Like those same multi-million dollar corporations that required Flash 10+ years ago? Sometimes the corporations were the worst, because they thought the web should be presented like a TV commercial or navigable circular.
Definitely years after the start of the "best viewed in" crap. You can pick an arbitrary point in time and come up with some sort of stupidity. But that doesn't change the fact that graceful degradation was a design principle of the web from day one.
Companies like Youtube will certainly comply with the British government. Net result: such content won't be on the most popular avenues of the net, but it'll still be out there for those who are "interested" in such things.
The ultimate net result will be that those videos are hosted in places that won't allow them to be rebutted. At least on youtube there is a comments section - both for text and for video responses as well as the stuff on the right side of the page that youtube automatically associates based on keywords.
It's precisely that sort of isolation from moderating influences that radicalizes people. If anything, the censorship of the videos on the big name sites will reinforce the belief that the videos contain the truth and are therefore being repressed.
This really is a case of the only cure for bad speech is good speech, not no speech.
Do you remember the "best viewed with Internet Explorer" tags?
My impression was that only amateurs did stuff like that. It reeked of fanboism. But today it is entirely commonplace to see multi-million dollar corporate websites that are completely fall apart without javascript.
True, but you could also say that practically none of those flash and acrobat vulnerabilities are exposed unless you start your web browser.
Huh? I don't understand how this is a reasonable argument in the larger context of disabling javascript being a bad thing. It just seems like a random retort.
It's not hard to disable plugins without disabling browser JS, and doing so would be a pretty darn reasonable thing to do IMO.
Disable javascript: Block all "raw" javascript exploits AND block almost all plugin exploits. Disable plugins: Only block plugin exploits.
I don't see it being reasonable, unless you think the design principle of graceful degradation has no place on the web.
Maybe you get divorced in the future and Google decides its alright to let lawyers see your email for some reason.
That reason would be a subpoena. Subpoenas for email in divorce cases have been going on for at least a decade now. It ain't a theoretical risk at all.
Forever is a long, long time and pretending that the status quo will last as long as the data is very naive.
Your privacy is like Pandora's Box - once you let your personal information out, you'll never be able to stuff it back in again if you ever change your mind.
javascript is the number one source of web browser vulnerabilities by at least an order of magnitude, probably two.
No it isn't, not even close. Flash and Acrobat Reader are by far the biggest infection vectors; raw, browser-based JS is positively benign by comparison.
Whether it is "raw" or not is irrelevant - practically none of those flash and acrobat vulnerabilities are exposed unless javascript is enabled.
Graceful degradation -- forget it. The new way to read text is via some Rube Goldberg mechanism
Bingo.
It's almost like the current generation of web devs haven't even heard the term and to think that graceful degradation was once the cardinal rule in web design.
A lot of website functionality is built with JavaScript - that's just a fact of life. You don't have to enable it, but you really can't complain when websites don't cater to the small minority of users who either disable or block all scripts.
But you can damn will complain when javascript is used unnecessarily, especially when it's used as a crutch by obviously lazy and/or neophyte developers because their laziness results in their users being unnecessarily exposed to increased security risks. Nobody disables javascript because they want to, they disable it because javascript is the number one source of web browser vulnerabilities by at least an order of magnitude, probably two.
Web developers are (supposed to be) the experts, web users are regular joes -- it should be the experts that bear the burden of making websites that encourage good security practices, rather than putting the burden on the non-experts to have to deal with increasing array of vulnerabilities.
If all sites were simply written in HTML there would be a lot less 'web' out there.
I disagree. There would be a lot less crap, and probably only slightly less useful content. But above all there would be a hell of a lot less malicious websites and compromised ad networks.
Except that in America we are in denial about it. Or, put another way, the people running big business and much of government preach free market but practice corporate socialism.
Despite the history of Korea being kicked around by the rest of Asia, there are many unofficial ties between DPRKorea and Japan. Whole communities of rich Juche supporters live in Japan. Even the official news outlet (Korea Central News Agency) runs under a jp domain...
There is a really great japanese movie called "Go" about a teenage zainichi growing up in the north korean ex-pat community in Japan. Really a top-notch coming of age story and I thought it was pretty accessible to western sensibilities too, although there was a sense of being "dropped" into the middle of the culture with little explanation of many of the basics that any japanese person would probably just automatically be familiar with.
