--enable-alsa will go away in Firefox 54. And the build system of Firefox is insane, so you can't expect a regular user to recompile.
With PulseAudio being criminally broken (case in point: doesn't work on the box I sit my butt at right at the moment), the effect is that Firefox has no sound.
No, all of Islam is a problem, not merely the fundamentalists. While at a given moment only a "small" minority of several hundred million are fundies, anyone else, even someone whose parents and grandparents were civilized people who didn't give a damn about religion and visited churches/mosques only for weddings and funerals, may have a mental crisis, hear a sermon, follow a fashion (the recent revival of Islam is just that, a fashion) or the like, and start reading the Koran.
And since, unlike the Bible, the Koran presents an unambiguous message, that person will think "if the God commands to murder unbelievers, perhaps I should do so".
It's not that the Bible doesn't contain juicy passages. Are you approaching a town of another tribe? You're supposed to give them an ultimatum. If they refuse, you need to murder them all. If they surrender, you murder only the elderly and infirm, make the men your slaves and take the women as wives. Except for a few tribes which happened to be neighbours of Israel at that time -- you need to murder them all without even offering them to surrender.
But whenever the Bible says A, in another book it will say B, then in yet another both C and D. Thus, it is relatively easy to persuade a rational person that the demands of their holy book are only a parable and it's "only the spirit that counts".
The result? The majority of muslims believe their savage medieval law is given by god and needs to be forced upon everyone -- while I don't exactly hear about many christians or jews demanding adulterers or those who question their parents should be stoned to death.
People assume that Islam is just a kind of Christianity with a different brand and a few ceremonies swapped. It's not. The Bible is a big honking pile of contradictions, making cherry-picking not only permitted but the only possible way to worship it. You also need a lot of doublethink, but if you got conditioned to it as a child, you take it for granted and accept as normal.
The Koran, on the other hand, is consistent. Instead of being made of a bunch of different books from over a thousand years written by different authors of different religions (Yahvism of 800BC was a tribal polytheism, Christianity as created in early 2nd century AD based mostly on Platonism (with little heed to an illiterate itinerant preacher Yehoshuah) flavoured with myths from all around have nothing in common), Islam is the work of one man. (Not counting nameless scribes, no one ever credits them.) That man was not Muhammad but Uthman who sifted through tales about the former, took what he liked and banned at the pain of death anything else. And Uthman's work was pretty thorough for standards of the time: the biggest contradiction in Islam is permissiveness of alcohol, with everything else being either a literary device ("how long is a day of Allah?") or a mythological quirk (is Iblis an angel or a djinn?).
And with this consistent message, that tells you to murder the infidels at all cost, there's no wonder a portion of worshippers actually believe their holy book. It takes far more dishonesty to cherry-pick from Koran than it is from the Bible.
That some orange clown goes about it wrong (banning people because of their nationality at birth!?!) doesn't make Islam any more compatible with the civilized world.
The spinning disc has a label saying that 1 revolution = X Wh. You can also read the counter once, wait ten seconds and read it again. Wait a whole minute if you want a more accurate reading.
While Stretch still installs that malware by default, it actually works a bit better with a sane init than Jessie. Stretch also has a remarkable lack of regressions when compared to, for example, Wheezy->Jessie, so you can upgrade safely already.
Some of those researchers are paid per paper. Others are sponsored by their companies and/or governments -- those 6500 core-years Google used for SHA1 collision weren't exactly free. Thus, there's a non-negligible number of paid people doing this work.
And no, I don't do security (beyond the "common"-sense).
I agree with you that this will matter only once AMD actually delivers. But my conclusion is the opposite: instead of buying certain to be backdoored Intel, my next laptop will be a Pinebook, using entirely free software with no firmware blobs, in control of the machine from the moment ROM code loads and jumps to the SPL.
I don't care much about customer's servers, as they don't carry my data -- I do mention the issues but don't force anyone to pander to what I consider reasonable.
On my home primary desktop, though, I use an old Phenom2 x6, from before AMD processors became backdoored. It is adequate for my needs (I don't mess with big packages), although recently I started to do more kernel compiles and indeed the machine feels long in the tooth. Let's see how the brouchacha ends up.
And don't call me too paranoid. I'm nowhere near a juicy target, but I still can upload Debian packages, and source-only/reproducible uploads are not yet mandatory. For example, I recently NMUed dash (aka/bin/sh), my upload will be the one used in Stretch and thus on millions of servers, some of which are juicy targets. Now think if the binary didn't happen to be produced by the source, and had some "extras". Built with non-standard compiler options and/or version to thwart disassemble diffs -- let's take a SVN build of clang from halfway between major releases, that'd kill automated review nicely. If you feel extra vicious, doing some arithmetic on syscall arguments will defeat static analysis. Make your payload's trigger depend on a hash of unobvious characteristics of your target, and perhaps even use that hash in the above syscall arithmetic.
