t'was only two years ago that I finally upgraded to XP from Windows 98SE - on my 2.8GHz P4 with 1GB of RAM, used to hack DOS C programs on that box, was working on an RSA factorizer, boy did that thing GO
No, you just need a browser that runs in a sandbox that saves NOTHING between runs of the exe. Someone in an earlier story on the evercookie suggested running in a VM, then destroying the VM and creating a new clone. All it would require the user to do is remember their passwords.
It's also worth pointing out that the force perspective shots (Bilbo's kitchen, the cart) were only visible for a fraction of a second, because the effect doesn't hold up if you look at it any longer. This is because of all the other depth cues (apart from DOF and stereo) that your brain stitches together to work out what's really going on.
Yeah over the past few years I've found it a lot more helpful for getting my bearings before visiting a place than the (nearly) straight down view, being able to see the sides of buildings AND in bing's case pan around really helps you figure out where things are and IMO its still clearer than streetview for that. You can move onto streetview to find specific shops and buildings but as an intermediate layer the oblique angle is really good
I don't know how old you are (i'm the wrong side of 30) but them kids nowadays tend to play music from their phone/mp3 player out loud when hanging out/walking down the street with friend, not via headphones (at least, here in the UK they do). Having a built in speaker rather than requiring clunky plug in ones would appeal to that demographic. (Though I wander if the MAFIAA and their kin consider this unlicensed public performance...)
Agreed, there comes a point when you have to turn the dial in your brain from "Nerd" to "John Woo"... Paycheck for example. The same is also true, topically, with Mission Impossible 2. If the dial in your brain is set to "Mission Impossible" and not "explosions and slow mo" then you're not going to enjoy it.
I'd go further and completely throw out the idea that an EXE inherits the permissions of the user running it. Each EXE should have its own set of permissions as if it were a user itself. Think how facebook or smartphone apps when initiated request permission to "look at your personal data" etc. Like that but simplified:
"Modify system files"
"Modify system configuration"
"Read personal files"
"Modify personal files"
"Talk to the LAN"
"Talk to the internet"
I'm fairly certain this can be gotten down to just a few options, less even than Facebooks current privacy settings screen and yes, no EXE ever launches another without a prompt and going through this (tied to hash of exe or somesuch) procedure on first run and having a simple way to adjust that can not be scripted
MOD PARENT UP Re: "just because they're public addresses doesn't mean they're publicly accessible".
Just to be clear, here is how your home network works at the moment, with port 80 forwarded to some server box in your house: http://cyclomedia.co.uk/blog/media/NAT.png
And here is the same situation without NAT but with firewall rules so that ONLY inbound port 80 is allowed to not one, but two boxes in the LAN, a server geekbox and a tv set top box with a web interface for recording and streaming. http://cyclomedia.co.uk/blog/media/IPv6.png
In both setups you'd still need authentication on your web servers to keep bad people out, but it's not like in IPv6 land anyone can ping the tablet or laptop, they have no ports exposed through the firewall
Steve Jobs' assumptions affect every customer. His definition of better had better fit your definition of better or you either don't get his product or live with what you feel is sub-par.
Emphasis mine. Why is it so hard for people to do the part I bolded? Is it because of his on-stage this-is-awesome speeches? I've never watched any personally.
NAT is a PITA, and like other posters said without NAT you can still have a firewall router between your LAN and the cable modem.
The difference is that you can route directly to any machine on your LAN (again, firewall rules permitting) from anywhere on the planet without any hacks. Ever tried to FTP to something through NAT? Try it. You have no idea how liberating it is not to have to fuck with NAT and dyndns until you don't have to do it anymore.
I once had the pleasure of working in a web dev + hosting company with a full x.y.z.0 to x.y.z.255. 253 addresses was plenty for us to play with and it meant that every machine in the building had an actual real global IP Address, even the print server. And the only time we were ever were hacked was a flaw in IIS, which was a public facing web server anyway. None of the XP machines (or the print server) saw any damage. We had a linux mail server and that got a lot of opportunistic telnet and ssh hits, but I had it locked down so no one but us could get in. Being a dev company it was really liberating to be able to build up a test machine, host a bunch of services on it, develop and test against it and when it came time to demo it to the clients - in THEIR office - all I had to do was bung in its IP address into their web browser, and there it was. (though with IP6 i guess I would have to have copy/pasted it, rather than just remembered it,:-)
In the UK i've been to two stations where the guy comes out and fills up for you, the last of the independent station holdouts I guess. It's great, tell em how much you want and go into the store to browse the chocolate selection. But I'm one of those people who's rarely in a hurry.
I'm an anti-capitalist liberal hippy but the fact remains that a Business - run for profit - is not a charity set up to give people jobs. If the robot can do the job adequately well enough, and won't ever go on strike, take cigarette breaks or go postal on the customers whilst remaining cheaper to run than the wage bill then the Robot is going to get the job.
