Fingerprinting is useful for moderation and in the fightagainst trolls, cheaters etc. It is about identifying a computer, not about identifying a person. If they make moderation harder, then there will be less place to socialize on the web. Moreover, income from untargetted ads is only 1/3 - 1/10 of the income for targetted ads. The reduced income results in less service. People could easily pay to replace ad income, but microtransactions haven't taken off for 20 years. They cannot win either, at most they make the monopolies of the internet stronger. It seems the developer community around the web shoot itself in the foot.
But you have no 1 million people interacting with you. And by the way, from my experience, while 0.01 percent is a bit high, but only a bit. 0.001 or 0.0001 is a better estimate for serious threats.
Unfortunately not that simple.
Almost all people choose an ad supported service over a paywalled.
They tried microtransactions where you pay a really small amount, like 0.1 cents, but people don't want to pay at all, instead they prefer ads.
I do believe missing ECC support is an artifical restriction at Intel. AMD has ECC. One of the reasons I always buy AMD, that I can be sure that all processor features of that generation is enabled in even their cheapest processor. No surprises.
Btw. modern processors include most/all of the functionality of the north bridge. Regarding performance, for the same cost AMD usually provides more performance, specifically similar single threaded performance and better multi-threaded performance.
"Wait until you find wire-sniffing apps inside your (expletives deleted) routers"
Yes, I do quite frequently that, about once a week and we are a micro company. tcpdump is one of the most useful tool to debug firewall, vpn, application level networking issues of my users. Plain text protocols are a great help, and it is not coincidental, that most public protocol is plain text. They can be debugged, I can see what is happening on the wire. Usually even binary protocols contain enough ASCII text for debugging. Unnecessary (expletives deleted) HTTPS makes this impossible.
Uber drivers work with their own equipment, whenever, wherever they want, whichever long they want. Except some safety restrictions. If this is employment, then what is contract work?
I have used C and mostly C++ for 10 years. Java for 15+ years, full time.
My experience with Java portability is extremely good, during 15 years I guess i have less than 5 cases when I have to modify our own code for portability reasons. I mean binary compatibility, no recompilation is necessary. Upgrades were seamless too. However I know that others has worse experiences. Regarding C, I almost never have been able to compile C programs without issues in a new environment.
As a language, Java has the huge advantage of automatic garbage collection. That not only means that I do not have to destroy object at the end of functions, that is not really important. The big thing is that returning newly allocated objects to the caller is the natural way of doing things. This is an issue in C, because it must be agreed on who will destroy the returned object. Java also has a huge standard library, and - except web applications - there is an obvious candidate for everything.
Java has comprehensive runtime information about anything, so tools and frameworks can do almost anything runtime, including generating new code. And they do this nicely, they do not mess with the code unnecessary. There is a precise stack trace in each and every case. There is no pointer arithmetic, so there are no mysterious memory corruptions, ever.
Also, in contrast to the somewhat popular, moronic thinking, Java is very fast and very secure, it is compiled and recompiled several times dynamically runtime and there are no memory leaks. It usually requires more memory than a well-written C program, and its startup is slower, but that is rarely an issue on modern (i.e. not older than 10 years old) machine.
I bought three AMD servers without any issue in the last years. I buy motherboard and usually case + power supply from Supermicro. I could buy Opterons, ECC memory and data center SSD-s from quite a few shops. The AMD motherboard offers of Supermicro is easily understandable: I select processor generation, socket count, whether I want SAS, whether I want remote management chip on the motherboard and that is all, there is one motherboard which correspond to my conditions. I also do not have to consider which features I want from the processor, because (and in contrast to Intel), all AMD processors of the same generation contains the same features, even the cheapest one.
and then the ransomware encrypts the content of the $2000 NAS completely.
Offline backups are also necessary. Offline backups with history. Very long history.
this. One of the reasons I do not even check Intel processors for a new machine is that Intel randomly disable a feature here and there. On the other hand if something is present in an AMD processor generation, then it will be present both on their cheapest and most expensive cpu-s too.
Of course AMD desktops are cheaper. While AMD provides a better performance / price ratio than Intel, at this moment AMD does not compete in the high end category at all. If somebody wants a high end desktop (above 2000$) they must use Intel and pay the hefty price premium. Moreover, even if one wants a top AMD configuration now, he will instead wait 2 months and buy a Ryzen processor.
