That was an amusing way to start an episode. Love Worf's reaction at the thought of "surrendering" to them.
The notion of navigational shields (presumably to protect against small particles and debris) always seemed pretty logical to me. At the speeds they travel, a small pebble would be pretty devastating even to fairly advanced materials.
Inlining is still a valuable optimization technique for when the overhead of a function call exceeds the execution cost of the function body, but obviously this has to be weighed against cache size considerations. This is not something videogame developers are unaware of. For the past several decades, the general rule of thumb is to avoid excessive inlining, because it works directly against cache coherency.
Generally speaking, when writing C++ code, you have some control of this via how code is organized, along with the inline keyword which acts as a compiler hint. Further hints are made to the MSVC compiler as to whether to optimize for speed or size, which is essentially a tradeoff of more or less aggressive inlining, etc.
But here's the thing... I don't understand how you think this has anything to do with Microsoft consoles in particular, or how it makes programs for them "awful". Every platform pretty much works the same way, and has the same essential trade-offs. You make these outlandish claims about how MS is two decades behind the times in this regard, but offer no evidence at all. What's more, the fact that many games are successfully developed on all Microsoft consoles over the years seems to demonstrate that it's not any sort of insurmountable problem in reality.
I've worked on original Xbox and Xbox 360 games, and I can't figure out what you're talking about. Microsoft's consoles are nothing like those in the 8 or 16-bit days, when game code interacted directly with the console hardware, programming "to the metal", as it were.
Rather, modern console development is actually pretty similar to programming on Windows (which shouldn't be surprising) where you write your code in C++, call DirectX and system API calls, and mostly rely on the compiler for low-level optimizations, while code architecture plays more of a part in high-level optimization. There are low-level intrinsics which you can use, but these are typically used quite sparingly in very performance-sensitive code, such as in your vector or matrix class operations, or for lockless thread-safe containers, etc.
Bullshit. The ISS costs *nothing* to keep up since it is positioned at exactly the point where Earth's gravity equals the moon's gravity, so it just hangs there. The only reason it's being decommissioned is so that they can launch another one that was designed by women and people of color.
No, it's in low earth orbit. You're thinking of a Lagrange point, which is much further out. There's actually atmospheric drag on the ISS such that, without periodic corrections, will drag it down out of orbit. That's true of ANY low earth orbit satellite, of course.
At it's current altitude, the ISS orbit decays about 100m per day. And the lower it dips into the upper atmosphere, the faster the rate of decay becomes. Without correctional boosts, the ISS would probably fall from they sky relatively quickly. I've seen estimations of approximately six months or so.
Actually, you couldn't really find a decent house under $200K fifteen years ago, let alone now. My house cost just under $250K back then, and today it's worth a bit under $450K. I live in the Eastside, not in the city itself, so maybe we've seen less of a real-estate boom than in the city. After all, there's more space out here for growth.
I agree that Seattle is becoming an expensive place to live. But honestly, it's been that way for the past several decades since I've been here. I think Amazon just makes a nice target for people's ire.
Oh, and believe me, I know what the bills for blue-collar service work goes for. It's insanely expensive, but I don't bitch about it, because I know what it costs to live in this area. Fair is fair, right?
An accident? First, this occured just before the big once-every-five-years meeting of the Chinese communist party. Second, this happened to ALL his social media accounts at once: YouTube, Facebook, and Twitter. Third, Interpol, with a Chinese national at its head, recently released an international warrant for his arrest on corruption charges.
Exactly how many "accidents" have to occur simultaneously before you can see a bigger picture developing here? The guy was a bigwig in China, so I'm not claiming he's clean either (almost certainty NOT, in fact), but this is clearly a propaganda-driven hit job, because he's exposing all their dirty laundry to the world.
It doesn't matter. Getting in bed with the Chinese apparently means they now have a significant influence within your company.
