You may be surprised to learn it's only the second Tuesday of the month ("Patch Tuesday"), and not every Tuesday.
It's actually a sensible policy that allows corporations to plan on regular updates. A large company can't simply accept patches without a lot of testing to make sure they don't accidentally bring down every computer in the business because of some issue with their mission-critical software. That sort of little mistake can cost many millions of dollars. By regularly scheduling the patches, the IT staff can plan a regular test and integration cycle.
On the development side, these fixes have to go through a huge battery of tests before they can be deployed. This can take quite a while to do. I'd imagine it's much easier for MS if they can perform these compatibility tests on an entire batch of fixes, rather than doing it for each single patch. You can argue it's likely more damaging to have a badly-tested patch bring down a large number of machines than whatever was being patched in the first place.
In the event of issues that are time sensitive (critical zero-day issues), MS has been known to push out-of-band patches. Most patches though, especially anything not already found in the wild, are not nearly that time-sensitive. Keep in mind many of these flaws have existed for years, possibly even decades, before being discovered.
They can't, which is why the next logical step would be to ban sale and use of encrypted communication which the government can't snoop on, like some in the UK have proposed.
Because we all know that all we need to stop those terrorists is a well thought-out law.
Don't forget about the local NW-grown strawberries. They're much tastier than California (or wherever) grown berries, but they simply don't have the same durability. So, it's a variety that most people never get to taste. Strawberry shortcake with regional-grown strawberries was a favorite at local fairs when I was growing up.
Even so, I think it's great to have these different varieties. The firmer strawberries aren't terrible by any means, and it's great to be able to enjoy them throughout the year instead of the month or two we'd get them in the summer otherwise.
Regarding the apples - yep, it's definitely one advantage of living in one of the world's apple-growing capitals. And yeah, I've had wild blueberries while hiking in the cascades before many years ago, though I don't remember them being as tart as you indicated. Maybe the ones I had were a bit more ripe.
BTW, I tried to look up which variety of strawberry was grown locally, and came across this list. Holy crap... I'm sure we don't get all those varieties in the supermarket, but it's apparent we don't exactly have a "strawberry monoculture".
Apple is desperate to continue that yearly upgrade cycle, which is why they're now offering plans to encourage that behavior. I'm predicting that you're only going to see it continue for most people while smartphones are in an early growth market. Sure, there will always be the hardcore technologists for fanboys, but that will be a much smaller piece of the market.
Remember how often we had to upgrade our PC hardware until the tech settled down after a few decades? Every couple of years, right? Now how often do we upgrade them? My four year old PC is still running the latest OSes and software and still feels plenty zippy. It's easily got years left of life in it.
Tablets, I think, tended to peak a bit earlier than phones, but I think we're going to see a maturation of the smartphone market and a subsequent slowdown of the industry in general as people hold onto their phones longer than a year or two. I just don't see that trend lasting forever... eventually, phone-makers will hit a practical ceiling on how powerful your handheld supercomputer needs to be, or how many megapixels your camera can have, or how many interesting new gadgets they can cram in there. At that point, the length of support will be deciding factor in how long you can keep your phone, I suppose.
Well, it's news for them, but you're right that it's hardly a novel move worldwide. It tends to sound rather draconian to those of us living in the US though - probably part of our car culture, I suppose.
I believe Paris implemented something like this last year. Mexico City had done this decades earlier, although I can't recall if it was to cut down on congestion or pollution. I wouldn't be surprised if there were many others. It's a pretty blunt hammer, as far as policies go, but you can't look at the air quality and not see that something has to be done if the preservation of air quality is deemed important enough.
I'd hope that electric vehicles are exempt, although it's likely their numbers are so small as to not really be much of a factor. I'm really hoping that some serious strides are made in bringing more inexpensive and reasonable performing electric cars to market. Maybe as further restrictions like this are enacted, those vehicles will start looking better to consumers. From a strict cost and feature perspective, those vehicles are still somewhat inferior to traditional gas-burning cars, which makes them a tough sell when gas prices aren't sky-high.