I have very positive experience with Java, "write once run anywhere" does work. We moved complex applications without any changes most of the time. In rare cases the required changes was few and obvious, like case sensitivity difference between Linux/Windows. This also applies to Java upgrades too, 99% of the time there were no issues. I do not have a similar good experience with any other language.
There is no such thing as online backup. By definition backup must not be online. Physical presence and offline media is required. http://www.taobackup.com/
I have several Raspberry PI and none of them failed yet. They are accidentally left on for months and come up without issues if a monitor is attached There is one which has been working for years attached to a monitor and network 24 hours a day, 7 days a week. It is running a browser, so it is not even a server with console only. I use them all in a case and I switch off swap on the continuously working one.
If you are panicking because of the additional possibility of cross site scripting then imagine what will happen when web sites starts to serve ads under their own domain name to avoid sneaky ad-blockers. Of course this would be unnecessary if ad blockers were not sneaky, that is they would send a HTTP header or at least a JavaSript DOM object indicating that ad blocking is ON. Therefore the site could decide what to do: reject the user, offer limited content, offer subscription or micropayment, nothing.
I also do not understand what are you doing on a website like Slashdot which is full with user generated content.
And by the way, I also do not understand how did you come to the great idea that I am completely unaware of cross site scripting.
The traffic doubles at the worst case because in addition to the user-server traffic there will be webserver - adserver too. Yes, this may mean that on the webserver side the traffic becomes more than twice larger compared to the previous level. But video ads are only a few seconds, and now it is 2016, we use very capable hardware and scalable software, the average web server of a small site is usually idle. The infrastructure companies will be quite happy though.
Advertisers need to make their adds useful to the people. Allow people to specify what they want to know about,
This is exactly what all ad companies try to do. And this is also exactly why many people hate them: this goes against privacy. In order to serve ads which are interesting to you they have to know what is interesting to you...
You can turn off the AdBlock's "trusted Ads" feature if you want to.
Most people will not do this. Otherwise the major ad firms wouldn't pay to AdBlock. The same for blocking the most effective ads: if only the least profitable ads will remain, than ad firms will not pay real money to AdBlock. But lets hope that some miracle happen and they invent the ad format which is profitable and unnoticeable at the same time.
I am a web application developer. In addition to that I maintain 50+ servers. Including web application servers, HTTP servers, proxies, DNS servers. May I suggest to you to not buy lottery?
No, you're wrong, they will never do that - it will cost them in server hardware and bandwidth to host all that advertising. It would create massive logistical issues with advertiser billing
At the worst case the bandwidth cost will be doubled. This will be a setback for everybody (including visitors), except infrastructure firms. But this will not stop the transition, I know very well the network traffic prices. I am sure Google and others will do everything to make the whole thing technically the easiest. The smallest sites wiill quit. Other small sites may need to move to a CDN or PaaS like service. It might be possible that they have to select a single ad company. This strong dependency will make them weak, large ad companies become even stronger.
not to mention new vectors for click fraud
If this will be the case, then again, this will be a problem for the small sites, which do not bring enough profit for the ad firms to justify the larger costs of auditing.
The whole ad-blocking movement is as counterproductive as it can be. I can consider it as a demonstration, but than again it would be worthwhile only if people were prepared to pay for content. But they are not. The best example is Flattr. Almost nobody use it, even though it is mostly targeted to technical people and it is a very easy and cheap way to support for example the open source products you use.
If you want to show me an ad on your site, then, fine, show me an ad on your site. But I'm not going somewhere else to fetch it.
I think it is an irrevelant technical difference if the ad is coming from a google server or from a - maybe google - server leased by the web page creator. Anyway, now that the percentage of ad blocking users exploded I am sure that within one year a few web hosts start to proxy ads. I am afraid you will be the only one who will be happy with this solution.
There's always other places to get the news, stories, etc.
I am afraid you are a bit too optimist. Most of the known web is ad supported. The only major site which is ad free is Wikipedia. But I do pay to Wikipedia every year. If you mean that you go to a subscription based alternative, than you are still too optimistic: in that case you and me are the only two people I know who intend to pay for an ad-free website. This will not be enough:)
Slashdot Mirror
Fingerprinting is useful for moderation and in the fightagainst trolls, cheaters etc. It is about identifying a computer, not about identifying a person. If they make moderation harder, then there will be less place to socialize on the web. Moreover, income from untargetted ads is only 1/3 - 1/10 of the income for targetted ads. The reduced income results in less service. People could easily pay to replace ad income, but microtransactions haven't taken off for 20 years. They cannot win either, at most they make the monopolies of the internet stronger. It seems the developer community around the web shoot itself in the foot.