Personally I'm waiting for the day when all barcodes are replaced by RFID chips and I can just pick something up and walk out the door
Twitter parses links in text using a regular expression that basically looks for "http:" and reads until it hits white space, it then stuffs an <a href="{0}">{0}</a> around it. As the quote character is "not white space" the attack is your basic injection, stick in your own closing quote like this http;//foo"onmouseover="alert('bar');. The opening A tag then ends up looking like this: <a href="http;//foo"onmouseover="alert('bar');"> (I used a semicolon after the HTTP so that slashdot's own auto-link regexp wouldnt pick it up!)
One fix is to change the regexp to stop reading when it hits a whitspace OR a quote mark
Seconded, If you try to follow a lot of people on twitter (in an effort to conform to some social rules and not shun people who you like) then it will become useless except as your own broadcast tool. The trick is to follow enough people who tweet at a rate such that the amount of new stuff to read at the frequency you check twitter isn't under, or over-whelming.
There, I made it a maths problem and as such will make slashdotters interested in it.
The good thing about twitter is that you can use it to update the world about your projects (or anything else you find interesting) and only people who are interested in what you want to say will be listening, and I think this last point is what a lot of people don't get. You are not pretentiously standing on a soapbox shouting about your life believing that the world really aught to pay attention to you (though one suspects some people are) you are only thinking out loud, and follow/unfollow allows everybody to selectively filter in a way that they wouldnt be able to do in a real life crowded place full of soapboxers.
Alternatively as they're happy to expand the tweet metadata to include Location, Date, Time, Platform and Color-Of-Socks why not add an extra field to contain an optional Link. The link would not be printed onscreen, instead there would just be a Link icon if the tweet contained a link and the 140 characters would then still be free to describe what the link is linking to
Slashdot Mirror
t'was only two years ago that I finally upgraded to XP from Windows 98SE - on my 2.8GHz P4 with 1GB of RAM, used to hack DOS C programs on that box, was working on an RSA factorizer, boy did that thing GO
How exactly will they be able to detect where the tightly focussed uplink signal is originating from?
If it's a choice between slow and unreliable vs the government knowing who you are and where you live i will take the former
No, you just need a browser that runs in a sandbox that saves NOTHING between runs of the exe. Someone in an earlier story on the evercookie suggested running in a VM, then destroying the VM and creating a new clone. All it would require the user to do is remember their passwords.
"counterfeiting, radio, artists not delivering on time"
How about the fact that the product is so crap no one's willing to pay for it?
It's also worth pointing out that the force perspective shots (Bilbo's kitchen, the cart) were only visible for a fraction of a second, because the effect doesn't hold up if you look at it any longer. This is because of all the other depth cues (apart from DOF and stereo) that your brain stitches together to work out what's really going on.
Yeah over the past few years I've found it a lot more helpful for getting my bearings before visiting a place than the (nearly) straight down view, being able to see the sides of buildings AND in bing's case pan around really helps you figure out where things are and IMO its still clearer than streetview for that. You can move onto streetview to find specific shops and buildings but as an intermediate layer the oblique angle is really good
I don't know how old you are (i'm the wrong side of 30) but them kids nowadays tend to play music from their phone/mp3 player out loud when hanging out/walking down the street with friend, not via headphones (at least, here in the UK they do). Having a built in speaker rather than requiring clunky plug in ones would appeal to that demographic. (Though I wander if the MAFIAA and their kin consider this unlicensed public performance...)
The only winning move is not to play
Agreed, there comes a point when you have to turn the dial in your brain from "Nerd" to "John Woo"... Paycheck for example. The same is also true, topically, with Mission Impossible 2. If the dial in your brain is set to "Mission Impossible" and not "explosions and slow mo" then you're not going to enjoy it.
I'd go further and completely throw out the idea that an EXE inherits the permissions of the user running it. Each EXE should have its own set of permissions as if it were a user itself. Think how facebook or smartphone apps when initiated request permission to "look at your personal data" etc. Like that but simplified:
"Modify system files"
"Modify system configuration"
"Read personal files"
"Modify personal files"
"Talk to the LAN"
"Talk to the internet"
I'm fairly certain this can be gotten down to just a few options, less even than Facebooks current privacy settings screen and yes, no EXE ever launches another without a prompt and going through this (tied to hash of exe or somesuch) procedure on first run and having a simple way to adjust that can not be scripted
oh and pertinently, i couldn't get FTP working properly because of the IPv4 NAT.
Yep i have SSH,HTTPS and IMAP open on my Virgin Media connection, all being pointed at via dyndns and have done for around 2 years.
MOD PARENT UP Re: "just because they're public addresses doesn't mean they're publicly accessible".
