The article itself is an intriguing read for those wondering where the future of digital magazines can head.
No, no it's really not.
The article is a breathlessly juvenile attempt to assert style over substance. It's an empty - deeply, deeply empty - gesture in the direction of hipness, and as such, has nothing at all of interest to say. Its descriptive abilities are so impoverished that the only way one could even comprehend the article is by watching the promo video. And who wants to do that, when someone composes English that sounds like a high school assignment handed in by one of those kids who tries WAY too hard
Unless the guy is live streaming 24/7 then your goon can brick the whistleblower's phone with an actual brick.
Also, look at real whistleblowers and try to explain how the government would have stopped Snowden with this power? Stop imagining spy drama fiction.
They wouldn't stop Snowden (only) with this. They would, however, be able to keep the story about what's happening in Ferguson, MO (for example) from ever trending on Twitter, simply by killing every phone talking to a particular tower.
To be clear: I'm not suggesting the Feds (black helicopters and all) would do it. I'm suggesting the enlightened minds of the Ferguson Police Department, who have already demonstrated the depth of their acuity, would be perfectly willing to use such a tool, if it were (somewhat) legally available to them.
[satire]That's a fucking brilliant idea! I really really really mean it. Sincerely.
I think that's sarcasm, not satire.
Is it? I wasn't aware. Clearly sarcasm must have some association with satire, because making sardonic statements seems to be the first thing I want to do when I'm writing satire. Then I take someone's stupid idea, and extend it, by including absurd examples of where their (il)logic would/should take them....
... Which I did on the very next fucking line.
Stephen Cobert's show is satire of Bill O'Reilly.
Do tell. Next you'll be telling me that The Daily Show isn't real news.
Because Jon Stewart never uses sarcasm when he indulges in acts of satire.
----------------- P.S. I'm still being sarcastic. And by aping your tone, satirical, too.
Nobody is forcing you to read the Washington Post. Nobody is forcing you to buy anything from Amazon. You can easily avoid both of them, if you want, without any harm or negative effects to yourself. So what's the big deal here?
Just because neither of us hangs out with him doesn't mean I don't get to tell you what a giant douchebag Jeff Bezos is. That's one of the joys of the First Amendment, my friend! Freedom of speech is the freedom to bitch inanely about things that don't directly affect you.
You, of course, are equally free to tell me to shut the fuck up, or to take your own advice and not bitch about something that doesn't interest or affect you....
... But if you do decide to keep talking about the problem, and maybe even about how to address or resolve it, then you see the true glory of Open Public Dialogue - the very thing that makes Slashdot such a lovely place to be.:-)
And no, I am not being in the least bit sarcastic, Sheldon.
For the record, this is the 'Great Satan' argument. By castigating outside influences as Other, and associating them with a group or nation that the populace has been indoctrinated to hate, it's possible to reject an idea without ever actually considering the merit of the idea itself. Thanks to the hard-working censorship peons from the People's Republic of China for this updated version. The Iranian one was getting old, and we're WAY past blaming the Jews.
TL;DR: "just fix everything" is great in principle, pretty much impossible in practice.
Okay, so go back to the top of my post and read it again for my response to 'It's too hard.':-)
If you think that 'just fix everything' is what I'm saying, then you haven't even done me the justice of thinking about what I'm suggesting. I am saying that we geeks should know better, that we should do what we did in the 80s and 90s and turn our collective back on the well-trodden path and build our own internet, only this time with hookers and blackjack. Then I offered a few key suggestions about things we as geeks could fairly easily work on to move us in that direction.
To assume that I simply want to snap my fingers and effortlessly get all that and a pony is to fundamentally misunderstand what it is to be a geek. We build things for ourselves. When things don't work the way they should, we change them.
Now, I'm not suggesting you're not a True Geek (or Scotsman, for that matter). I'm just saying that if you're going to say 'too hard' about a situation such as this...
... No, fuck it. I am saying you're not a Real Geek:-)
All right then. Let's all just roll over and die, why don't we?
Look, I get your cynicism, but don't let it run to fatalism. There are things you can do:
- Stop making it easy on them. Stop using Windows. Seriously. Understand that what's convenient for you is often convenient for them.
