Why make fake guy accounts? All they need is fake girl accounts. Those accounts are largely legit, and even if they aren't, there's more than enough legit ones.
The Ashley Madison developers fulfilled a lot of management bullet points. They were presumably told to use strong encryption, so they did... incorrectly.
This will convince exactly 0 people to have their security relevant code audited, inspected, or likely even tested.
Microsoft burned so many bridges when they made that announcement. Everyone who hawks games and systems that I know went from pro- to anti- in the space of a day, because it was obvious that their new model was "go work at Wal*Mart video game ppls". Meanwhile, gamers in general were pissed (but were ok once Microsoft rolled back the majority of their crap).
Personally, I have a 360 and I figured the next box would be like that except better. When they were all over the map with random crap, I just figured I'd put it off. At this point, I'm considering grabbing a PS4, which has only gotten better since launch. Still, I'm mostly PC and Nintendo.
It is probably possible. Importantly, it's something that is waiting for an engineering solution- the physics checks out, Shor's algo checks out. When you are that close to losing an encryption scheme, it's past time to move on.
I think one of the big problems I have with this all is the idea that "encryption in general" is weak to Quantum Computing. In fact, we really don't know that. We know that a few public key things, factoring being the big one, aren't really that hard if you have a quantum computer. This doesn't impact, say, AES and other private key type things to anywhere near the same extent- brute forcing AES 256 at AES 128 speeds isn't anything like turning a factor to polynomial time.
As most of you are aware, there are important cloud based extensions in the popular web browsers. I'm speaking, of course, of the "Cloud To Butt" extensions, which replace all instances of the word "cloud" with the word "butt". This replacement is truly revolutionary, and it discriminates not- even the text "clout to butt" becomes "butt to butt"!
The push to centralize is usually driven by analysts who expect cost savings. But there's two other things that follow. The first is, if it becomes, even for a little bit, "expected" to run to a cloud, then you'll see a bunch of clouds forming to run to, each with some angle on why you should use THEM... and those clouds will themselves want IT ppl. The second is, there's downsides to centralization, and those downsides will always be there. Centralized places are a security risk because you can stack data in a place quicker than you can stack security, they are a connection risk because they rely on a lot of physical connections that your business would not natively care about ("Protesters across the country from you..." goes from "discuss with friends" to "now is your problem"), and they are a financial risk because they will gate access to your applications and switching from one cloud to another cloud will become as hard as required (serving the interests of the cloud providers, not yours), and they are a future risk because once something becomes a central repository in whatever way, it invites the government to start having meetings. Should these guys be allowed to do this based on their ability to market and provide services.... or does there maybe oughtta be a law?
"The Apple Newton was a failure, but Apple would learn from the experience, using the "Eat Up Martha" as a call for better device interaction."
That's saying that the point of the story is still in the past, with the Apple Newton failure. The next sentence is probably about either the Apple Newton or something at a similar time to it- it's not in the present yet.
Given that there are fucking tutorials on how to stop the ads, and you don't know why you DON'T see them, it's reasonable to assume that:
a)- They exist b)- They aren't on YOUR box for some reason. c)- Since you can't tell him how he got them, nor did you link how to disable them, you don't really know what you are talking about. For all we know, you won a fucking coin flip at install.
Fuck off citation-needer AC shill. It is well documented that these things are an absolute shit parade. At this point, the burden of proof is on any apologists.
OP claimed that he's getting advertised Office. You claim he needs proof. While this debate rages, here's tutorial on how to make Microsoft STOP advertising Office. Which, of fucking COURSE it does.
Presumably, the "Get Skype" app is the one to disable to stop the Skype stuff he complains about.
Oh, and if you NEED Skype, here's how to disable ads in Skype. Uh, this worked a year ago? I don't know if it is current. http://community.skype.com/t5/...
> Are you going to disable updates completely from now on, and hope that your box doesn't get pwned
Yes, honestly.
In fairness, I suspect we'll see one or more of these happens in the window from now until 0-day-o-clock:
1- Microsoft will stop this. 2- Third party stuff will get on top of Malwaresoft's new bozoware, and fix it. To a decent degree, this is happening (Spybot, for instance)
But yes, I'll take a small risk of getting owned later to avoid getting owned for absolute certainty right now.
Are you sure you got them all? Might want to check your update history. Sort by date, and be sure you check every one going back to like, May. You may be surprised- many of these pushes were "sleepers", pushed out with bland descriptions and only active now.
Whew, only five links to read, a binary registry to modify, and bunch of command line stuff to do at root, some with a package manager. Much easier than Linux!
Sarcasm aside, your post is very informative. But notice that you, unlike the fools, have written at the top "this should turn off and block *much* of it".
How much extra do you think you'd have to type to be sure you got it all? I'm asking, I can't even keep up with it anymore. And the fact that I can't ever take an update from Microsoft creates possible security holes. That's a better deal than the for-suresies ones that we can turn off (for now) using these methods, but it's still a dead OS walking.