Say, just as a completely hypothetical example, the Chinese government doesn't want a political dissenter living in New York to be able to broadcast videos critical of the Chinese government. Why, just drum up some evidence of harassment, and you get your YouTube and Facebook accounts blocked, just like that. Maybe you even pressure the Chinese security officer who is currently the head of Interpol to file some charges against him. And, naturally, it's completely coincidental that this happened during the once-every-five-years meeting of the Chinese communist party.
But like I said, that's just a hypothetical example. I'm probably over-thinking this, right?
Joking aside, I thought people might like to know the actual numbers and result:
We responsibly disclosed the vulnerability that we discovered along with a reliable RCE exploit to Google on September 14, 2017. The vulnerability was assigned CVE-2017-5121, and the report was awarded a $7,500 bug bounty by Google. Along with other bugs our team reported but didn’t exploit, the total bounty amount we were awarded was $15,837. Google matched this amount and donated $30,000 to Denise Louie Education Center, our chosen organization in Seattle. The bug tracker item for the vulnerability described in this article is still private at time of writing.
It appears these companies don't pay each other directly, but donate to company-chosen charities. And in Google's case, it looks like it matched those donations, in effect paying double. So, I guess good on both of them for that.
Agreed. In addition, I'd definitely recommend reading the original Microsoft blog post. It's actually not nearly so flame-bait-ish as the breathless headlines and summary imply. It's a fascinating piece of technical detective work, and I think that, while they obviously use this as good propaganda to promote their own technology, the issues they presented seem fair to me.
They also gave Google kudos where that was deserved, but that doesn't make for very good headlines. For instance:
This kind of attack drives our commitment to keep on making our products secure on all fronts. With Microsoft Edge, we continue to both improve the isolation technology and to make arbitrary code execution difficult to achieve in the first place. For their part, Google is working on a site isolation feature which, once complete, should make Chrome more resilient to this kind of RCE attack by guaranteeing that any given renderer process can only ever interact with a single origin. A highly experimental version of this site isolation feature can be enabled by users through the chrome://flags interface.
And consider this:
Servicing security fixes is an important part of the process and, to Google’s credit, their turnaround was impressive: the bug fix was committed just four days after the initial report, and the fixed build was released three days after that. However, it’s important to note that the source code for the fix was made available publicly on Github before being pushed to customers. Although the fix for this issue does not immediately give away the underlying vulnerability, other cases can be less subtle.
Note that they don't actually blame open source. That would be foolish, as they're embracing it more and more themselves.
Some Microsoft Edge components, such as Chakra, are also open source. Because we believe that it’s important to ship fixes to customers before making them public knowledge, we only update the Chakra git repository after the patch has shipped.
*facepalm* I'm not disagreeing with your premise, but it's completely irrelevant to this story. No one is arguing that the Chinese government doesn't have sovereignty within China's borders.
You do at least know Guo Wengui is the "popular Chinese dissident" being discussed, right? This would be a non-story if China suppressed a Chinese dissident inside China - because that's what they do. It IS a story because the Chinese government seems to be somehow exerting influence on US-based tech companies to silence a Chinese ex-patriot living in New York. Read the article and you can clearly see it's a concerted and coordinated effort.
By extension, this means that the Chinese government has enough influence over these corporations to silence *any* viewpoint, regardless where in the world it originates from.
Yeesh, if you still don't get it, then it's on you, not me.
Arguably much better. Walmart pays bottom rung wages, while Amazon jobs tech pay really well. In my own field of videogame development, they've sucked up a huge amount of local talent with their new game studio, largely by paying better wages. This ends up driving UP wages elsewhere as well, if companies want to keep their best talent. Boosted wages means local families have more to spend, and that's a boon for the local economies and tax revenue, which relies on sales taxes.
You can look at other parallel situations in the area. Microsoft was a *massive* economic boon to the small city of Redmond. That arguably had a much more significant effect on a much smaller economy, and it's done quite well. Redmond has a lot of really nice local shops, boutiques, and public places in the area. Yes, housing prices tend to rise, but that's a single negative amongst a huge number of positive effects.