- Stop using proprietary software at all. Yes, yes, HeartBleed nothing is safe bla bla bla. I'm not talking about safe, though; I'm talking about safer. And FOSS is, objectively, a safer environment, and will remain so even after it becomes popular.
- Start building and using federated, encrypted, decentralised, peer-to-peer systems. I honestly don't know why geeks didn't do this years ago, but why the fuck is Facebook the state of the art in social media? I mean, seriously. It's not only a privacy disaster area, it's a badly polished piece of shit to boot. We know that They don't like TOR because it's harder for Them. We know That they don't like bittorrent because it's harder for Them. So why the fuck are we not taking a clue from that and creating a UseNET we can go back to? I mean, I get why the peons don't, but we're geeks, for fuck sake. That used to mean something.
- Start re-imagining an internet whose physical characteristics resemble its protocols. At the outset, we thought it would be cool to have generic protocols that ran more or less transparently on any old network at all. What we didn't realise was that just because stupid networks were possible, that didn't mean they were inevitable. The whole ICANN/ITU fiasco is all the evidence we need to see that the world's telcos have begun to realise how much ground they've lost and they want it back. But that doesn't mean we have to give it to them. Mesh topologies using low-power devices are the only we we cut them back down to size.
You can get all fatalistic if you like, but if your only response to the encroachments of authority is to run further and faster, then (apologies to Scotsmen everywhere) you're not a real geek.
Dealing with such toxic bullshit only ensures it will spread around more, even if only slightly. I'd rather point out why it's garbage.
Yes, but the entire article is low-brow drivel. I have no idea why this was the source they chose to link to (though it might go a long way toward explaining the tone and content of Slashdot's discussions these days...). I mean, check out this para:
The murky world of firmware sometimes makes it hard to figure out which products might be affected. Manufacturers often rely on tools and development kits that are widely used across industries, so the flawed firmware can end up in product sold under lots of different brands.
It's hard to know whether this 'writer' even teh English. But worse, the content is almost anti-information. What the fuck is a 'murky world'? People use generic toolkits? Sold to more than one company?! Who is this Adam Smith and where do I get his pamphlets?!?
Worse, the author[*] is implying that this is somehow an inherent flaw that might prove to be a fundamental difficulty. In truth, it's an aspect of software development that has been there since the very first computers existed. And what's more, we know how to fucking deal with it. Instead of massaging the conscience of halfwit managers, maybe he could have offered a bit of illumination concerning the decades of precedent for dealing with software quality, and explaining how these principles can (or cannot) be applied to firmware.
The thing that drives me toward despair is that the article - the whole publication - is clearly aimed at corporate decision-makers.
---------------
[*] With apologies to all real authors everywhere.
That wasn't the question. What do you do when you did read something inadvertently? You can't unread "Irregularities in the pension fund". Do you pretend that you don't know? What if it's something illegal / against company policy / unethical?
We used to call it 'being trustworthy'. Not sure what the term is today.
People need to know that they can rely on you under pretty much any circumstances, otherwise they'll stop calling and you won't be able to do your job. That means ignoring pretty much everything.
I say pretty much, because there is a line past which you cannot remain silent. For me, it was child pornography on a customer's computer. I called the police and handed over the equipment.
This was in a small town, and it ruined my life, by the way. The owner of the computer was a prominent citizen who immediately accused me of planting the material, then began a slur campaign against me. The town, as the saying goes, wasn't big enough for the both of us. After more than a year of this, I had to leave. I'd lost my job, and I'd lost half my friends.
Some time later, I ran into an acquaintance from that town in an airport. His first bit of news that that the kiddie diddler had finally been convicted. His own smear campaign finally had the effect of bringing three adult victims of his out. They testified against him and put him away. The lesson I learned is that, sometimes, there is justice in this world. But it doesn't come free.
So yes, you need to be - and you need to be seen to be - completely, implicitly trustworthy. How you do it is simple enough: Always be there, never be seen to be part of the gossip. Be open and obvious about everything you do, and never, ever work in someone's office with the door closed. Equally, though, you need to be seen to be the kind of person who will do the right thing. That's a little harder to do and, as I've recounted, sometimes comes at a cost.
Ireland didn't do anything remotely like what Hamas is doing to Israel. If it did, you would have seen the relevant bits of Ireland flattened like what England helped do to Nazi Germany.