Shut up if you don't know wtf you are talking about AC. It takes a huge blocklist to stop this shit, and you need it to be on an entirely separate device that sits between your Win-doze box and the actual internet. There's a huge list of things to do to stop this from happening- it isn't a single firewall rule.
The fact that someone, somewhere, sucks worse is not a defense. Also, no other company is: 1- As far reaching. 2- Trusted with as many DESKTOP (read, vastly more important than "some webapp" or "some phone") hardwarez.
Microsoft doing this is vastly worse than when other companies do it. Especially because almost everyone bitching about this actually uses Windows to at least some degree, and often doesn't use the other things, or carefully monitors their exposure to them. No safe computing will save you from a malicious OS.
Forget about these wild dreamers replacing software engineers, I bet we could replace said wild dreamers with a small perl script that cranks out terrible ideas...
"Toyota, led by project leader Tetsuya Tada,[5] offered Subaru involvement in their sport coupé project, co-developing a new boxer engine known as the D-4S..."
The key here is "co developed". It wasn't either team's ANYTHING, you'll note as you go through that article- the initial engine was dropped for a co-developed engine, each team made components of the car at different parts...
Essentially, it wasn't two teams communicating to a common spec with clearly delineated design borders, but two teams working together to make a car, crossing lines on each subcomponent constantly.
It is the OPPOSITE of an example about a top level down design manager jack-off fantasy, as discussed in the OP.
Slashdot Mirror
Why make fake guy accounts? All they need is fake girl accounts. Those accounts are largely legit, and even if they aren't, there's more than enough legit ones.
Excellent post. I have a sad answer.
Pretend you had such a device. It was configurable, open source, and would quickly install off of a disk, creating such a machine from scratch.
Who is going to buy it from you?
If it was freely available, who is going to jump through the hoop of making that happen?
The sad answer is that, it's an excellent solution but not a standard one. So no one is doing it right now.
There is absolutely a need.
The Ashley Madison developers fulfilled a lot of management bullet points. They were presumably told to use strong encryption, so they did... incorrectly.
This will convince exactly 0 people to have their security relevant code audited, inspected, or likely even tested.
Microsoft is fighting a pretty straightforward fight here. There are large ramifications, most negative, for a loss.
Here's the EFF, staunchly advocating for Microsoft on this issue:
https://www.eff.org/deeplinks/...
Microsoft burned so many bridges when they made that announcement. Everyone who hawks games and systems that I know went from pro- to anti- in the space of a day, because it was obvious that their new model was "go work at Wal*Mart video game ppls". Meanwhile, gamers in general were pissed (but were ok once Microsoft rolled back the majority of their crap).
Personally, I have a 360 and I figured the next box would be like that except better. When they were all over the map with random crap, I just figured I'd put it off. At this point, I'm considering grabbing a PS4, which has only gotten better since launch. Still, I'm mostly PC and Nintendo.
The cut job on the announcement still makes me laugh IRL:
https://www.youtube.com/watch?...
You can bank on this prediction of total safety, Anonymous Coward is willing to vouch for it!
It is probably possible. Importantly, it's something that is waiting for an engineering solution- the physics checks out, Shor's algo checks out. When you are that close to losing an encryption scheme, it's past time to move on.
I think one of the big problems I have with this all is the idea that "encryption in general" is weak to Quantum Computing. In fact, we really don't know that. We know that a few public key things, factoring being the big one, aren't really that hard if you have a quantum computer. This doesn't impact, say, AES and other private key type things to anywhere near the same extent- brute forcing AES 256 at AES 128 speeds isn't anything like turning a factor to polynomial time.
As most of you are aware, there are important cloud based extensions in the popular web browsers. I'm speaking, of course, of the "Cloud To Butt" extensions, which replace all instances of the word "cloud" with the word "butt". This replacement is truly revolutionary, and it discriminates not- even the text "clout to butt" becomes "butt to butt"!
There is a version for Chrome:
https://chrome.google.com/webs...
And the functionality is also on Firefox:
https://addons.mozilla.org/en-...
So here are some highlights from THIS thread:
After all, the butt company has to pay for all the same things *and* make a profit (often a very substantial profit), ...
...Butts are going to eliminate the need for Corporate IT...
A huge chunk of sys admins will be absorbed into butt providers.
...the butt is simply incapable of delivering...
...you pretty much can host, colocate or rent your own stuff cheaper than an entire butt stack...
Many large corporations who haven't (and won't) embrace the butt...
With services going to the butt, the role of the network engineer is only going to become more and more important...
Butt is cheaper up front, but almost always more expensive in duration.
And our winner...
If you think it can be done in the butt, then assume it is being done in the butt- and forget doing that as a job.
The push to centralize is usually driven by analysts who expect cost savings. But there's two other things that follow. The first is, if it becomes, even for a little bit, "expected" to run to a cloud, then you'll see a bunch of clouds forming to run to, each with some angle on why you should use THEM... and those clouds will themselves want IT ppl. The second is, there's downsides to centralization, and those downsides will always be there. Centralized places are a security risk because you can stack data in a place quicker than you can stack security, they are a connection risk because they rely on a lot of physical connections that your business would not natively care about ("Protesters across the country from you..." goes from "discuss with friends" to "now is your problem"), and they are a financial risk because they will gate access to your applications and switching from one cloud to another cloud will become as hard as required (serving the interests of the cloud providers, not yours), and they are a future risk because once something becomes a central repository in whatever way, it invites the government to start having meetings. Should these guys be allowed to do this based on their ability to market and provide services.... or does there maybe oughtta be a law?