Well sir we are talking about a impoverished nation here. Are you sure the pigeons would survived without being hunt down and eaten before it crossed the border?
Moderated as funny, but it is serious. I knew a girl who immigrated from a dirt-poor town in the chinese boondocks. She told me that in her town there were no pets, because they had all been eaten for food. North Korea seems to be even more impoverished than that.
No seriously. I haven't come across any details regarding the backscatter or the pat downs that discusses differential treatment for young travelers. Don't have kids, but I would imagine a parent's dilemma when traveling in the coming days will be: a) quasi-nude imagery of my children; or b) stranger danger.
Don't forget that the safe levels of radiation exposure are, like exposure to chemicals in foods, calibrated for adults. A child going through the radiation box is going to get a much higher dose per kilogram of body-weight than an adult will and I wouldn't be surprised to find out that radiation exposure at a young age turns out to have more of an impact than an adult because the kid is still growing.
Anyone who wants to sell a decent device in the US as opposed to $5 player needs to pay royalties to the MPEG-LA, regardless of where it was built.
Oddly enough, enforcement seems to be very lax. Until recently licensing fees for DVD players would typically add up to $20-$30 per unit, yet it wasn't that hard to find $40 DVD players for sale here. There's no way a $40 retail price could support $20 worth of licensing fees, So they were clearly ignoring them, yet you could find such products in stores like Target and Walmart, not to mention amazon and all the other big-name online places.
If you can get it to work with the site, great, they'd be happy for you. The problem comes in with the studios, who demand that Netflix use DRM when a user streams a video on their site.
Except when a 'studio' demands that their videos be streamed without DRM netflix is not happy to cooperate either. Not even to go so far as to include a pre-roll to the movie telling viewers where they can get a Free copy.
You want proof? Talk to a doctor about requirements for organ transplant recipients. Young before old, no druggies or drunks, no one with uncurable conditions, or even lasting illnesses. If all life was of equal value, then it'd simply be a matter of "who started needing the replacement first."
That's not a judgement of value of a life, that's a judgement of the value of the transplant. All of those criteria are used to judge who will probably get the most benefit, i.e. longevity, from the transplant. No point in transplanting an organ who is just going to die of some other cause in a week. But likelihood of death has no bearing on the value of life.
Then there's the legal system. Self-defence makes murder legal. Hmm. But if your life is worth the same as your would-be killer, you should be just as liable for his death as he would have been for yours.
Self defence does not make "murder" legal, it makes killing justified. It's not a judgment of the value of the life of either person - its a judgment of the circumstances and context of the killing.
So what value exactly would a small time crook get out of hacking random facebook accounts? The likelihood of him finding monetizable information in a random account would be quite low.
(A) Major failure of imagination.
Apologies for having to reach out to you like this,this had to come in a hurry due to the urgency of the situation. Presently,I'm stuck in England and need help getting home.I made a trip this past weekend to London, UK and unfortunately, I was robbed.my bags, cash , cards and cell phones were taken at gunpoint. It was a terrible experience.right now i need help getting back home , i've been to the embassy and the Police here but they're not helping issues at all,the good thing is I still have my passport.I just don't have enough money to get back home,I can't have access to funds without my credit card, I've made contact with my bank but they need more time to come up with a new one. I was wondering if you could help with a quick loan that I can give back as soon as I get in.All i really need is $1,250,would appreciate whatever you can put in.) Promise to refund you as soon as i get back home in a couple of days. you can have it wired to me via Western Union.please let me know if this is okay with you so i can forward the necessary wiring details.
So you think it's easier for criminal gangs to build and deploy thousands of small, hard to discover automatic wifi sniffers/repeaters all across the country than to simply infect computers with malware?
(A) Mischaracterization No need to "build and deploy" a bunch of fancy shit - all its takes is for individual petty thieves with cheap laptops to spend an hour or so at each of the hotspots around their neighbourhoods each week. Small time scammers work for small time profits all the time. Just look at how frequently credit card theft is committed by low-paid clerks and shoulder surfers. Sniffing wifi is a hell of a lot less risky than either of those.
(B) False Dichotomy Just because one means of attack is available doesn't preclude entirely different people from attacking via another avenue.
