There's a little more to it than that. Browsers open multiple connections in parallel. Historically, this was limited by the HTTP specification to two simultaneous connections, but recent versions of browsers have increased this limit. You'd have to detect how many simultaneous connections were in use (or hack it by detecting the browser) and make requests to enough tarpits to bog down all but one of the connections. It would probably be fairly reliable, but the work to build that just to demonstrate the flaw in a different way doesn't seem worth it.
There are places where serial access is more well-defined though. Off the top of my head, the only one I can think of is downloading external scripts (because you can't know ahead of time which of them will call document.write(), but they may be thinking of another case that will apply even when scripts aren't being downloaded.
The fact is that the carrier has a way of identifying that phone on the network with a fair degree of reliability (otherwise they wouldn't be able to bill you for your calls)
Billing isn't connected to the phone, it's connected to the SIM card. If you put your SIM card in a friend's phone and make a call, you get billed, not him.
Bits and bytes matter less and less, they're becoming the sub-atomic particles of Computer Science
Consumer products aren't measured in subatomic particles. You don't buy n particles of milk when you are at the supermarket. But you do buy computers with hard drives measured in terabytes and you do buy Internet connections measured in megabits per second. If you don't understand the difference between bits and bytes, you can easily be mistaken about the performance of the product or service you are buying by a factor of eight.
Imagine that - an advert for a music player that focuses on a person enjoying music. Yeah, it was stylised, but when you look at the bare essence of the advert, it's about what the product can do for you, not brainwashing people into thinking they are buying a lifestyle.
Likewise, aside from the silhouette ads, they've had ads focusing on taking iPods running, clipping iPod nanos to your clothing, listening to music on a beach, commuting with them, playing games on them - all focusing on people actually using the products. Unsurprisingly, people respond to being shown the value of the devices and buy them in droves. No "buying a lifestyle" bollocks necessary to explain the obvious.
Why don't we take a look at something more recent? These are the latest TV ads for the iPad. Every single one of them is focused like a laser on what you can use them for. Practically every single shot is somebody using an app. This is a defining quality of Apple's marketing strategy, and it has been for a long time.
the above, although funny, is exactly the business and marketing explanation for Apple products
It's really not. This is the excuse trotted out when somebody wants to flame Apple or Apple fanboys, but it really doesn't hold up to the slightest scrutiny. Take a look at their ads. They are all about what you can do with the devices. They are renown for focusing on what you can do with the devices.
Do you really believe that Apple is managing to brainwash people? That there isn't a more plausible explanation, such as the fact that they see an ad showing people using the devices in ways that appeal to them and want to buy them? That people try the competition and are less than thrilled, so they opt for the premium product that does what they want instead? If you really believe that marketing brainwashing is a more plausible explanation than that, I'm afraid you're the one who's brainwashed.
Having the court order facebook to give both parties the information for both accounts is the right, "least abusable" way to go about this.
There are two other ways he could have gone about it - it's possible to create Facebook applications with read-only access. It's also possible to export your data from Facebook.
Also, if I were a friend of only one of these people and I used Facebook's privacy controls to share things with my friends only, this judge would be forcing my friend to violate my privacy by sharing these things with somebody who was not my friend. This is broken in so many ways.
At first glance, it seems like a good idea. In practice, it has already been rejected. Some states in the USA used to have literacy tests so that only people who could read and write would be able to vote. This disproportionately affected black people, and it was outlawed by the federal government. Any call to raise the bar on voters would inevitably get attacked on the grounds of "elitism" or disenfranchisement of the poor (as poor people are typically less educated).
It's not that people are stupid, it's that people may not have a complete education in given subjects.
No, often it really is just stupidity. People are happy to clamour for something without even thinking it through. They are happy to argue to the death for something based on knee-jerk reactions. That's not a lack of domain knowledge, that's just stupidity.
Even if we posit an ideal Libertarian utopia, I don't know what to do about interstate grazing rights, do you?