Bitching about prosperity. Talk about first-world problems.
Rich tech companies aren't new to the Seattle area (hint: Microsoft is just across Lake Washington in Redmond). It's just new to the city of Seattle proper. Far better to deal with the issues that come from a sudden boom than the opposite. Look at a city in decline to see how it *could* be.
Dramatic change always shakes some people up, even if it's generally positive change. Yes, there are some growing pains, but I think Amazon is going to be a huge long-term net positive for the city.
without introducing complexity people can't understand and won't use
Totally agree, but given that you pretty much need to use a password manager to safely use passwords online these days, I'm not sure how much worse a SQRL client could be. I can't vouch for ease of use, though, as I haven't actually tried the client myself yet - only heard it described in some detail.
where anyone can log in if they have your device
This is incorrect. The client is designed to always require a subset of your password, like a PIN, every time you authorize. More to the point, I certainly hope by now that most people have locking phones with reasonably good security.
and nobody can log in from a different device.
Also incorrect. Even if a thief steals your device and somehow gains access (let's assume you used a client that didn't log in, and didn't lock your device for some bizarre reason), you still have a master override code that the client prints out for you when setting up your device, with the idea being to store it in a save place (document safe, safety deposit box, etc). Using this code, you can lock out the old authentication by creating a new secret authentication key. The old authentication will be deprecated, as part of the protocol specs. Note that this isn't possible to do just with the original stolen credentials.
After reading the article, it's not just Google, but Facebook that's shutting him down as well. He claims he was never even contacted about this. Christ, how much influence over these tech giants does the Chinese government have? Obviously, this sort of subservience is the price you pay for access to the Chinese market.
Where the hell are the social liberals running these companies when they blindly obey orders from the Chinese government? Fucking hypocrites, all of them.
Using a Chinese security official who currently heads the international police organization Interpol, China succeeded in issuing an Interpol "red notice," or an international arrest warrant for alleged corruption.
Ah, wonderful. The head of Interpol is a Chinese security officer? I didn't know that. I sort of wish I hadn't learned that. What the hell...
Maybe so, but given that we haven't even seen SQRL out of the gate with an official client release, I think it's a big too early to tell. There's a lot of inertia behind password-based logins, so I'd say the odds are long against it, even if it has some good technical merits.
FWIW, you made two completely factually-incorrect statements about SQRL in your first post. You seem a bit dismissive of the project in general, so no offense, but I'm not going to waste my time explaining further.
Even though I use it myself, I consider LastPass to be a band-aid for a system that's broken by design.
SQRL is an attempt to solve the lunacy of requiring complex, unique passwords required for every different website you visit. We've seen time and time again that people are terrible about managing passwords. SQRL uses a secure authentication mechanism that improves on username/password in several key ways. The most important feature, IMO, is that the website only requires the use of public information to authenticate you (a public key + website URL). This means that your credentials can't be stolen by a breach of the website.
As to the backup key, yes, you have to carefully protect it (designed as a QR code that can be printed out and stored offline), but who doesn't have access to a safety deposit box or document safe? And the code only needs to be used in case of a compromise of some sort. These days, storing a key electronically, especially on an internet-connected computer, is *vastly* more risky than even storing a piece of paper in your desk. The world's threat models have changed.
I think both BSD and GPL style licenses have their place in the world. A BSD-style license is useful for those who wish their code to be used as broadly as possible, whether by commercial or open source. A GPL license is appropriate for those who are first and foremost advocates of open source, and want maximum protection to ensure their code is only used in open source products.
This simply reflects a different intent or priorities of the authors. You hear slogans like "GPL is about user freedom", which is just shorthand for open source advocates believing that, with some good reason, that open source products are more consumer-friendly than close source. Yet the flipside to that is the simple truth that many software products that people find valuable seem to flourish as commercial products.
