 10) is about getting everyone to get the latest version and then keep up to date with the latest version. That way, MS can start breaking backwards compatibility and stop wasting their time making updates for an release from 10 years ago.
I wish this meme would die.
With time and good behavior on Microsoft's part, it will - eventually.
Seems like Microsoft should just embrace the meme. And then extend it. After that, they should have an easier time killing it.
They could potentially do something more like what Apple has done and open source parts, while keeping other parts proprietary.
I believe a growing consensus exists in the IT industry that talent has become so expensive that it makes more sense to develop your own talent... Candidly, the people that have been loyal to the organization, that are active employees, that are eager and hungry to learn – those are the ones that I’m willing to invest in to keep.
Clearly this is being repackaged as some kind of new managerial innovation-- complete with new buzzwords. But at its heart, it seems to be saying, "We've been acting like it's easy to just bring in new talent whenever we want, as though employees can be treated as nameless, faceless cogs in a machine, to be swapped out whenever it's convenient. But maybe it's better to invest in your employees and keep them around, as though they're important members of your organization. Keep your good employees happy, and promote from within." I don't know what any of that has to do with 18-month org charts. Org charts aren't meant to be permanent. Change them whenever people's positions change.
To me, the real question is "How long until Microsoft open sources Windows?" I suspect that they're realizing that Windows can't be their cash cow, but maybe it can be leveraged to sell things like Office 365, Azure, etc.
It's not just Windows 10. There have been several bad patches involving other versions of Windows and Microsoft Office recently. Microsoft just seems to be botching things recently.
The fact that the tool could exist means that the design of the iPhone is itself compromised, so they could be compelled, or somebody could unlawfully construct a version on their own.
I was under the impression that the method of circumventing security in this case would still require that Apple push or side-load some kind of software change that would need to be signed by Apple. If that's the case, it's not quite as simple as "somebody could unlawfully construct a version of their own."
However, I do agree that part of the solution here is that Apple should modify any upcoming iPhone versions to disallow this kind of attack. If Apple is simply unable to assist the FBI, then they can't be legally compelled.
It's not just about Constitutional law, but also about security principles. My sense of his argument is that he's saying, "You may want to put up a fight some other time, but in this instance, you know that they're guilty, so you should do what the government is asking." In other words, "Security is important, but in this one instance the person should probably be authorized, so build a new backdoor into the system for that person that allows them to circumvent your security protocols."
If this guy is any kind of security expert, he should know that it's a bad idea to build in backdoors that are permanently excluded from going through security protocols. Honestly, sometimes you want to build some way to circumvent a security measure in case of an emergency, but any such method to circumvent security should fit into a larger security scheme, and it should have its own security measures to disallow abuse. Simply introducing an uncontrolled backdoor is irresponsible.
Right. I think some people are arguing about the particular case ("Why don't they want to let the FBI access this particular phone? It was used by terrorists!") and missing that this is really an issue of the precedent that it creates. Speaking generally, can the government use the All Writs Act to force a software developer to develop new software, and what are the consequences if the developer doesn't comply?
It just doesn't make sense. Can they use the All Writs Act to force Ford and GM to create new models of cars that make it easier for the FBI to pay on drivers? Can they use it to force architects to design buildings such that it's easier for the FBI to monitor what's going on in the building? It's even worse that the issue is for security services-- as many have pointed out, it's like forcing a safe manufacturer to develop a method of cracking their own safes.
And what none of this really addresses is, what if it's not possible? What if Apple tries to create the requested software and finds that they can't figure out how to do it? What are the legal consequences of that failure to create the requested software, and who pays the penalty? Does Tim Cook go to jail because one of his developers can't break a security system? Can the government then force Apple to change their manufacturing designs to allow a backdoor going forward?
Thanks, that's an interesting primer.
I jumped over some parts and plan to go back and reread, so forgive me if an answer was mentioned, but I have a question that has bugged me: Why can't we come up with a single text standard that works for everyone? Is it just the standard problem with standards?
Well I think the question is, what phones are included in the list of "vulnerable phones"?
They only mention on model, the "Snom 320". So is this a problem with a particular model of phones, a particular design, or a particular protocol? Is it a widespread problem?
Yes, that too. My understanding (though this was before my time) was that "application" used to refer to the use, whereas "program" was the thing you ran. So "word processing" is an application of your computer, while "Microsoft Word" is the program you use to do that. That was according to my dad, who worked for IBM back in the days of punch cards, but it's possible that was just his own distinction.
But by the 90s, you could describe Microsoft Word as either an "application" or "program" (or "app"). They were all fairly interchangeable. Admittedly, though, it could have been a regional thing, since we didn't really have the Internet yet (yes, it existed, but it wasn't in heavy practical use for most people).
Maybe you have a bad memory...?
I've been working in the IT industry since the early 90s, and the term "app" has been used as a shorthand for "application" since then at least. It has fairly recently taken the connotation of a mobile app, or some other kind of mini-application (web apps?), but that's actually something from the last 10 years. I forget exactly when that started because I have a bad memory too.