Why a joke? Consider it a spam filter for Wikipedia entries. The more popular entries have unfortunately had to get locked down due to rampant vandalism. Wikipedia, for all it's faults, is one of the wonders of the modern age. Between it and Google, it's like a global repository of human knowledge... or at least, a summary of human knowledge, with links to deeper knowledge.
But while its power is derived from the masses of humans that create and edit that content, the masses are also its weakness. Humans are endlessly creative, and this tool will probably just teach trolls how to vandalize more creatively in order to fool the algorithm. Still, if it cuts down the noise for editors, it may end up being a good thing. It's hard to say until it's actually been deployed in the real world for a while.
Yep, that's sort of what I was getting at when I was talking about how e-mail was "fundamentally insecure". I meant, as you indicated, that it's insecure by design at the protocol level - as were all of the early internet protocols, of course. It's actually pretty amazing that SMTP has survived relatively unchanged for so long.
If you want secure messages, you use something like Threema, in which you securely exchange keys with someone else in person, and which uses ephemeral key generation for forward secrecy. But that's too much trouble for most people. Somewhere in the middle is a service like iMessage or WhatsApp, in which Apple or Facebook manage the keys for you, which is a lot more convenient, but you're trusting a corporate 3rd party to keep you secure.
Ah, you're going all pedantic-fu on me, eh? I've never heard a rule stating that a "hang" can't be temporary. As far as I know, it just means that the UI has become unresponsive or a program stops responding in some way. Whether it corrects itself later or not, the appearance and effect for the user or system is exactly the same.
From Wikipedia:
A hang may be temporary if caused by a condition that resolves itself, such as slow hardware, or it may be permanent and require manual intervention, as in the case of a hardware or software logic error.
Hey, at least I didn't describe a game's slow frame rate as "laggy". That one drives me nuts, but I've never heard a good alternative term that describes low frame rate.
It's very much like radio if you happen to be at a wireless hotspot and aren't encrypting all your traffic. Just a very *small* radio.
Also, GP specifically mentioned "post-Snoden era", implicitly referring to our government's three-letter agencies, who happen to be among those who can (and probably do) intercept and scan your e-mail. Even if you encrypt it, they'll still get the metadata.
Most people don't care (unfortunately) because they're sending trivial postcard-type crap via e-mail anyhow.
That's because e-mail is not a secret if it leaves the corporate headquarters. E-mail is fundamentally insecure, more of a postcard than a sealed envelope. Worrying about your e-mail client's security seems a bit pointless when it sends everything in the clear across the internet anyhow.
Besides, while I can make peace with Thunderbird going away (I won't say I'm "fine" with it), it's only because Mozilla has essentially abandoned it anyhow, and it's not been performing well on my system. I mean, seriously, how could an e-mail client have performance issues? I've been meaning to find a new e-mail client for a while now, so this just makes the decision a bit easier.
I'm about to separate myself from the Thunderbird mail client as well, because the performance has gone down the crapper for me in the last year or so. When I hit "archive", the program often hangs for 30 seconds to a minute. Compacting the folder does nothing. I deleted a few years worth of old e-mail to see if that would help, but seriously, a modern program should not be choking on a few hundred MB of e-mails.
Yep, this... although I was never quite superstitious enough to "retire" dice, nor did I have multiple sets on me.
More than that, rolling dice is simply part of the visceral experience of tabletop gaming. Getting a random number from a computer could easily be made nearly perfectly random - far better than the results seen here. Nowadays, it's not hard to get high quality pseudo-random numbers with well-known algorithms that are seeded by true random sources. That's just not the point though. It can never really replace rolling a piece of shaped plastic or metal and seeing the results for yourself.