For my own open source libraries, I release them under the MIT license. I appreciate it's "do what you want with it" simplicity, since my goal is not open source advocacy, but simply to make a library that anyone might find useful. But I also appreciate the fact that not everyone has the same priorities as I do. I'm not sure the open source movement would be where it's at today without the hard-core advocates who insist on using the GPL.
Mac Minis fill an important niche role. They're great when you need a secondary Mac computer at low costs for various task. At a recent job, we installed a Mac Mini as a signing server. Anything more powerful would have been a complete waste of a computer. Pros were used for the primary build servers, but I felt bad for the IT people trying to rack-mount those cylindrical monstrosities.
In my own case, if the Mac Mini did not exist, it's questionable whether or not I'd have created a Mac port for my game. For $800, I was able to purchase an inexpensive Mac and hook it up to my system with a KVM switch. I also have a similarly specced Linux dev box hooked up this way as well. This allows me to quickly switch between the three three major desktop OS dev environments. So, now, my game will be released on Windows, Mac, and Linux from day one.
Unless Apple allows third-party macOS machines to be built, it has to remain somewhat attuned to the needs of power-users and developers, who occasionally need niche products like the Mini and Pro. With these niches fulfilled, these users may turn elsewhere, and possibly have a proportionally significant impact on the rest of the ecosystem. Keep in mind that iPhone developers still need a Mac desktop machine to build apps.
That article points out a lot of the problem is with lax environmental regulations in China. You don't say... Chinese factories taking a dump on mother earth to turn a greater profit? Color me shocked. We went through the same sort of idiocy, and passed stricter laws to prevent that sort of thing in the US and in most first-world countries. If "green" products are actually important to us, we'll eventually demand reasonably high standards from anyone we buy from, probably enforced by trade laws.
Everything we do at an industrial scale will have some environmental cost. There's no getting around that. Windmills or solar collectors slaughter birds. Dams block fishing runs and disrupt natural aquatic environments. Nuclear is potentially dangerous and produces toxic by-products. But I think it's important not to let perfect be the enemy of good.
It's fine not to delude yourself into thinking that electric cars are some panacea, but it's foolish to argue against them when the status quo is oil-based fuels, which we can clearly see the horrible results ourselves in the smog it creates over our cities.
It's still far better to rely on electricity for small-scale transportation wherever we can. Some areas have green power. In my state, for instance, most of our power is generated from hydro. For other areas, we're transitioning over time to cleaner energy generation, so we'll see bigger improvements as more of our power is generated pollution-free.
I'd also argue that even if power is generated from dirtier sources like coal, I think it's arguably better to have fewer of those dirty sources to deal with, rather than spewing toxic gasses from a million smaller engines right in the middle of where everyone lives and works every day.
I'm fully supportive of games that make their money on microtransactions of cosmetic gear as a way to monetize online games. People seem to love paying for that sort of thing, and it has zero impact on gameplay. Overwatch works that way, from what I hear. Guild Wars 2 core game is completely free, and pays for itself with entirely cosmetic microtransactions.
But anything that affects gameplay? Fuck that. I refuse. And now some developers are tinkering with adding paid power boosts to single-player games. Double fuck that. It will be a cold day in hell before I buy a copy of Shadow of War, even though it's said to be a good game. I'm simply not going to support that sort of double-dipping.
EA seems to be getting out of the business of producing high quality single-player, linear, story-based games altogether, preferring games with which they can milk their customers indefinitely. I wonder if they realize that there's a segment of the gaming population that doesn't care about online competitive play, and enjoys immersive, one-time experiences like Uncharted or Star Wars: Knights of the Old Republic. Well, no matter, it makes me feel better if I'm not tempted to send any money towards EA or Activision.
Activision, of course, has been at maximum evil for quite some time. I'd pretty much expect a dick move like this from them. I'm always astounded how an industry that makes products designed for play and enjoyment can engender such loathing from consumers. It really takes a special talent to do that.
Slashdot Mirror
"Captain, they are now locking lasers on us."
That was an amusing way to start an episode. Love Worf's reaction at the thought of "surrendering" to them.