Your kind of thinking is exactly why the software security business routinely finds itself mystified by the behavior of ordinary people. It's not that those people are dumb. It's that some geeks end up with a wildly distorted view of risk.
In my case, that 'distortion' is the application of automation. Yeah, today very few people are side-jacking facebook. But I can remember when phishing, 411-scams, and even spam were all so rare that those didn't pose a significant risk either. But all of those, and pretty much every significant risk on the net, became problematic due to the application of automation. Side-jacking facebook is ripe for similar automation. And don't think for a second that attacks that are automated will be so blatant that you can easily notice tampering with your account -- that would defeat the purpose of malicious side-jacking in the first place.
the only reason I ever boot into Windows is for Netflix's "Watch Instantly" feature.
Of course, my desire for this despite the DRM probably means I'm going to open-source fundamentalist hell..
If that Hell is a world where the middle-men have even greater control over distribution than they do now, where the first sale doctrine is an anachronism, where cultural history can be rewritten or censored as easily as deleting a file, then yeah, you are merrily skipping down that path.
9/11 was proof that the "we can use technology to replace an operations-focused intelligence apparatus" argument is a load of bullshit.
Far from it.
We already had plenty of intel about the plot, it just wasn't correlated very well. More "boots on the ground" would not have brought the plot to light any sooner.
All 9/11 was proof of was that a society based on freedom will occasionally be attacked by people exploiting freedom. We seem to have taken the wrong lesson from that proof and have decided to repress freedom in a scattershot approach to reducing attacks.
Like those same multi-million dollar corporations that required Flash 10+ years ago? Sometimes the corporations were the worst, because they thought the web should be presented like a TV commercial or navigable circular.
Definitely years after the start of the "best viewed in" crap.
You can pick an arbitrary point in time and come up with some sort of stupidity.
But that doesn't change the fact that graceful degradation was a design principle of the web from day one.
Companies like Youtube will certainly comply with the British government. Net result: such content won't be on the most popular avenues of the net, but it'll still be out there for those who are "interested" in such things.
The ultimate net result will be that those videos are hosted in places that won't allow them to be rebutted. At least on youtube there is a comments section - both for text and for video responses as well as the stuff on the right side of the page that youtube automatically associates based on keywords.
It's precisely that sort of isolation from moderating influences that radicalizes people. If anything, the censorship of the videos on the big name sites will reinforce the belief that the videos contain the truth and are therefore being repressed.
This really is a case of the only cure for bad speech is good speech, not no speech.
Do you remember the "best viewed with Internet Explorer" tags?
My impression was that only amateurs did stuff like that. It reeked of fanboism.
But today it is entirely commonplace to see multi-million dollar corporate websites that are completely fall apart without javascript.
True, but you could also say that practically none of those flash and acrobat vulnerabilities are exposed unless you start your web browser.
Huh? I don't understand how this is a reasonable argument in the larger context of disabling javascript being a bad thing. It just seems like a random retort.
It's not hard to disable plugins without disabling browser JS, and doing so would be a pretty darn reasonable thing to do IMO.
Disable javascript: Block all "raw" javascript exploits AND block almost all plugin exploits.
Disable plugins: Only block plugin exploits.
I don't see it being reasonable, unless you think the design principle of graceful degradation has no place on the web.
Maybe you get divorced in the future and Google decides its alright to let lawyers see your email for some reason.
That reason would be a subpoena. Subpoenas for email in divorce cases have been going on for at least a decade now. It ain't a theoretical risk at all.
Forever is a long, long time and pretending that the status quo will last as long as the data is very naive.
Your privacy is like Pandora's Box - once you let your personal information out, you'll never be able to stuff it back in again if you ever change your mind.
javascript is the number one source of web browser vulnerabilities by at least an order of magnitude, probably two.
No it isn't, not even close. Flash and Acrobat Reader are by far the biggest infection vectors; raw, browser-based JS is positively benign by comparison.
Whether it is "raw" or not is irrelevant - practically none of those flash and acrobat vulnerabilities are exposed unless javascript is enabled.
....to Microsoft, for moving in the right direction of adopting standards. I still hate you, Microsoft, but I hate you less.
Don't waste your time hating MS.
Instead show your love for competition and user choice because that is the only reason MS improved IE.
Graceful degradation -- forget it. The new way to read text is via some Rube Goldberg mechanism
Bingo.