Honestly, I've found the point of noscript to be a bit less than compelling these days, for two reasons:
* Most modern exploits are in plugins or other vectors like advertising, rather than Javascript exploits * Most sites simply don't work with scripting disable these days - sometimes even if partially disabled
I recently replaced noscript with ublock-origin, and have found it to be a significantly better web experience. It's something I could easily recommend to less technical users, where I don't think I could
When a technology is rapidly evolving, and innovation occurs on a yearly basis, all that means is that the technology is still very immature.
I, for one, will be glad to see the end of smartphone "innovation". That means smartphones will stop becoming a trendy fad you "need" to purchase everyone one to two years, and instead will become a commodity, a tool, that you instead purchase once every four to seven years, or as desired - sort of like with PCs now. It will mean that designs and form will have settled down into what is universally agreed to be the best form-factor and feature sets, and the "innovation" will occur with incremental improvements that simply refine already good functionality into slightly better.
*Gasp* Our trendy smartphones becoming as boring as a tired old *PC*? Say it ain't so!
Given the use of.pdb files they mentioned, which is an MS-specific debug symbol format (as far as I know), it suggests the use of Visual Studio, and that in turn suggests the code is possibly targeting embedded Windows.
Also, good point about the name mangling differences. Totally forgot about that. I have little reason to dip down into assembly these days - and in fact, I've never really studied C-generated assembly at all.
I think they're misusing the term "high level" when it comes to programming languages. I suspect what they're trying to get at is that it's sophisticated and competently coded.
I wonder why they assume it's C and not C++, incidentally, since they're presumably looking at decompiled assembly? I haven't done much C vs C++ side-by-side analysis of the two... is there an obvious difference in the generated assembly? I guess maybe v-table structures would point to C++, where C programmers likely wouldn't invent such constructs.
You're presuming that some of us block ads because we simply don't like seeing them displayed. I block ads because they're dangerous. I never bothered with ad blocking before malvertising became more prevalent.
I'd have agreed with you a few years ago. Yes, you can stop nearly all web-based attacks by blocking scripting, but you do so at the expense of blocking nearly all web functionality. These days, too much of the web is just utterly broken without scripting enabled. I was tired of constantly fiddling with it, trying to find the content delivery network to allow so the site would actually work.
I recently replace noscript with ublock-origin. Scripting is no longer the attack vector of choice... just an enabling technology. Nowadays, malvertising is a far bigger threat, and adblock software can also help a fairly substantial list of known bad sites as well using blacklists.
Another potential solution would be some specialized web extensions designed specifically for the needs of advertisers. Essentially, instead of granting a third-party site blanket permission to load and execute arbitrary Javascript (insanely dangerous, since it can do anything), this mechanism only allows extremely specialized content to be loaded from a third-party - just enough to load a static image and enough smarts to check for a view or a click, and one that respects the "do not track" flag.
No animated ads. No audio. No arbitrary Javascript. No pop-ups. Static text and images only. And the content it still hosted by third-parties, so view and clickthrough metrics can be collected. The browsers' image handling libraries have been hardened long ago, and the other functionality would be small, simple, and easy to harden as well. This would mean static banner ads could be displayed with all the functionality advertisers want (minus universal tracking hopefully), but would be much more resistant to attack. You can't really say 100% safe, but it should be close to it.
If the industry were to universally adopt such a practice, then I'd feel a lot better about disabling ad-blocking (for these "safe" ads) for sites I wished to financially support. What stops me from doing it right now is the safety issue. When sites like HuffPost or Forbes are found to be serving malware via Google's Doubleclick or AOL, you know the ad industry has a pretty big problem. And while they're starting to talk about the annoyance and intrusive factor, they rarely talk about the safety issue, because I don't think they have a good solution for that yet.
I never voluntarily turned off Slashdot's ads previously. I used to run no-script, but now that every page requires Javascript to work, I ended up removing it and replacing it with an ad-blocker. Why? It's 100% safety driven. You see how infected ads are the prime way of infecting computers (straight Javascript is pretty safe these days), and since my computer is critically important to my work as an independent contractor, I just can't risk it.