I don't really have a side in this argument. But I do feel compelled to mention that England absolutely did terrible, terrible things in trying to quell the Irish problem. Oliver Cromwell famously said that Catholics were welcome to go to 'Hell or Connaught' as he drove them from the Pale. (Those of you who can see beyond the postcard photos will know that Connaught is close enough to Hell when you're trying to work a farm.)
The potato 'famine' was a direct result of predatory practices put in place by the British and Anglo-Irish to keep the Irish poor and desperate. Over a million people died. But this practice had been going on for years and years beforehand. Deacon Smith's A Modest Proposal, considered one of the greatest examples of satire in the English language, was a direct response to the appalling depredations of the landlord class in Ireland.
In fact the intransigence of the problem of Northern Ireland is a direct result of the British relocating large numbers of people (mostly Scots) to Ulster in order to create a 'buffer' population. Now, 400 years on, they have a very similar problem to that experienced by the Israelis, who tragically are using almost exactly the same tactics to deal with it, proving that they've failed to learn a thing from the fight for Irish independence.
Well it runs on Windows obviously. With the number of reported infections, the speed with which it happened, and the fact that it is a Trojan (meaning you need to trick the user into running it), it can only be Windows.
This propagation rate is positively tiny. Honestly, I don't know why it's even part of the headline. For context, this paper (PDF, sorry) shows Code Red infecting over 500,000 machines in an hour.
If 11,000 machines in a day is an event, then we should all be sitting back and breathing a sigh of relief that the bad old days are over....
(Not that I believe that they are. I just don't see any reason for the breathless headline.)
You are a citizen who cares more about your children's survival than the survival of Freedom and the well being of millions. In other words you aren't merely part of the problem, you are the problem.
You could happily sit in the company of many of history's great men. The too were willing to sacrifice countless lives for some lofty goal.
Is there any benefit too small, in your mind, for my kids to die supporting it?
It's worth noting that most revolutions happen when the only way remaining to provide for and protect one's children is to take up arms or man the barricades.
... And most of them are won by the side most able to protect its children.
Could it ever possibly be that these scientists who "dominate" the scientific publishing are actually worthy of such a thing?
Indeed. And besides, compared to the star system in Hollywood, for example, this is downright democratic.
The intellectual penury that comes with serving with a leader in a given field seems to be gladly endured by most young researchers. This story ignores the fact that, although the senior researcher's name may be at the top of the paper, the junior researcher's name is right there below it.
It's a bit like an actor accepting a lesser credit in order to appear in a bigger film.
The ability to seamlessly use + with mixed text and numeric types in a language without explicitly declared types is usually considered a design flaw, not a positive feature. Perl uses separate operators for strings vs. numbers to avoid ambiguity....
Though in fairness, it should be mentioned that, as with other aspects of the language, Perl also assumes that you are using the right operator, and that you actually mean what you wrote:
JSONP callback functions normally return a JSON blob wrapped in a user-specified callback function, which the browser will then execute as JavaScript. Nothing out of the ordinary here. However, the new attack has leveraged a method of crafting a Flash file to contain a restricted character set that's usable within JSONP callbacks (i.e. in a URL). By combining the two, the attack demonstrates it's possible to use a JSONP URL with the contents of the crafted Flash file as the callback function. When set as the data of a standard HTML object tag, the SWF file executes on the targeted site, bypassing all Same-Origin policies in place.
ummmm what? english please!
The code sneaks a Flash file disguised as a URL into some JSON data and cons the browser into treating it as JavaScript, but on the local machine it acts like an HTML <OBJECT>, and because the browser is executing the Flash code locally now (due to the masquerade), it can run with greater privileges than if it were from a remote site.
Or in layman's terms: Flash totally sucks the suckage, dude. Always did. Still does.
Very powerful and very flexible, without the heavy lifting of many frameworks.
We use on a large ISP as RESTFull Server.
Seconded.
Mojolicious is an excellent back-end or middle layer (depending on your data needs), mostly because it removes the need for many of Perl's more infamous convolutions and contortions. With a bit of Bootstrap and/or AngularJS on the front end, you can get a useable online service put together in a very limited amount of time.
Slashdot Mirror
The article itself is an intriguing read for those wondering where the future of digital magazines can head.
No, no it's really not.