The notion of navigational shields (presumably to protect against small particles and debris) always seemed pretty logical to me. At the speeds they travel, a small pebble would be pretty devastating even to fairly advanced materials.
Inlining is still a valuable optimization technique for when the overhead of a function call exceeds the execution cost of the function body, but obviously this has to be weighed against cache size considerations. This is not something videogame developers are unaware of. For the past several decades, the general rule of thumb is to avoid excessive inlining, because it works directly against cache coherency.
Generally speaking, when writing C++ code, you have some control of this via how code is organized, along with the inline keyword which acts as a compiler hint. Further hints are made to the MSVC compiler as to whether to optimize for speed or size, which is essentially a tradeoff of more or less aggressive inlining, etc.
But here's the thing... I don't understand how you think this has anything to do with Microsoft consoles in particular, or how it makes programs for them "awful". Every platform pretty much works the same way, and has the same essential trade-offs. You make these outlandish claims about how MS is two decades behind the times in this regard, but offer no evidence at all. What's more, the fact that many games are successfully developed on all Microsoft consoles over the years seems to demonstrate that it's not any sort of insurmountable problem in reality.
I've worked on original Xbox and Xbox 360 games, and I can't figure out what you're talking about. Microsoft's consoles are nothing like those in the 8 or 16-bit days, when game code interacted directly with the console hardware, programming "to the metal", as it were.
Rather, modern console development is actually pretty similar to programming on Windows (which shouldn't be surprising) where you write your code in C++, call DirectX and system API calls, and mostly rely on the compiler for low-level optimizations, while code architecture plays more of a part in high-level optimization. There are low-level intrinsics which you can use, but these are typically used quite sparingly in very performance-sensitive code, such as in your vector or matrix class operations, or for lockless thread-safe containers, etc.
Also, only one Matrix film.
I never underestimate the depths of someone's ignorance. And oddly enough, it's often in direct proportion to the zeal with which they show it off.
Bullshit. The ISS costs *nothing* to keep up since it is positioned at exactly the point where Earth's gravity equals the moon's gravity, so it just hangs there. The only reason it's being decommissioned is so that they can launch another one that was designed by women and people of color.
No, it's in low earth orbit. You're thinking of a Lagrange point, which is much further out. There's actually atmospheric drag on the ISS such that, without periodic corrections, will drag it down out of orbit. That's true of ANY low earth orbit satellite, of course.
At it's current altitude, the ISS orbit decays about 100m per day. And the lower it dips into the upper atmosphere, the faster the rate of decay becomes. Without correctional boosts, the ISS would probably fall from they sky relatively quickly. I've seen estimations of approximately six months or so.
Actually, you couldn't really find a decent house under $200K fifteen years ago, let alone now. My house cost just under $250K back then, and today it's worth a bit under $450K. I live in the Eastside, not in the city itself, so maybe we've seen less of a real-estate boom than in the city. After all, there's more space out here for growth.
I agree that Seattle is becoming an expensive place to live. But honestly, it's been that way for the past several decades since I've been here. I think Amazon just makes a nice target for people's ire.
Oh, and believe me, I know what the bills for blue-collar service work goes for. It's insanely expensive, but I don't bitch about it, because I know what it costs to live in this area. Fair is fair, right?
An accident? First, this occured just before the big once-every-five-years meeting of the Chinese communist party. Second, this happened to ALL his social media accounts at once: YouTube, Facebook, and Twitter. Third, Interpol, with a Chinese national at its head, recently released an international warrant for his arrest on corruption charges.
Exactly how many "accidents" have to occur simultaneously before you can see a bigger picture developing here? The guy was a bigwig in China, so I'm not claiming he's clean either (almost certainty NOT, in fact), but this is clearly a propaganda-driven hit job, because he's exposing all their dirty laundry to the world.
It doesn't matter. Getting in bed with the Chinese apparently means they now have a significant influence within your company.