Yeah, it is possible to hide an intentional hole in plain view in the source (the Underhanded C Contest has some ideas how) but that's insanely more work, and if you're not a regular contributor to a project you want to suborn it'd be tricky to submit large enough piece of code to survive review. In comparison, passing a tainted binary is so much easier -- and thus, cost-effective, that at this moment I'd expect a rational attacker to go this way.
Thus, even though I'm a mere unimportant Debian Developer, I am trusted (in the negative sense of the word) with your security, and thus it's my duty to do my best. Yeah, some of Debian buildds and archive machines do use recent Intel CPUs, but they're also far more watched than my private machines and thus it'd be harder to suborn them without being noticed than the dash hack I just described.
For some random package, open source is not necessarily more secure (no one bothers to review). Same for even high profile targets that are too big to humanly review (browsers) although available source already gives quite an edge. But the PSP code is really small, and has a horde of researches salivating at the thought of taking a look.
Pros: it'd increase security (review), be what some customers want, give AMD an edge against Intel at no monetary cost. Con: it's against express wishes of US three letter agencies who want their backdoors
It's also the last ESR where you can recompile to have sound on Linux. In 51, it worked flawlessly. In 52, you need to rebuild. In 54, pulseaudio will be a strict dependency.
And pulseaudio works (if it does at all) about as bad as you'd expect on something from the author of avahi and systemd.
At least this thing says its a 1080p screen with a decent amount of ram and decent processor.
And almost 3x the price tag. And backdoored CPU you can't replace the IME for (Pinebook allows loading your own TrustZone code). And a noisy mechanical disk, probably the CPU needs a fan as well.
The launch was delayed due to supplier issues, this time to around March 20. Prototypes exist (photos: 123) and were sent to a bunch of involved people who are working on mainlining the drivers. The thing will ship with a smelly OS and smelly 3.10 vendor kernel, but near-mainline is basically working: only sound is missing, display currently only simplefb, proper DRM is being worked on.
(I'm merely watching #pine64, I'll try to make proper Debian installer (instead of mere dd-able images) once I get a Pinebook in my hands, but I'm only peanut gallery for now.)
Got it. Looks like that logger window is empty and doesn't even appear like it should have anything in it -- unless you manually reload the page you want to kill parts of, losing dynamically loaded pieces and so on.
You can't also just click on an entry to make a filter -- unless I'm missing something, on uBlock Origin you need to copy the URL, go to some other place several clicks away, manually write and edit the rule. On the other hand, AdBlock Plus takes you directly to a "new filter" dialog, with a few common variants pre-made ("subdomain.domain.tld/first_dir_part/", "subdomain.domain.tld/", "domain.tld") and editable full URL.
Nonsense, uBlock Origin supports URL based blocking as well as DOM based. In fact URL based is the primary method it uses since that avoids loading the content at all.
For third-party lists, yeah. But adding your own rules is uncomfortable at best. I might be a doofus, but I can't seem to find a way to provide a list of URLs requested by the page you're on -- ie, an equivalent of Adblock's "Open blockable items". The best approximation in uBlock Origin I managed to find is some "dynamic filtering" that apparently allows blocking by domain only. For that, I already have RequestPolicy which does that so much better, with a "default deny" rule on third-party assets.
If uBlock Origin has a way to show the full list of URLs referenced, that I have missed, would you mind pointing it out?
Which is useless as it lacks the interface to block crap via URLs. Blocking via DOM is semi-good for visual elements only, what I want is to get rid of trackers first, decrapifying view being only a side effect (as every ad is also a tracker).
A black-and-white image? convert trollface.png trollface.ubrl && cat trollface.ubrl A colour image? catimg-r2 | ansi2html (package colorized-logs), elinks with use_document_colors=2 only. A histogram? braillegraph.
The first and the last work in plain Unicode text, the second one requires HTML. On any site with basic Unicode support I'd include samples, but, you know, Slashdot...
Slashdot Mirror
Only if "produces no sound on hardware where plain ALSA works perfectly" counts as winning for you.
--enable-alsa will go away in Firefox 54. And the build system of Firefox is insane, so you can't expect a regular user to recompile.
With PulseAudio being criminally broken (case in point: doesn't work on the box I sit my butt at right at the moment), the effect is that Firefox has no sound.