For many years I lived without Flash-related content, because it was such a dangerous vector as well. I had to give up content from at least one site I really enjoyed watching, because it was only offered via Flash video. I was actually able to recently re-install it because it now can be selectively enabled (I have to click explicitly to run), so I can control it and prevent a random Flash ad with malware from infecting my machine.
Maybe other people blocked ads because of bandwidth and annoyance. I can only speak for myself. For me, it was purely a safety issue. The fact that the web is generally less annoying, loads faster, and looks better... well... that's just a bonus, I guess?
I've seen some *amazing* replies on SO that must have easily taken the programmer an hour or more to craft. The great thing is that answers of that quality tend to get voted up highly, and lots of people seem to point links to that page, so Google ranks it quite highly. This means that great answer is going to be what programmers find when searching for that particular topic, and I think that's absolutely fantastic.
What's hilarious to me is when I get to a SO question, and you have the inevitable jerk that tells the person asking the question to just "Google the answer". My inevitable thought is: how the hell do you think I got here, you self-righteous ass? I saw a great response from someone else as well, which was: "someone has to first answer the question before Google can link to an answer."
Stack Overflow has been an amazingly helpful resource for me as an independent programmer. My most recent use case: I realized I couldn't continue to use a hash function I found a few years ago due to its license (I misunderstood what the LGPL meant in terms of compliance with closed source projects), so I found a discussion of alternate non-crypto hash functions with more permissive licenses, and found the name of one, which lead me to its Wikipedia page, which in turn had a full C-source code example. A hash function is one of those things that you're unlikely to do better by yourself than if you simply copy code that's been tested and vetted.
Slashdot Mirror
You may be surprised to learn it's only the second Tuesday of the month ("Patch Tuesday"), and not every Tuesday.
It's actually a sensible policy that allows corporations to plan on regular updates. A large company can't simply accept patches without a lot of testing to make sure they don't accidentally bring down every computer in the business because of some issue with their mission-critical software. That sort of little mistake can cost many millions of dollars. By regularly scheduling the patches, the IT staff can plan a regular test and integration cycle.
On the development side, these fixes have to go through a huge battery of tests before they can be deployed. This can take quite a while to do. I'd imagine it's much easier for MS if they can perform these compatibility tests on an entire batch of fixes, rather than doing it for each single patch. You can argue it's likely more damaging to have a badly-tested patch bring down a large number of machines than whatever was being patched in the first place.
In the event of issues that are time sensitive (critical zero-day issues), MS has been known to push out-of-band patches. Most patches though, especially anything not already found in the wild, are not nearly that time-sensitive. Keep in mind many of these flaws have existed for years, possibly even decades, before being discovered.
They can't, which is why the next logical step would be to ban sale and use of encrypted communication which the government can't snoop on, like some in the UK have proposed.
Because we all know that all we need to stop those terrorists is a well thought-out law.
Haven't you heard? Minor versions are passé. That would make it a B-60.
Or if we go at the same rate Google updates Chrome versions, it would currently be a B-412.
Don't forget about the local NW-grown strawberries. They're much tastier than California (or wherever) grown berries, but they simply don't have the same durability. So, it's a variety that most people never get to taste. Strawberry shortcake with regional-grown strawberries was a favorite at local fairs when I was growing up.
Even so, I think it's great to have these different varieties. The firmer strawberries aren't terrible by any means, and it's great to be able to enjoy them throughout the year instead of the month or two we'd get them in the summer otherwise.
Regarding the apples - yep, it's definitely one advantage of living in one of the world's apple-growing capitals. And yeah, I've had wild blueberries while hiking in the cascades before many years ago, though I don't remember them being as tart as you indicated. Maybe the ones I had were a bit more ripe.