But you have no 1 million people interacting with you. And by the way, from my experience, while 0.01 percent is a bit high, but only a bit. 0.001 or 0.0001 is a better estimate for serious threats.
Unfortunately not that simple. Almost all people choose an ad supported service over a paywalled. They tried microtransactions where you pay a really small amount, like 0.1 cents, but people don't want to pay at all, instead they prefer ads.
I agree with you, but unfortunately 99% of people choose ad supported service and then try to block ads instead of paying.
I do believe missing ECC support is an artifical restriction at Intel. AMD has ECC. One of the reasons I always buy AMD, that I can be sure that all processor features of that generation is enabled in even their cheapest processor. No surprises. Btw. modern processors include most/all of the functionality of the north bridge. Regarding performance, for the same cost AMD usually provides more performance, specifically similar single threaded performance and better multi-threaded performance.
"Wait until you find wire-sniffing apps inside your (expletives deleted) routers" Yes, I do quite frequently that, about once a week and we are a micro company. tcpdump is one of the most useful tool to debug firewall, vpn, application level networking issues of my users. Plain text protocols are a great help, and it is not coincidental, that most public protocol is plain text. They can be debugged, I can see what is happening on the wire. Usually even binary protocols contain enough ASCII text for debugging. Unnecessary (expletives deleted) HTTPS makes this impossible.
Uber drivers work with their own equipment, whenever, wherever they want, whichever long they want. Except some safety restrictions. If this is employment, then what is contract work?
My experience with Java portability is extremely good, during 15 years I guess i have less than 5 cases when I have to modify our own code for portability reasons. I mean binary compatibility, no recompilation is necessary. Upgrades were seamless too. However I know that others has worse experiences. Regarding C, I almost never have been able to compile C programs without issues in a new environment.
As a language, Java has the huge advantage of automatic garbage collection. That not only means that I do not have to destroy object at the end of functions, that is not really important. The big thing is that returning newly allocated objects to the caller is the natural way of doing things. This is an issue in C, because it must be agreed on who will destroy the returned object. Java also has a huge standard library, and - except web applications - there is an obvious candidate for everything.
Java has comprehensive runtime information about anything, so tools and frameworks can do almost anything runtime, including generating new code. And they do this nicely, they do not mess with the code unnecessary. There is a precise stack trace in each and every case. There is no pointer arithmetic, so there are no mysterious memory corruptions, ever.
Also, in contrast to the somewhat popular, moronic thinking, Java is very fast and very secure, it is compiled and recompiled several times dynamically runtime and there are no memory leaks. It usually requires more memory than a well-written C program, and its startup is slower, but that is rarely an issue on modern (i.e. not older than 10 years old) machine.
Overall I am much more productive with Java.
I bought three AMD servers without any issue in the last years. I buy motherboard and usually case + power supply from Supermicro. I could buy Opterons, ECC memory and data center SSD-s from quite a few shops. The AMD motherboard offers of Supermicro is easily understandable: I select processor generation, socket count, whether I want SAS, whether I want remote management chip on the motherboard and that is all, there is one motherboard which correspond to my conditions. I also do not have to consider which features I want from the processor, because (and in contrast to Intel), all AMD processors of the same generation contains the same features, even the cheapest one.
and then the ransomware encrypts the content of the $2000 NAS completely. Offline backups are also necessary. Offline backups with history. Very long history.
this. One of the reasons I do not even check Intel processors for a new machine is that Intel randomly disable a feature here and there. On the other hand if something is present in an AMD processor generation, then it will be present both on their cheapest and most expensive cpu-s too.
Of course AMD desktops are cheaper. While AMD provides a better performance / price ratio than Intel, at this moment AMD does not compete in the high end category at all. If somebody wants a high end desktop (above 2000$) they must use Intel and pay the hefty price premium. Moreover, even if one wants a top AMD configuration now, he will instead wait 2 months and buy a Ryzen processor.