I just don't see the total gloom and doom.
It's legit, because it's speaking FROM the past.
"The Apple Newton was a failure, but Apple would learn from the experience, using the "Eat Up Martha" as a call for better device interaction."
That's saying that the point of the story is still in the past, with the Apple Newton failure. The next sentence is probably about either the Apple Newton or something at a similar time to it- it's not in the present yet.
Does anyone think it's fucked that you have to one-by-one disable advertisements in their OS now?
Given that there are fucking tutorials on how to stop the ads, and you don't know why you DON'T see them, it's reasonable to assume that:
a)- They exist
b)- They aren't on YOUR box for some reason.
c)- Since you can't tell him how he got them, nor did you link how to disable them, you don't really know what you are talking about. For all we know, you won a fucking coin flip at install.
> Citations or screenshots please.
Fuck off citation-needer AC shill. It is well documented that these things are an absolute shit parade. At this point, the burden of proof is on any apologists.
But, here's some articles, shillfuck!
The lockscreen assault...
http://www.extremetech.com/com...
http://www.theverge.com/2015/4...
OP claimed that he's getting advertised Office. You claim he needs proof. While this debate rages, here's tutorial on how to make Microsoft STOP advertising Office. Which, of fucking COURSE it does.
http://www.howtogeek.com/22632...
Presumably, the "Get Skype" app is the one to disable to stop the Skype stuff he complains about.
Oh, and if you NEED Skype, here's how to disable ads in Skype. Uh, this worked a year ago? I don't know if it is current.
http://community.skype.com/t5/...
Shills shilling, shills shilling, shills shilling.....
> Are you going to disable updates completely from now on, and hope that your box doesn't get pwned
Yes, honestly.
In fairness, I suspect we'll see one or more of these happens in the window from now until 0-day-o-clock:
1- Microsoft will stop this.
2- Third party stuff will get on top of Malwaresoft's new bozoware, and fix it. To a decent degree, this is happening (Spybot, for instance)
But yes, I'll take a small risk of getting owned later to avoid getting owned for absolute certainty right now.
Are you sure you got them all? Might want to check your update history. Sort by date, and be sure you check every one going back to like, May. You may be surprised- many of these pushes were "sleepers", pushed out with bland descriptions and only active now.
Whew, only five links to read, a binary registry to modify, and bunch of command line stuff to do at root, some with a package manager. Much easier than Linux!
Sarcasm aside, your post is very informative. But notice that you, unlike the fools, have written at the top "this should turn off and block *much* of it".
How much extra do you think you'd have to type to be sure you got it all? I'm asking, I can't even keep up with it anymore. And the fact that I can't ever take an update from Microsoft creates possible security holes. That's a better deal than the for-suresies ones that we can turn off (for now) using these methods, but it's still a dead OS walking.
Shut up if you don't know wtf you are talking about AC. It takes a huge blocklist to stop this shit, and you need it to be on an entirely separate device that sits between your Win-doze box and the actual internet. There's a huge list of things to do to stop this from happening- it isn't a single firewall rule.
> so glad I'm not in Win10
Are you on Windows 7? Or 8? They have the same stuff now, that's what the article about.
What walled garden is present in OSX? Don't you have root and a command line? Am I missing something?
The fact that someone, somewhere, sucks worse is not a defense. Also, no other company is:
1- As far reaching.
2- Trusted with as many DESKTOP (read, vastly more important than "some webapp" or "some phone") hardwarez.
Microsoft doing this is vastly worse than when other companies do it. Especially because almost everyone bitching about this actually uses Windows to at least some degree, and often doesn't use the other things, or carefully monitors their exposure to them. No safe computing will save you from a malicious OS.
...Has Bhutan been seized by Buddhist Fundamentalists?
Forget about these wild dreamers replacing software engineers, I bet we could replace said wild dreamers with a small perl script that cranks out terrible ideas...
That has not been my experience at all. I think it depends on what you are doing.
Here's that "same car" thing:
https://en.wikipedia.org/wiki/...
"Toyota, led by project leader Tetsuya Tada,[5] offered Subaru involvement in their sport coupé project, co-developing a new boxer engine known as the D-4S..."
The key here is "co developed". It wasn't either team's ANYTHING, you'll note as you go through that article- the initial engine was dropped for a co-developed engine, each team made components of the car at different parts...
Essentially, it wasn't two teams communicating to a common spec with clearly delineated design borders, but two teams working together to make a car, crossing lines on each subcomponent constantly.
It is the OPPOSITE of an example about a top level down design manager jack-off fantasy, as discussed in the OP.
> So, would you call that a subroutine?
Well obviously I'd have to check the procedure on naming procedures and follow that procedure...