It's almost like the current generation of web devs haven't even heard the term and to think that graceful degradation was once the cardinal rule in web design.
A lot of website functionality is built with JavaScript - that's just a fact of life. You don't have to enable it, but you really can't complain when websites don't cater to the small minority of users who either disable or block all scripts.
But you can damn will complain when javascript is used unnecessarily, especially when it's used as a crutch by obviously lazy and/or neophyte developers because their laziness results in their users being unnecessarily exposed to increased security risks. Nobody disables javascript because they want to, they disable it because javascript is the number one source of web browser vulnerabilities by at least an order of magnitude, probably two.
Web developers are (supposed to be) the experts, web users are regular joes -- it should be the experts that bear the burden of making websites that encourage good security practices, rather than putting the burden on the non-experts to have to deal with increasing array of vulnerabilities.
If all sites were simply written in HTML there would be a lot less 'web' out there.
I disagree. There would be a lot less crap, and probably only slightly less useful content. But above all there would be a hell of a lot less malicious websites and compromised ad networks.
It's actually how it works in a lot of countries.
Except that in America we are in denial about it. Or, put another way, the people running big business and much of government preach free market but practice corporate socialism.
Don't forget all the government subsidies they surely hope to attract in the process.
In America, that's how markets work.
Despite the history of Korea being kicked around by the rest of Asia, there are many unofficial ties between DPRKorea and Japan. Whole communities of rich Juche supporters live in Japan. Even the official news outlet (Korea Central News Agency) runs under a jp domain...
There is a really great japanese movie called "Go" about a teenage zainichi growing up in the north korean ex-pat community in Japan. Really a top-notch coming of age story and I thought it was pretty accessible to western sensibilities too, although there was a sense of being "dropped" into the middle of the culture with little explanation of many of the basics that any japanese person would probably just automatically be familiar with.
Well sir we are talking about a impoverished nation here. Are you sure the pigeons would survived without being hunt down and eaten before it crossed the border?
Moderated as funny, but it is serious. I knew a girl who immigrated from a dirt-poor town in the chinese boondocks. She told me that in her town there were no pets, because they had all been eaten for food. North Korea seems to be even more impoverished than that.
have fun in Hawaii
Just take the H-1 interstate from california.
http://www.fhwa.dot.gov/infrastructure/hawaii01.cfm
No seriously. I haven't come across any details regarding the backscatter or the pat downs that discusses differential treatment for young travelers. Don't have kids, but I would imagine a parent's dilemma when traveling in the coming days will be: a) quasi-nude imagery of my children; or b) stranger danger.
Don't forget that the safe levels of radiation exposure are, like exposure to chemicals in foods, calibrated for adults. A child going through the radiation box is going to get a much higher dose per kilogram of body-weight than an adult will and I wouldn't be surprised to find out that radiation exposure at a young age turns out to have more of an impact than an adult because the kid is still growing.
Anyone who wants to sell a decent device in the US as opposed to $5 player needs to pay royalties to the MPEG-LA, regardless of where it was built.
Oddly enough, enforcement seems to be very lax. Until recently licensing fees for DVD players would typically add up to $20-$30 per unit, yet it wasn't that hard to find $40 DVD players for sale here. There's no way a $40 retail price could support $20 worth of licensing fees, So they were clearly ignoring them, yet you could find such products in stores like Target and Walmart, not to mention amazon and all the other big-name online places.
You might want to have a think about who's really being humiliated in this situation though. I don't think it's me.
Obligatory TSA Gangstaz
Here's a few selections from the lyrics:
Don't even think of coming through if you're a terr-or-ist.
We got a gay body builder for the male assist.
How can I be sure you aren't a member of al-qaeda?
Now excuse my wand while I slide it up inside ya!
Airport security done changed since 2001
Let me squeeze those titties or the terrorists have already won.
Hey hippie, you got a suspicious lookin face
Let me up that ass like Maria Full of Grace.
Girl, I can't let you bring on more than 4 ounces
unless you wanna show me how your fat booty bounces
We confiscate your liquors because you know they pose a threat
I'll even confiscate your pussy if I make it too wet
Damn I hate to see that breast milk go to waste
But you cam come right through if you give me a taste
If you can get it to work with the site, great, they'd be happy for you. The problem comes in with the studios, who demand that Netflix use DRM when a user streams a video on their site.