BTW, I tried to look up which variety of strawberry was grown locally, and came across this list. Holy crap... I'm sure we don't get all those varieties in the supermarket, but it's apparent we don't exactly have a "strawberry monoculture".
Apple is desperate to continue that yearly upgrade cycle, which is why they're now offering plans to encourage that behavior. I'm predicting that you're only going to see it continue for most people while smartphones are in an early growth market. Sure, there will always be the hardcore technologists for fanboys, but that will be a much smaller piece of the market.
Remember how often we had to upgrade our PC hardware until the tech settled down after a few decades? Every couple of years, right? Now how often do we upgrade them? My four year old PC is still running the latest OSes and software and still feels plenty zippy. It's easily got years left of life in it.
Tablets, I think, tended to peak a bit earlier than phones, but I think we're going to see a maturation of the smartphone market and a subsequent slowdown of the industry in general as people hold onto their phones longer than a year or two. I just don't see that trend lasting forever... eventually, phone-makers will hit a practical ceiling on how powerful your handheld supercomputer needs to be, or how many megapixels your camera can have, or how many interesting new gadgets they can cram in there. At that point, the length of support will be deciding factor in how long you can keep your phone, I suppose.
Well, it's news for them, but you're right that it's hardly a novel move worldwide. It tends to sound rather draconian to those of us living in the US though - probably part of our car culture, I suppose.
I believe Paris implemented something like this last year. Mexico City had done this decades earlier, although I can't recall if it was to cut down on congestion or pollution. I wouldn't be surprised if there were many others. It's a pretty blunt hammer, as far as policies go, but you can't look at the air quality and not see that something has to be done if the preservation of air quality is deemed important enough.
I'd hope that electric vehicles are exempt, although it's likely their numbers are so small as to not really be much of a factor. I'm really hoping that some serious strides are made in bringing more inexpensive and reasonable performing electric cars to market. Maybe as further restrictions like this are enacted, those vehicles will start looking better to consumers. From a strict cost and feature perspective, those vehicles are still somewhat inferior to traditional gas-burning cars, which makes them a tough sell when gas prices aren't sky-high.
Why a joke? Consider it a spam filter for Wikipedia entries. The more popular entries have unfortunately had to get locked down due to rampant vandalism. Wikipedia, for all it's faults, is one of the wonders of the modern age. Between it and Google, it's like a global repository of human knowledge... or at least, a summary of human knowledge, with links to deeper knowledge.
But while its power is derived from the masses of humans that create and edit that content, the masses are also its weakness. Humans are endlessly creative, and this tool will probably just teach trolls how to vandalize more creatively in order to fool the algorithm. Still, if it cuts down the noise for editors, it may end up being a good thing. It's hard to say until it's actually been deployed in the real world for a while.
It may not help like you think it would.
Yep, that's sort of what I was getting at when I was talking about how e-mail was "fundamentally insecure". I meant, as you indicated, that it's insecure by design at the protocol level - as were all of the early internet protocols, of course. It's actually pretty amazing that SMTP has survived relatively unchanged for so long.
If you want secure messages, you use something like Threema, in which you securely exchange keys with someone else in person, and which uses ephemeral key generation for forward secrecy. But that's too much trouble for most people. Somewhere in the middle is a service like iMessage or WhatsApp, in which Apple or Facebook manage the keys for you, which is a lot more convenient, but you're trusting a corporate 3rd party to keep you secure.
Ah, you're going all pedantic-fu on me, eh? I've never heard a rule stating that a "hang" can't be temporary. As far as I know, it just means that the UI has become unresponsive or a program stops responding in some way. Whether it corrects itself later or not, the appearance and effect for the user or system is exactly the same.
From Wikipedia:
A hang may be temporary if caused by a condition that resolves itself, such as slow hardware, or it may be permanent and require manual intervention, as in the case of a hardware or software logic error.
Hey, at least I didn't describe a game's slow frame rate as "laggy". That one drives me nuts, but I've never heard a good alternative term that describes low frame rate.