No, all of Islam is a problem, not merely the fundamentalists. While at a given moment only a "small" minority of several hundred million are fundies, anyone else, even someone whose parents and grandparents were civilized people who didn't give a damn about religion and visited churches/mosques only for weddings and funerals, may have a mental crisis, hear a sermon, follow a fashion (the recent revival of Islam is just that, a fashion) or the like, and start reading the Koran.
And since, unlike the Bible, the Koran presents an unambiguous message, that person will think "if the God commands to murder unbelievers, perhaps I should do so".
It's not that the Bible doesn't contain juicy passages. Are you approaching a town of another tribe? You're supposed to give them an ultimatum. If they refuse, you need to murder them all. If they surrender, you murder only the elderly and infirm, make the men your slaves and take the women as wives. Except for a few tribes which happened to be neighbours of Israel at that time -- you need to murder them all without even offering them to surrender.
But whenever the Bible says A, in another book it will say B, then in yet another both C and D. Thus, it is relatively easy to persuade a rational person that the demands of their holy book are only a parable and it's "only the spirit that counts".
The result? The majority of muslims believe their savage medieval law is given by god and needs to be forced upon everyone -- while I don't exactly hear about many christians or jews demanding adulterers or those who question their parents should be stoned to death.
People assume that Islam is just a kind of Christianity with a different brand and a few ceremonies swapped. It's not. The Bible is a big honking pile of contradictions, making cherry-picking not only permitted but the only possible way to worship it. You also need a lot of doublethink, but if you got conditioned to it as a child, you take it for granted and accept as normal.
The Koran, on the other hand, is consistent. Instead of being made of a bunch of different books from over a thousand years written by different authors of different religions (Yahvism of 800BC was a tribal polytheism, Christianity as created in early 2nd century AD based mostly on Platonism (with little heed to an illiterate itinerant preacher Yehoshuah) flavoured with myths from all around have nothing in common), Islam is the work of one man. (Not counting nameless scribes, no one ever credits them.) That man was not Muhammad but Uthman who sifted through tales about the former, took what he liked and banned at the pain of death anything else. And Uthman's work was pretty thorough for standards of the time: the biggest contradiction in Islam is permissiveness of alcohol, with everything else being either a literary device ("how long is a day of Allah?") or a mythological quirk (is Iblis an angel or a djinn?).
And with this consistent message, that tells you to murder the infidels at all cost, there's no wonder a portion of worshippers actually believe their holy book. It takes far more dishonesty to cherry-pick from Koran than it is from the Bible.
That some orange clown goes about it wrong (banning people because of their nationality at birth!?!) doesn't make Islam any more compatible with the civilized world.
wants a bottle RIGHT THE HECK NOW
Not a bottle, a tit. A tit that used to belong to you.
Also, many of those who gain 2 years in life expectancy lose many more years of piece and quiet having to raise their brats.
This. You gain 1.8 years, lose 18.
And politicians and lawyers.
Especially that he, himself, allowed EME into the standard, when he could stop it.
The spinning disc has a label saying that 1 revolution = X Wh. You can also read the counter once, wait ten seconds and read it again. Wait a whole minute if you want a more accurate reading.
While Stretch still installs that malware by default, it actually works a bit better with a sane init than Jessie. Stretch also has a remarkable lack of regressions when compared to, for example, Wheezy->Jessie, so you can upgrade safely already.
Some of those researchers are paid per paper. Others are sponsored by their companies and/or governments -- those 6500 core-years Google used for SHA1 collision weren't exactly free. Thus, there's a non-negligible number of paid people doing this work.
And no, I don't do security (beyond the "common"-sense).
I agree with you that this will matter only once AMD actually delivers. But my conclusion is the opposite: instead of buying certain to be backdoored Intel, my next laptop will be a Pinebook, using entirely free software with no firmware blobs, in control of the machine from the moment ROM code loads and jumps to the SPL.
I don't care much about customer's servers, as they don't carry my data -- I do mention the issues but don't force anyone to pander to what I consider reasonable.
On my home primary desktop, though, I use an old Phenom2 x6, from before AMD processors became backdoored. It is adequate for my needs (I don't mess with big packages), although recently I started to do more kernel compiles and indeed the machine feels long in the tooth. Let's see how the brouchacha ends up.
And don't call me too paranoid. I'm nowhere near a juicy target, but I still can upload Debian packages, and source-only/reproducible uploads are not yet mandatory. For example, I recently NMUed dash (aka /bin/sh), my upload will be the one used in Stretch and thus on millions of servers, some of which are juicy targets. Now think if the binary didn't happen to be produced by the source, and had some "extras". Built with non-standard compiler options and/or version to thwart disassemble diffs -- let's take a SVN build of clang from halfway between major releases, that'd kill automated review nicely. If you feel extra vicious, doing some arithmetic on syscall arguments will defeat static analysis. Make your payload's trigger depend on a hash of unobvious characteristics of your target, and perhaps even use that hash in the above syscall arithmetic.