Just to be clear, here is how your home network works at the moment, with port 80 forwarded to some server box in your house:
http://cyclomedia.co.uk/blog/media/NAT.png
And here is the same situation without NAT but with firewall rules so that ONLY inbound port 80 is allowed to not one, but two boxes in the LAN, a server geekbox and a tv set top box with a web interface for recording and streaming.
http://cyclomedia.co.uk/blog/media/IPv6.png
In both setups you'd still need authentication on your web servers to keep bad people out, but it's not like in IPv6 land anyone can ping the tablet or laptop, they have no ports exposed through the firewall
Virgin Media have no such clause, best citation i can find is here:
http://community.virginmedia.com/t5/Gaming/why-has-virgin-blocked-PORT-80/m-p/8805
"We don't block ports other than the NetBIOS ports ... for security"
Obviously that's a technical post, not a legal one, but it was only a quick google
LeFleurOffice - replete with 70's beards and hair
Steve Jobs' assumptions affect every customer. His definition of better had better fit your definition of better or you either don't get his product or live with what you feel is sub-par.
Emphasis mine. Why is it so hard for people to do the part I bolded? Is it because of his on-stage this-is-awesome speeches? I've never watched any personally.
I don't get it though, surely if you have PING disabled (amongst other things, obviously) no one can tell how many machines you have?
Also if you still have a proper firewall you'd only let traffic in to the IPs + Ports you wanted to expose anyway?
What am I missing here?
NAT is a PITA, and like other posters said without NAT you can still have a firewall router between your LAN and the cable modem.
The difference is that you can route directly to any machine on your LAN (again, firewall rules permitting) from anywhere on the planet without any hacks. Ever tried to FTP to something through NAT? Try it. You have no idea how liberating it is not to have to fuck with NAT and dyndns until you don't have to do it anymore.
I once had the pleasure of working in a web dev + hosting company with a full x.y.z.0 to x.y.z.255. 253 addresses was plenty for us to play with and it meant that every machine in the building had an actual real global IP Address, even the print server. And the only time we were ever were hacked was a flaw in IIS, which was a public facing web server anyway. None of the XP machines (or the print server) saw any damage. We had a linux mail server and that got a lot of opportunistic telnet and ssh hits, but I had it locked down so no one but us could get in. Being a dev company it was really liberating to be able to build up a test machine, host a bunch of services on it, develop and test against it and when it came time to demo it to the clients - in THEIR office - all I had to do was bung in its IP address into their web browser, and there it was. (though with IP6 i guess I would have to have copy/pasted it, rather than just remembered it, :-)
I'd have thunk by now it was all software controlled and the system would know that "booop" and "click click click" both equate to "3".
In the UK i've been to two stations where the guy comes out and fills up for you, the last of the independent station holdouts I guess. It's great, tell em how much you want and go into the store to browse the chocolate selection. But I'm one of those people who's rarely in a hurry.
I'm an anti-capitalist liberal hippy but the fact remains that a Business - run for profit - is not a charity set up to give people jobs. If the robot can do the job adequately well enough, and won't ever go on strike, take cigarette breaks or go postal on the customers whilst remaining cheaper to run than the wage bill then the Robot is going to get the job.
Personally I'm waiting for the day when all barcodes are replaced by RFID chips and I can just pick something up and walk out the door
Twitter parses links in text using a regular expression that basically looks for "http:" and reads until it hits white space, it then stuffs an <a href="{0}">{0}</a> around it. As the quote character is "not white space" the attack is your basic injection, stick in your own closing quote like this http;//foo"onmouseover="alert('bar');. The opening A tag then ends up looking like this: <a href="http;//foo"onmouseover="alert('bar');"> (I used a semicolon after the HTTP so that slashdot's own auto-link regexp wouldnt pick it up!)
One fix is to change the regexp to stop reading when it hits a whitspace OR a quote mark
Seconded, If you try to follow a lot of people on twitter (in an effort to conform to some social rules and not shun people who you like) then it will become useless except as your own broadcast tool. The trick is to follow enough people who tweet at a rate such that the amount of new stuff to read at the frequency you check twitter isn't under, or over-whelming.
There, I made it a maths problem and as such will make slashdotters interested in it.
The good thing about twitter is that you can use it to update the world about your projects (or anything else you find interesting) and only people who are interested in what you want to say will be listening, and I think this last point is what a lot of people don't get. You are not pretentiously standing on a soapbox shouting about your life believing that the world really aught to pay attention to you (though one suspects some people are) you are only thinking out loud, and follow/unfollow allows everybody to selectively filter in a way that they wouldnt be able to do in a real life crowded place full of soapboxers.
Alternatively as they're happy to expand the tweet metadata to include Location, Date, Time, Platform and Color-Of-Socks why not add an extra field to contain an optional Link. The link would not be printed onscreen, instead there would just be a Link icon if the tweet contained a link and the 140 characters would then still be free to describe what the link is linking to