It's very much like radio if you happen to be at a wireless hotspot and aren't encrypting all your traffic. Just a very *small* radio.
Also, GP specifically mentioned "post-Snoden era", implicitly referring to our government's three-letter agencies, who happen to be among those who can (and probably do) intercept and scan your e-mail. Even if you encrypt it, they'll still get the metadata.
Most people don't care (unfortunately) because they're sending trivial postcard-type crap via e-mail anyhow.
That's because e-mail is not a secret if it leaves the corporate headquarters. E-mail is fundamentally insecure, more of a postcard than a sealed envelope. Worrying about your e-mail client's security seems a bit pointless when it sends everything in the clear across the internet anyhow.
Besides, while I can make peace with Thunderbird going away (I won't say I'm "fine" with it), it's only because Mozilla has essentially abandoned it anyhow, and it's not been performing well on my system. I mean, seriously, how could an e-mail client have performance issues? I've been meaning to find a new e-mail client for a while now, so this just makes the decision a bit easier.
I'm about to separate myself from the Thunderbird mail client as well, because the performance has gone down the crapper for me in the last year or so. When I hit "archive", the program often hangs for 30 seconds to a minute. Compacting the folder does nothing. I deleted a few years worth of old e-mail to see if that would help, but seriously, a modern program should not be choking on a few hundred MB of e-mails.
Yep, this... although I was never quite superstitious enough to "retire" dice, nor did I have multiple sets on me.
More than that, rolling dice is simply part of the visceral experience of tabletop gaming. Getting a random number from a computer could easily be made nearly perfectly random - far better than the results seen here. Nowadays, it's not hard to get high quality pseudo-random numbers with well-known algorithms that are seeded by true random sources. That's just not the point though. It can never really replace rolling a piece of shaped plastic or metal and seeing the results for yourself.
Honestly, I've found the point of noscript to be a bit less than compelling these days, for two reasons:
* Most modern exploits are in plugins or other vectors like advertising, rather than Javascript exploits
* Most sites simply don't work with scripting disable these days - sometimes even if partially disabled
I recently replaced noscript with ublock-origin, and have found it to be a significantly better web experience. It's something I could easily recommend to less technical users, where I don't think I could
When a technology is rapidly evolving, and innovation occurs on a yearly basis, all that means is that the technology is still very immature.
I, for one, will be glad to see the end of smartphone "innovation". That means smartphones will stop becoming a trendy fad you "need" to purchase everyone one to two years, and instead will become a commodity, a tool, that you instead purchase once every four to seven years, or as desired - sort of like with PCs now. It will mean that designs and form will have settled down into what is universally agreed to be the best form-factor and feature sets, and the "innovation" will occur with incremental improvements that simply refine already good functionality into slightly better.
*Gasp* Our trendy smartphones becoming as boring as a tired old *PC*? Say it ain't so!
Given the use of .pdb files they mentioned, which is an MS-specific debug symbol format (as far as I know), it suggests the use of Visual Studio, and that in turn suggests the code is possibly targeting embedded Windows.
Just a guess, of course.
I've always heard C referred to as "mid-level".
Also, good point about the name mangling differences. Totally forgot about that. I have little reason to dip down into assembly these days - and in fact, I've never really studied C-generated assembly at all.
Microsoft's general manager of diversity and inclusion
I can think of another job that will be on the cutting block when times start to get lean for MS.
I think they're misusing the term "high level" when it comes to programming languages. I suspect what they're trying to get at is that it's sophisticated and competently coded.
I wonder why they assume it's C and not C++, incidentally, since they're presumably looking at decompiled assembly? I haven't done much C vs C++ side-by-side analysis of the two... is there an obvious difference in the generated assembly? I guess maybe v-table structures would point to C++, where C programmers likely wouldn't invent such constructs.