Say, just as a completely hypothetical example, the Chinese government doesn't want a political dissenter living in New York to be able to broadcast videos critical of the Chinese government. Why, just drum up some evidence of harassment, and you get your YouTube and Facebook accounts blocked, just like that. Maybe you even pressure the Chinese security officer who is currently the head of Interpol to file some charges against him. And, naturally, it's completely coincidental that this happened during the once-every-five-years meeting of the Chinese communist party.
But like I said, that's just a hypothetical example. I'm probably over-thinking this, right?
Joking aside, I thought people might like to know the actual numbers and result:
We responsibly disclosed the vulnerability that we discovered along with a reliable RCE exploit to Google on September 14, 2017. The vulnerability was assigned CVE-2017-5121, and the report was awarded a $7,500 bug bounty by Google. Along with other bugs our team reported but didn’t exploit, the total bounty amount we were awarded was $15,837. Google matched this amount and donated $30,000 to Denise Louie Education Center, our chosen organization in Seattle. The bug tracker item for the vulnerability described in this article is still private at time of writing.
It appears these companies don't pay each other directly, but donate to company-chosen charities. And in Google's case, it looks like it matched those donations, in effect paying double. So, I guess good on both of them for that.
Agreed. In addition, I'd definitely recommend reading the original Microsoft blog post. It's actually not nearly so flame-bait-ish as the breathless headlines and summary imply. It's a fascinating piece of technical detective work, and I think that, while they obviously use this as good propaganda to promote their own technology, the issues they presented seem fair to me.
They also gave Google kudos where that was deserved, but that doesn't make for very good headlines. For instance:
This kind of attack drives our commitment to keep on making our products secure on all fronts. With Microsoft Edge, we continue to both improve the isolation technology and to make arbitrary code execution difficult to achieve in the first place. For their part, Google is working on a site isolation feature which, once complete, should make Chrome more resilient to this kind of RCE attack by guaranteeing that any given renderer process can only ever interact with a single origin. A highly experimental version of this site isolation feature can be enabled by users through the chrome://flags interface.
And consider this:
Servicing security fixes is an important part of the process and, to Google’s credit, their turnaround was impressive: the bug fix was committed just four days after the initial report, and the fixed build was released three days after that. However, it’s important to note that the source code for the fix was made available publicly on Github before being pushed to customers. Although the fix for this issue does not immediately give away the underlying vulnerability, other cases can be less subtle.
Note that they don't actually blame open source. That would be foolish, as they're embracing it more and more themselves.
Some Microsoft Edge components, such as Chakra, are also open source. Because we believe that it’s important to ship fixes to customers before making them public knowledge, we only update the Chakra git repository after the patch has shipped.
I'll totally admit I was wrong if it turns out that the Chinese government were the good guys all along.
*facepalm* I'm not disagreeing with your premise, but it's completely irrelevant to this story. No one is arguing that the Chinese government doesn't have sovereignty within China's borders.
You do at least know Guo Wengui is the "popular Chinese dissident" being discussed, right? This would be a non-story if China suppressed a Chinese dissident inside China - because that's what they do. It IS a story because the Chinese government seems to be somehow exerting influence on US-based tech companies to silence a Chinese ex-patriot living in New York. Read the article and you can clearly see it's a concerted and coordinated effort.
By extension, this means that the Chinese government has enough influence over these corporations to silence *any* viewpoint, regardless where in the world it originates from.
Yeesh, if you still don't get it, then it's on you, not me.
You're aware that Guo Wengui lives in New York, not China, right?
Arguably much better. Walmart pays bottom rung wages, while Amazon jobs tech pay really well. In my own field of videogame development, they've sucked up a huge amount of local talent with their new game studio, largely by paying better wages. This ends up driving UP wages elsewhere as well, if companies want to keep their best talent. Boosted wages means local families have more to spend, and that's a boon for the local economies and tax revenue, which relies on sales taxes.