Except when a 'studio' demands that their videos be streamed without DRM netflix is not happy to cooperate either. Not even to go so far as to include a pre-roll to the movie telling viewers where they can get a Free copy.
You want proof? Talk to a doctor about requirements for organ transplant recipients. Young before old, no druggies or drunks, no one with uncurable conditions, or even lasting illnesses. If all life was of equal value, then it'd simply be a matter of "who started needing the replacement first."
That's not a judgement of value of a life, that's a judgement of the value of the transplant. All of those criteria are used to judge who will probably get the most benefit, i.e. longevity, from the transplant. No point in transplanting an organ who is just going to die of some other cause in a week. But likelihood of death has no bearing on the value of life.
Then there's the legal system. Self-defence makes murder legal. Hmm. But if your life is worth the same as your would-be killer, you should be just as liable for his death as he would have been for yours.
Self defence does not make "murder" legal, it makes killing justified. It's not a judgment of the value of the life of either person - its a judgment of the circumstances and context of the killing.
Sounds like the perfect defence for guys like this!
So what value exactly would a small time crook get out of hacking random facebook accounts? The likelihood of him finding monetizable information in a random account would be quite low.
(A) Major failure of imagination.
Apologies for having to reach out to you like this,this had to come in a hurry .my bags, cash , .I just don't have enough money to get back home,I can't ,would appreciate whatever you can put in.) Promise to refund you as soon .please let me know if this is okay with you so i can forward the
due to the urgency of the situation.
Presently,I'm stuck in England and need help getting home.I made a trip this
past weekend to London, UK and unfortunately, I was robbed
cards and cell phones were taken at gunpoint. It was a terrible
experience.right now i need help getting back home , i've been to the embassy
and the Police here but they're not helping issues at all,the good thing is I
still have my passport
have access to funds without my credit card, I've made contact with my bank but
they need more time to come up with a new one. I was wondering if you could help
with a quick loan that I can give back as soon as I get in.All i really need is
$1,250
as i get back home in a couple of days. you can have it wired to me via Western
Union
necessary wiring details.
waiting to hear from you
Bob
So you think it's easier for criminal gangs to build and deploy thousands of small, hard to discover automatic wifi sniffers/repeaters all across the country than to simply infect computers with malware?
(A) Mischaracterization
No need to "build and deploy" a bunch of fancy shit - all its takes is for individual petty thieves with cheap laptops to spend an hour or so at each of the hotspots around their neighbourhoods each week. Small time scammers work for small time profits all the time. Just look at how frequently credit card theft is committed by low-paid clerks and shoulder surfers. Sniffing wifi is a hell of a lot less risky than either of those.
(B) False Dichotomy
Just because one means of attack is available doesn't preclude entirely different people from attacking via another avenue.
Your kind of thinking is exactly why the software security business routinely finds itself mystified by the behavior of ordinary people. It's not that those people are dumb. It's that some geeks end up with a wildly distorted view of risk.
In my case, that 'distortion' is the application of automation. Yeah, today very few people are side-jacking facebook. But I can remember when phishing, 411-scams, and even spam were all so rare that those didn't pose a significant risk either. But all of those, and pretty much every significant risk on the net, became problematic due to the application of automation. Side-jacking facebook is ripe for similar automation. And don't think for a second that attacks that are automated will be so blatant that you can easily notice tampering with your account -- that would defeat the purpose of malicious side-jacking in the first place.
the only reason I ever boot into Windows is for Netflix's "Watch Instantly" feature.
Of course, my desire for this despite the DRM probably means I'm going to open-source fundamentalist hell..
If that Hell is a world where the middle-men have even greater control over distribution than they do now, where the first sale doctrine is an anachronism, where cultural history can be rewritten or censored as easily as deleting a file, then yeah, you are merrily skipping down that path.
9/11 was proof that the "we can use technology to replace an operations-focused intelligence apparatus" argument is a load of bullshit.
Far from it.
We already had plenty of intel about the plot, it just wasn't correlated very well.
More "boots on the ground" would not have brought the plot to light any sooner.
All 9/11 was proof of was that a society based on freedom will occasionally be attacked by people exploiting freedom.
We seem to have taken the wrong lesson from that proof and have decided to repress freedom in a scattershot approach to reducing attacks.