You're presuming that some of us block ads because we simply don't like seeing them displayed. I block ads because they're dangerous. I never bothered with ad blocking before malvertising became more prevalent.
I'd have agreed with you a few years ago. Yes, you can stop nearly all web-based attacks by blocking scripting, but you do so at the expense of blocking nearly all web functionality. These days, too much of the web is just utterly broken without scripting enabled. I was tired of constantly fiddling with it, trying to find the content delivery network to allow so the site would actually work.
I recently replace noscript with ublock-origin. Scripting is no longer the attack vector of choice... just an enabling technology. Nowadays, malvertising is a far bigger threat, and adblock software can also help a fairly substantial list of known bad sites as well using blacklists.
Another potential solution would be some specialized web extensions designed specifically for the needs of advertisers. Essentially, instead of granting a third-party site blanket permission to load and execute arbitrary Javascript (insanely dangerous, since it can do anything), this mechanism only allows extremely specialized content to be loaded from a third-party - just enough to load a static image and enough smarts to check for a view or a click, and one that respects the "do not track" flag.
No animated ads. No audio. No arbitrary Javascript. No pop-ups. Static text and images only. And the content it still hosted by third-parties, so view and clickthrough metrics can be collected. The browsers' image handling libraries have been hardened long ago, and the other functionality would be small, simple, and easy to harden as well. This would mean static banner ads could be displayed with all the functionality advertisers want (minus universal tracking hopefully), but would be much more resistant to attack. You can't really say 100% safe, but it should be close to it.
If the industry were to universally adopt such a practice, then I'd feel a lot better about disabling ad-blocking (for these "safe" ads) for sites I wished to financially support. What stops me from doing it right now is the safety issue. When sites like HuffPost or Forbes are found to be serving malware via Google's Doubleclick or AOL, you know the ad industry has a pretty big problem. And while they're starting to talk about the annoyance and intrusive factor, they rarely talk about the safety issue, because I don't think they have a good solution for that yet.
I never voluntarily turned off Slashdot's ads previously. I used to run no-script, but now that every page requires Javascript to work, I ended up removing it and replacing it with an ad-blocker. Why? It's 100% safety driven. You see how infected ads are the prime way of infecting computers (straight Javascript is pretty safe these days), and since my computer is critically important to my work as an independent contractor, I just can't risk it.
For many years I lived without Flash-related content, because it was such a dangerous vector as well. I had to give up content from at least one site I really enjoyed watching, because it was only offered via Flash video. I was actually able to recently re-install it because it now can be selectively enabled (I have to click explicitly to run), so I can control it and prevent a random Flash ad with malware from infecting my machine.
Maybe other people blocked ads because of bandwidth and annoyance. I can only speak for myself. For me, it was purely a safety issue. The fact that the web is generally less annoying, loads faster, and looks better... well... that's just a bonus, I guess?
I've seen some *amazing* replies on SO that must have easily taken the programmer an hour or more to craft. The great thing is that answers of that quality tend to get voted up highly, and lots of people seem to point links to that page, so Google ranks it quite highly. This means that great answer is going to be what programmers find when searching for that particular topic, and I think that's absolutely fantastic.
What's hilarious to me is when I get to a SO question, and you have the inevitable jerk that tells the person asking the question to just "Google the answer". My inevitable thought is: how the hell do you think I got here, you self-righteous ass? I saw a great response from someone else as well, which was: "someone has to first answer the question before Google can link to an answer."
Stack Overflow has been an amazingly helpful resource for me as an independent programmer. My most recent use case: I realized I couldn't continue to use a hash function I found a few years ago due to its license (I misunderstood what the LGPL meant in terms of compliance with closed source projects), so I found a discussion of alternate non-crypto hash functions with more permissive licenses, and found the name of one, which lead me to its Wikipedia page, which in turn had a full C-source code example. A hash function is one of those things that you're unlikely to do better by yourself than if you simply copy code that's been tested and vetted.