You can look at other parallel situations in the area. Microsoft was a *massive* economic boon to the small city of Redmond. That arguably had a much more significant effect on a much smaller economy, and it's done quite well. Redmond has a lot of really nice local shops, boutiques, and public places in the area. Yes, housing prices tend to rise, but that's a single negative amongst a huge number of positive effects.
Bitching about prosperity. Talk about first-world problems.
Rich tech companies aren't new to the Seattle area (hint: Microsoft is just across Lake Washington in Redmond). It's just new to the city of Seattle proper. Far better to deal with the issues that come from a sudden boom than the opposite. Look at a city in decline to see how it *could* be.
Dramatic change always shakes some people up, even if it's generally positive change. Yes, there are some growing pains, but I think Amazon is going to be a huge long-term net positive for the city.
without introducing complexity people can't understand and won't use
Totally agree, but given that you pretty much need to use a password manager to safely use passwords online these days, I'm not sure how much worse a SQRL client could be. I can't vouch for ease of use, though, as I haven't actually tried the client myself yet - only heard it described in some detail.
where anyone can log in if they have your device
This is incorrect. The client is designed to always require a subset of your password, like a PIN, every time you authorize. More to the point, I certainly hope by now that most people have locking phones with reasonably good security.
and nobody can log in from a different device.
Also incorrect. Even if a thief steals your device and somehow gains access (let's assume you used a client that didn't log in, and didn't lock your device for some bizarre reason), you still have a master override code that the client prints out for you when setting up your device, with the idea being to store it in a save place (document safe, safety deposit box, etc). Using this code, you can lock out the old authentication by creating a new secret authentication key. The old authentication will be deprecated, as part of the protocol specs. Note that this isn't possible to do just with the original stolen credentials.
After reading the article, it's not just Google, but Facebook that's shutting him down as well. He claims he was never even contacted about this. Christ, how much influence over these tech giants does the Chinese government have? Obviously, this sort of subservience is the price you pay for access to the Chinese market.
Where the hell are the social liberals running these companies when they blindly obey orders from the Chinese government? Fucking hypocrites, all of them.
Using a Chinese security official who currently heads the international police organization Interpol, China succeeded in issuing an Interpol "red notice," or an international arrest warrant for alleged corruption.
Ah, wonderful. The head of Interpol is a Chinese security officer? I didn't know that. I sort of wish I hadn't learned that. What the hell...
Maybe so, but given that we haven't even seen SQRL out of the gate with an official client release, I think it's a big too early to tell. There's a lot of inertia behind password-based logins, so I'd say the odds are long against it, even if it has some good technical merits.
FWIW, you made two completely factually-incorrect statements about SQRL in your first post. You seem a bit dismissive of the project in general, so no offense, but I'm not going to waste my time explaining further.
Even though I use it myself, I consider LastPass to be a band-aid for a system that's broken by design.
SQRL is an attempt to solve the lunacy of requiring complex, unique passwords required for every different website you visit. We've seen time and time again that people are terrible about managing passwords. SQRL uses a secure authentication mechanism that improves on username/password in several key ways. The most important feature, IMO, is that the website only requires the use of public information to authenticate you (a public key + website URL). This means that your credentials can't be stolen by a breach of the website.
As to the backup key, yes, you have to carefully protect it (designed as a QR code that can be printed out and stored offline), but who doesn't have access to a safety deposit box or document safe? And the code only needs to be used in case of a compromise of some sort. These days, storing a key electronically, especially on an internet-connected computer, is *vastly* more risky than even storing a piece of paper in your desk. The world's threat models have changed.
I think both BSD and GPL style licenses have their place in the world. A BSD-style license is useful for those who wish their code to be used as broadly as possible, whether by commercial or open source. A GPL license is appropriate for those who are first and foremost advocates of open source, and want maximum protection to ensure their code is only used in open source products.
This simply reflects a different intent or priorities of the authors. You hear slogans like "GPL is about user freedom", which is just shorthand for open source advocates believing that, with some good reason, that open source products are more consumer-friendly than close source. Yet the flipside to that is the simple truth that many software products that people find valuable seem to flourish as commercial products.