Yeah, it is possible to hide an intentional hole in plain view in the source (the Underhanded C Contest has some ideas how) but that's insanely more work, and if you're not a regular contributor to a project you want to suborn it'd be tricky to submit large enough piece of code to survive review. In comparison, passing a tainted binary is so much easier -- and thus, cost-effective, that at this moment I'd expect a rational attacker to go this way.
Thus, even though I'm a mere unimportant Debian Developer, I am trusted (in the negative sense of the word) with your security, and thus it's my duty to do my best. Yeah, some of Debian buildds and archive machines do use recent Intel CPUs, but they're also far more watched than my private machines and thus it'd be harder to suborn them without being noticed than the dash hack I just described.
For some random package, open source is not necessarily more secure (no one bothers to review). Same for even high profile targets that are too big to humanly review (browsers) although available source already gives quite an edge. But the PSP code is really small, and has a horde of researches salivating at the thought of taking a look.
Pros: it'd increase security (review), be what some customers want, give AMD an edge against Intel at no monetary cost.
Con: it's against express wishes of US three letter agencies who want their backdoors
So... no.
Come on back when you can code a server in less than 10Meg that's with the OS and the application servers.
10 whole Megs? Try ConTiki web server on a Commodore 64.
It's also the last ESR where you can recompile to have sound on Linux. In 51, it worked flawlessly. In 52, you need to rebuild. In 54, pulseaudio will be a strict dependency.
And pulseaudio works (if it does at all) about as bad as you'd expect on something from the author of avahi and systemd.
Are people really modding up this feces, this worst kind of fake news?
They're modding up whatever narrative fits their belief system, truth has nothing to it.
Well, a 22km (72,000 foot for those using medieval units) mountain is not high enough for you? Add water and you'll have snow.
For terminals rather than arbitrary images: cool-retro-term.
At least this thing says its a 1080p screen with a decent amount of ram and decent processor.
And almost 3x the price tag. And backdoored CPU you can't replace the IME for (Pinebook allows loading your own TrustZone code). And a noisy mechanical disk, probably the CPU needs a fan as well.
The launch was delayed due to supplier issues, this time to around March 20. Prototypes exist (photos: 1 2 3) and were sent to a bunch of involved people who are working on mainlining the drivers. The thing will ship with a smelly OS and smelly 3.10 vendor kernel, but near-mainline is basically working: only sound is missing, display currently only simplefb, proper DRM is being worked on.
(I'm merely watching #pine64, I'll try to make proper Debian installer (instead of mere dd-able images) once I get a Pinebook in my hands, but I'm only peanut gallery for now.)
Got it. Looks like that logger window is empty and doesn't even appear like it should have anything in it -- unless you manually reload the page you want to kill parts of, losing dynamically loaded pieces and so on.
You can't also just click on an entry to make a filter -- unless I'm missing something, on uBlock Origin you need to copy the URL, go to some other place several clicks away, manually write and edit the rule. On the other hand, AdBlock Plus takes you directly to a "new filter" dialog, with a few common variants pre-made ("subdomain.domain.tld/first_dir_part/", "subdomain.domain.tld/", "domain.tld") and editable full URL.
Nonsense, uBlock Origin supports URL based blocking as well as DOM based. In fact URL based is the primary method it uses since that avoids loading the content at all.
For third-party lists, yeah. But adding your own rules is uncomfortable at best. I might be a doofus, but I can't seem to find a way to provide a list of URLs requested by the page you're on -- ie, an equivalent of Adblock's "Open blockable items". The best approximation in uBlock Origin I managed to find is some "dynamic filtering" that apparently allows blocking by domain only. For that, I already have RequestPolicy which does that so much better, with a "default deny" rule on third-party assets.
If uBlock Origin has a way to show the full list of URLs referenced, that I have missed, would you mind pointing it out?
guess you never heard of uBlock origin.
Which is useless as it lacks the interface to block crap via URLs. Blocking via DOM is semi-good for visual elements only, what I want is to get rid of trackers first, decrapifying view being only a side effect (as every ad is also a tracker).
A black-and-white image? convert trollface.png trollface.ubrl && cat trollface.ubrl
A colour image? catimg -r2 | ansi2html (package colorized-logs), elinks with use_document_colors=2 only.
A histogram? braillegraph.
The first and the last work in plain Unicode text, the second one requires HTML.
On any site with basic Unicode support I'd include samples, but, you know, Slashdot...