The article is a breathlessly juvenile attempt to assert style over substance. It's an empty - deeply, deeply empty - gesture in the direction of hipness, and as such, has nothing at all of interest to say. Its descriptive abilities are so impoverished that the only way one could even comprehend the article is by watching the promo video. And who wants to do that, when someone composes English that sounds like a high school assignment handed in by one of those kids who tries WAY too hard
.
So your situation is something you saw on 24?
Unless the guy is live streaming 24/7 then your goon can brick the whistleblower's phone with an actual brick.
Also, look at real whistleblowers and try to explain how the government would have stopped Snowden with this power? Stop imagining spy drama fiction.
They wouldn't stop Snowden (only) with this. They would, however, be able to keep the story about what's happening in Ferguson, MO (for example) from ever trending on Twitter, simply by killing every phone talking to a particular tower.
To be clear: I'm not suggesting the Feds (black helicopters and all) would do it. I'm suggesting the enlightened minds of the Ferguson Police Department, who have already demonstrated the depth of their acuity, would be perfectly willing to use such a tool, if it were (somewhat) legally available to them.
[satire]That's a fucking brilliant idea! I really really really mean it. Sincerely.
I think that's sarcasm, not satire.
Is it? I wasn't aware. Clearly sarcasm must have some association with satire, because making sardonic statements seems to be the first thing I want to do when I'm writing satire. Then I take someone's stupid idea, and extend it, by including absurd examples of where their (il)logic would/should take them....
... Which I did on the very next fucking line.
Stephen Cobert's show is satire of Bill O'Reilly.
Do tell. Next you'll be telling me that The Daily Show isn't real news.
Because Jon Stewart never uses sarcasm when he indulges in acts of satire.
-----------------
P.S. I'm still being sarcastic. And by aping your tone, satirical, too.
[satire]That's a fucking brilliant idea! I really really really mean it. Sincerely.
But don't forget the [lies-all-lies], [am-i-boring-you-yet], [pandering-listery], [corporate-shilling] and [too-stupid-even-for-you] prefixes.
Nobody is forcing you to read the Washington Post. Nobody is forcing you to buy anything from Amazon. You can easily avoid both of them, if you want, without any harm or negative effects to yourself. So what's the big deal here?
Just because neither of us hangs out with him doesn't mean I don't get to tell you what a giant douchebag Jeff Bezos is. That's one of the joys of the First Amendment, my friend! Freedom of speech is the freedom to bitch inanely about things that don't directly affect you.
You, of course, are equally free to tell me to shut the fuck up, or to take your own advice and not bitch about something that doesn't interest or affect you....
... But if you do decide to keep talking about the problem, and maybe even about how to address or resolve it, then you see the true glory of Open Public Dialogue - the very thing that makes Slashdot such a lovely place to be. :-)
And no, I am not being in the least bit sarcastic, Sheldon.
For the record, this is the 'Great Satan' argument. By castigating outside influences as Other, and associating them with a group or nation that the populace has been indoctrinated to hate, it's possible to reject an idea without ever actually considering the merit of the idea itself. Thanks to the hard-working censorship peons from the People's Republic of China for this updated version. The Iranian one was getting old, and we're WAY past blaming the Jews.
TL;DR: "just fix everything" is great in principle, pretty much impossible in practice.
Okay, so go back to the top of my post and read it again for my response to 'It's too hard.' :-)
If you think that 'just fix everything' is what I'm saying, then you haven't even done me the justice of thinking about what I'm suggesting. I am saying that we geeks should know better, that we should do what we did in the 80s and 90s and turn our collective back on the well-trodden path and build our own internet, only this time with hookers and blackjack. Then I offered a few key suggestions about things we as geeks could fairly easily work on to move us in that direction.
To assume that I simply want to snap my fingers and effortlessly get all that and a pony is to fundamentally misunderstand what it is to be a geek. We build things for ourselves. When things don't work the way they should, we change them.
Now, I'm not suggesting you're not a True Geek (or Scotsman, for that matter). I'm just saying that if you're going to say 'too hard' about a situation such as this...
... No, fuck it. I am saying you're not a Real Geek :-)
Going to slashdot is safe? No SSL here.
GCHQ has already spoofed Slashdot in the past. So no, going to Slash dot is not safe.
If they want you, they can't get you?
All right then. Let's all just roll over and die, why don't we?