For my own open source libraries, I release them under the MIT license. I appreciate it's "do what you want with it" simplicity, since my goal is not open source advocacy, but simply to make a library that anyone might find useful. But I also appreciate the fact that not everyone has the same priorities as I do. I'm not sure the open source movement would be where it's at today without the hard-core advocates who insist on using the GPL.
Mac Minis fill an important niche role. They're great when you need a secondary Mac computer at low costs for various task. At a recent job, we installed a Mac Mini as a signing server. Anything more powerful would have been a complete waste of a computer. Pros were used for the primary build servers, but I felt bad for the IT people trying to rack-mount those cylindrical monstrosities.
In my own case, if the Mac Mini did not exist, it's questionable whether or not I'd have created a Mac port for my game. For $800, I was able to purchase an inexpensive Mac and hook it up to my system with a KVM switch. I also have a similarly specced Linux dev box hooked up this way as well. This allows me to quickly switch between the three three major desktop OS dev environments. So, now, my game will be released on Windows, Mac, and Linux from day one.
Unless Apple allows third-party macOS machines to be built, it has to remain somewhat attuned to the needs of power-users and developers, who occasionally need niche products like the Mini and Pro. With these niches fulfilled, these users may turn elsewhere, and possibly have a proportionally significant impact on the rest of the ecosystem. Keep in mind that iPhone developers still need a Mac desktop machine to build apps.
That article points out a lot of the problem is with lax environmental regulations in China. You don't say... Chinese factories taking a dump on mother earth to turn a greater profit? Color me shocked. We went through the same sort of idiocy, and passed stricter laws to prevent that sort of thing in the US and in most first-world countries. If "green" products are actually important to us, we'll eventually demand reasonably high standards from anyone we buy from, probably enforced by trade laws.
Everything we do at an industrial scale will have some environmental cost. There's no getting around that. Windmills or solar collectors slaughter birds. Dams block fishing runs and disrupt natural aquatic environments. Nuclear is potentially dangerous and produces toxic by-products. But I think it's important not to let perfect be the enemy of good.
It's fine not to delude yourself into thinking that electric cars are some panacea, but it's foolish to argue against them when the status quo is oil-based fuels, which we can clearly see the horrible results ourselves in the smog it creates over our cities.
It's still far better to rely on electricity for small-scale transportation wherever we can. Some areas have green power. In my state, for instance, most of our power is generated from hydro. For other areas, we're transitioning over time to cleaner energy generation, so we'll see bigger improvements as more of our power is generated pollution-free.
I'd also argue that even if power is generated from dirtier sources like coal, I think it's arguably better to have fewer of those dirty sources to deal with, rather than spewing toxic gasses from a million smaller engines right in the middle of where everyone lives and works every day.
I'm fully supportive of games that make their money on microtransactions of cosmetic gear as a way to monetize online games. People seem to love paying for that sort of thing, and it has zero impact on gameplay. Overwatch works that way, from what I hear. Guild Wars 2 core game is completely free, and pays for itself with entirely cosmetic microtransactions.
But anything that affects gameplay? Fuck that. I refuse. And now some developers are tinkering with adding paid power boosts to single-player games. Double fuck that. It will be a cold day in hell before I buy a copy of Shadow of War, even though it's said to be a good game. I'm simply not going to support that sort of double-dipping.
EA seems to be getting out of the business of producing high quality single-player, linear, story-based games altogether, preferring games with which they can milk their customers indefinitely. I wonder if they realize that there's a segment of the gaming population that doesn't care about online competitive play, and enjoys immersive, one-time experiences like Uncharted or Star Wars: Knights of the Old Republic. Well, no matter, it makes me feel better if I'm not tempted to send any money towards EA or Activision.
Activision, of course, has been at maximum evil for quite some time. I'd pretty much expect a dick move like this from them. I'm always astounded how an industry that makes products designed for play and enjoyment can engender such loathing from consumers. It really takes a special talent to do that.