I have very positive experience with Java, "write once run anywhere" does work. We moved complex applications without any changes most of the time. In rare cases the required changes was few and obvious, like case sensitivity difference between Linux/Windows. This also applies to Java upgrades too, 99% of the time there were no issues. I do not have a similar good experience with any other language.
You should check your facts.
There is no such thing as online backup. By definition backup must not be online. Physical presence and offline media is required. http://www.taobackup.com/
In addition "once in a while" does not seem to be very reassuring :) I have already paid a large sum for hard disk recovery service.
Since then I am a follower of the Tao of Backup/
I have several Raspberry PI and none of them failed yet. They are accidentally left on for months and come up without issues if a monitor is attached There is one which has been working for years attached to a monitor and network 24 hours a day, 7 days a week. It is running a browser, so it is not even a server with console only. I use them all in a case and I switch off swap on the continuously working one.
If you are panicking because of the additional possibility of cross site scripting then imagine what will happen when web sites starts to serve ads under their own domain name to avoid sneaky ad-blockers. Of course this would be unnecessary if ad blockers were not sneaky, that is they would send a HTTP header or at least a JavaSript DOM object indicating that ad blocking is ON. Therefore the site could decide what to do: reject the user, offer limited content, offer subscription or micropayment, nothing.
I also do not understand what are you doing on a website like Slashdot which is full with user generated content.
And by the way, I also do not understand how did you come to the great idea that I am completely unaware of cross site scripting.
The traffic doubles at the worst case because in addition to the user-server traffic there will be webserver - adserver too. Yes, this may mean that on the webserver side the traffic becomes more than twice larger compared to the previous level. But video ads are only a few seconds, and now it is 2016, we use very capable hardware and scalable software, the average web server of a small site is usually idle. The infrastructure companies will be quite happy though.
Advertisers need to make their adds useful to the people. Allow people to specify what they want to know about,
This is exactly what all ad companies try to do. And this is also exactly why many people hate them: this goes against privacy. In order to serve ads which are interesting to you they have to know what is interesting to you...
You can turn off the AdBlock's "trusted Ads" feature if you want to.
Most people will not do this. Otherwise the major ad firms wouldn't pay to AdBlock. The same for blocking the most effective ads: if only the least profitable ads will remain, than ad firms will not pay real money to AdBlock. But lets hope that some miracle happen and they invent the ad format which is profitable and unnoticeable at the same time.
Clearly you have no idea how the Web works
I am a web application developer. In addition to that I maintain 50+ servers. Including web application servers, HTTP servers, proxies, DNS servers. May I suggest to you to not buy lottery?
No, you're wrong, they will never do that - it will cost them in server hardware and bandwidth to host all that advertising. It would create massive logistical issues with advertiser billing
At the worst case the bandwidth cost will be doubled. This will be a setback for everybody (including visitors), except infrastructure firms. But this will not stop the transition, I know very well the network traffic prices. I am sure Google and others will do everything to make the whole thing technically the easiest. The smallest sites wiill quit. Other small sites may need to move to a CDN or PaaS like service. It might be possible that they have to select a single ad company. This strong dependency will make them weak, large ad companies become even stronger.
not to mention new vectors for click fraud
If this will be the case, then again, this will be a problem for the small sites, which do not bring enough profit for the ad firms to justify the larger costs of auditing.
The whole ad-blocking movement is as counterproductive as it can be. I can consider it as a demonstration, but than again it would be worthwhile only if people were prepared to pay for content. But they are not. The best example is Flattr. Almost nobody use it, even though it is mostly targeted to technical people and it is a very easy and cheap way to support for example the open source products you use.
If you want to show me an ad on your site, then, fine, show me an ad on your site. But I'm not going somewhere else to fetch it.
I think it is an irrevelant technical difference if the ad is coming from a google server or from a - maybe google - server leased by the web page creator. Anyway, now that the percentage of ad blocking users exploded I am sure that within one year a few web hosts start to proxy ads. I am afraid you will be the only one who will be happy with this solution.
There's always other places to get the news, stories, etc.
I am afraid you are a bit too optimist. Most of the known web is ad supported. The only major site which is ad free is Wikipedia. But I do pay to Wikipedia every year. If you mean that you go to a subscription based alternative, than you are still too optimistic: in that case you and me are the only two people I know who intend to pay for an ad-free website. This will not be enough :)
If I remember well, devices which removed ads automatically was proven illegal. PVRs which made it possible to fast forward on ads were not.