Look, I get your cynicism, but don't let it run to fatalism. There are things you can do:
You can get all fatalistic if you like, but if your only response to the encroachments of authority is to run further and faster, then (apologies to Scotsmen everywhere) you're not a real geek.
Eve? Is Bob cheating on Alice?
Ah, she told you her name was Alice?
You poor naive thing....
That's how language works. Deal with it.
Dealing with such toxic bullshit only ensures it will spread around more, even if only slightly. I'd rather point out why it's garbage.
Yes, but the entire article is low-brow drivel. I have no idea why this was the source they chose to link to (though it might go a long way toward explaining the tone and content of Slashdot's discussions these days...). I mean, check out this para:
The murky world of firmware sometimes makes it hard to figure out which products might be affected. Manufacturers often rely on tools and development kits that are widely used across industries, so the flawed firmware can end up in product sold under lots of different brands.
It's hard to know whether this 'writer' even teh English. But worse, the content is almost anti-information. What the fuck is a 'murky world'? People use generic toolkits? Sold to more than one company?! Who is this Adam Smith and where do I get his pamphlets?!?
Worse, the author[*] is implying that this is somehow an inherent flaw that might prove to be a fundamental difficulty. In truth, it's an aspect of software development that has been there since the very first computers existed. And what's more, we know how to fucking deal with it. Instead of massaging the conscience of halfwit managers, maybe he could have offered a bit of illumination concerning the decades of precedent for dealing with software quality, and explaining how these principles can (or cannot) be applied to firmware.
The thing that drives me toward despair is that the article - the whole publication - is clearly aimed at corporate decision-makers.
---------------
[*] With apologies to all real authors everywhere.
Seriously, dude? 'She was dressed provocatively, so she had it coming.' That's your argument?
Google warns that the preview release contains the Google Fit APIs for Android, but does not contain the REST API or the Android Wear APIs....
Sorry, you're telling me that there's no REST for the FIT? Sounds exhausting....
'Ecuador To Forge ... Currency'
I see what you did there. :-)
That wasn't the question. What do you do when you did read something inadvertently? You can't unread "Irregularities in the pension fund". Do you pretend that you don't know? What if it's something illegal / against company policy / unethical?
We used to call it 'being trustworthy'. Not sure what the term is today.
People need to know that they can rely on you under pretty much any circumstances, otherwise they'll stop calling and you won't be able to do your job. That means ignoring pretty much everything.
I say pretty much, because there is a line past which you cannot remain silent. For me, it was child pornography on a customer's computer. I called the police and handed over the equipment.
This was in a small town, and it ruined my life, by the way. The owner of the computer was a prominent citizen who immediately accused me of planting the material, then began a slur campaign against me. The town, as the saying goes, wasn't big enough for the both of us. After more than a year of this, I had to leave. I'd lost my job, and I'd lost half my friends.
Some time later, I ran into an acquaintance from that town in an airport. His first bit of news that that the kiddie diddler had finally been convicted. His own smear campaign finally had the effect of bringing three adult victims of his out. They testified against him and put him away. The lesson I learned is that, sometimes, there is justice in this world. But it doesn't come free.
So yes, you need to be - and you need to be seen to be - completely, implicitly trustworthy. How you do it is simple enough: Always be there, never be seen to be part of the gossip. Be open and obvious about everything you do, and never, ever work in someone's office with the door closed. Equally, though, you need to be seen to be the kind of person who will do the right thing. That's a little harder to do and, as I've recounted, sometimes comes at a cost.
Ireland didn't do anything remotely like what Hamas is doing to Israel. If it did, you would have seen the relevant bits of Ireland flattened like what England helped do to Nazi Germany.
I don't really have a side in this argument. But I do feel compelled to mention that England absolutely did terrible, terrible things in trying to quell the Irish problem. Oliver Cromwell famously said that Catholics were welcome to go to 'Hell or Connaught' as he drove them from the Pale. (Those of you who can see beyond the postcard photos will know that Connaught is close enough to Hell when you're trying to work a farm.)
The potato 'famine' was a direct result of predatory practices put in place by the British and Anglo-Irish to keep the Irish poor and desperate. Over a million people died. But this practice had been going on for years and years beforehand. Deacon Smith's A Modest Proposal , considered one of the greatest examples of satire in the English language, was a direct response to the appalling depredations of the landlord class in Ireland.
In fact the intransigence of the problem of Northern Ireland is a direct result of the British relocating large numbers of people (mostly Scots) to Ulster in order to create a 'buffer' population. Now, 400 years on, they have a very similar problem to that experienced by the Israelis, who tragically are using almost exactly the same tactics to deal with it, proving that they've failed to learn a thing from the fight for Irish independence.
Grandma's still got a chance of being raped if those frat boys are drunk enough and high enough.
... Which pretty much explains every 'Enterprise IT' purchasing decision ever.
Well it runs on Windows obviously. With the number of reported infections, the speed with which it happened, and the fact that it is a Trojan (meaning you need to trick the user into running it), it can only be Windows.
This propagation rate is positively tiny. Honestly, I don't know why it's even part of the headline. For context, this paper (PDF, sorry) shows Code Red infecting over 500,000 machines in an hour.
If 11,000 machines in a day is an event, then we should all be sitting back and breathing a sigh of relief that the bad old days are over....
(Not that I believe that they are. I just don't see any reason for the breathless headline.)
You are a citizen who cares more about your children's survival than the survival of Freedom and the well being of millions. In other words you aren't merely part of the problem, you are the problem.
You could happily sit in the company of many of history's great men. The too were willing to sacrifice countless lives for some lofty goal.
Is there any benefit too small, in your mind, for my kids to die supporting it?
It's worth noting that most revolutions happen when the only way remaining to provide for and protect one's children is to take up arms or man the barricades.
... And most of them are won by the side most able to protect its children.
...and a negative one at that.
Could it ever possibly be that these scientists who "dominate" the scientific publishing are actually worthy of such a thing?
Indeed. And besides, compared to the star system in Hollywood, for example, this is downright democratic.
The intellectual penury that comes with serving with a leader in a given field seems to be gladly endured by most young researchers. This story ignores the fact that, although the senior researcher's name may be at the top of the paper, the junior researcher's name is right there below it.
It's a bit like an actor accepting a lesser credit in order to appear in a bigger film.
The ability to seamlessly use + with mixed text and numeric types in a language without explicitly declared types is usually considered a design flaw, not a positive feature. Perl uses separate operators for strings vs. numbers to avoid ambiguity....
Though in fairness, it should be mentioned that, as with other aspects of the language, Perl also assumes that you are using the right operator, and that you actually mean what you wrote:
perl -e 'print "x" + 1;'
1
Or, even better:
perl -e 'print "x" x 22;'
xxxxxxxxxxxxxxxxxxxxxx
JSONP callback functions normally return a JSON blob wrapped in a user-specified callback function, which the browser will then execute as JavaScript. Nothing out of the ordinary here. However, the new attack has leveraged a method of crafting a Flash file to contain a restricted character set that's usable within JSONP callbacks (i.e. in a URL). By combining the two, the attack demonstrates it's possible to use a JSONP URL with the contents of the crafted Flash file as the callback function. When set as the data of a standard HTML object tag, the SWF file executes on the targeted site, bypassing all Same-Origin policies in place.
ummmm what? english please!
The code sneaks a Flash file disguised as a URL into some JSON data and cons the browser into treating it as JavaScript, but on the local machine it acts like an HTML <OBJECT>, and because the browser is executing the Flash code locally now (due to the masquerade), it can run with greater privileges than if it were from a remote site.
Or in layman's terms: Flash totally sucks the suckage, dude. Always did. Still does.
Consider the actions if a cretan like Rush Limbaugh was to paddle by...
How would the sensor decide if it was a cretan, a cetaceans or a chondrichthyes?
Clearly, they would know that a Cretan is just a Minoan a large pool.
Very powerful and very flexible, without the heavy lifting of many frameworks. We use on a large ISP as RESTFull Server.
Seconded.
Mojolicious is an excellent back-end or middle layer (depending on your data needs), mostly because it removes the need for many of Perl's more infamous convolutions and contortions. With a bit of Bootstrap and/or AngularJS on the front end, you can get a useable online service put together in a very limited amount of time.
...don't believe in Global Warming
Film at 11.
Well, to be fair, climatologists have always been a little dubious about Swedish farmers, too....
"Narrative Farts, more like."