Not a clue, and I'm happy to be quiet on such a topic. Unfortunately, many people in the same situation would not, and I dread to think what would happen if we listened to all of them. The number of people who know something about an esoteric subject is usually outnumbered by the number of people willing to interfere in things they know nothing about.
Most of the article was quite puzzling, as this is nothing new or remarkable. It's really quite simple to have your application execute stuff it downloads.
If I can reverse-engineer the uninformative article a little, I would hazard a guess to say that he's found a way of bypassing the NX bit protection using Safari as an attack vector. This means that he would be able to inject arbitrary ARM code that wasn't present on the device at review time, meaning that he could execute code against APIs that the application wasn't originally using (but which are available for applications to use legitimately).
As an attack, it sounds real enough, however in real-world terms, Apple's review process is leaky enough to avoid getting caught anyway. Their review consists of some trivial automated checks and everything else is handled by a human reviewer who just looks at the application from an end-user's point of view. During the submission process you have to include instructions on how to trigger any Easter eggs in your application because they wouldn't otherwise find them.
Does the country you live in not have consumer protection laws of any kind? They promised functionality thy haven't delivered. In most countries you'd be well within your rights to take it back for a full refund. It's not fit for purpose.
Slashdot has never been and will never be about breaking news as quickly as possible.
Untrue. Actually, that was the official excuse why Slashdot refused to warn people that the Slashdot Effect was headed their way or obtain permission for any kind of mirroring, back when Slashdot was powerful enough to knock a website offline and run up huge bandwidth bills. It was because they couldn't possibly delay a story, no matter how trivial.
XML syntax seems discouraged which means you'll run into more people using the SGML syntax
It's not even SGML syntax any more, it's pseudo-SGML that is reverse-engineered from browser implementations. Some SGML features have been dropped, some alterations have been made to compensate for common syntax errors, and error handling has been defined.
Why do you have a manager managing two people? Why is he stuck in meetings most of the day? Why do you have a liason to coordinate the work of a single person? It sounds like those two people could be easily fired, and the extra money spent to take on two more people with your skillset.
This also raises the question of whether or not RIM's decision to allow Android apps to be ported to the Playbook has further influenced developers to abandon creating native applications as they believe that in the future this capability might be extended to BlackBerry's phones.
Unquestionably, this is the new OS/2. I've already started steering clients away from developing native PlayBook apps. It's a dying platform, the looming prospect of Android compatibility will dampen demand, there's just no way of making an app cost-effective for my clients. RIM is facing imminent failure on every front.
DOM is getting even more bloated, inefficient and slow
It's never been faster. There have been huge performance improvements over the past few years.
CSS is out of control and when put to the extreme it is like reading RegEx that you didn't write that has 400 expressions in one string.
CSS's syntax has barely changed since its very first version 15 years ago. Its readability is like Perl - some developers make an unholy mess, others produce very readable code.
That coupled with differences in even handling the box model between IE and everyone else
Your information is out of date. Microsoft implemented the W3C's box model in Internet Explorer 6, released a decade ago.
JavaScript is supposed to be the language used to manipulate the Document Object
The DOM was explicitly designed to be language-neutral. This was a design goal from the outset.
it was so poorly implemented that jQuery was required to make it reasonably useful.
jQuery is a very nice toolkit, but it didn't make JavaScript more useful. By definition, it cannot do so, being implemented in JavaScript itself. It made it quicker and easier to write. The DOM could have been designed with a much nicer API, but that's neither JavaScript nor implementation.
As an android user, I don't feel this way in the slightest
I've been using Android phones since the first one came out. I'm also an iOS developer, so I've been using Android and iOS apps every day for years. There is a massive difference in quality. I choose Android because it's more open, it lets you do more, and because I prefer a hardware keyboard. But if I were to choose on quality alone, there would simply be no contest. Even the built-in apps on Android are terrible, it seems like even they were hastily slapped together. It is a perpetual disappointment.
Slashdot Mirror
There's a little more to it than that. Browsers open multiple connections in parallel. Historically, this was limited by the HTTP specification to two simultaneous connections, but recent versions of browsers have increased this limit. You'd have to detect how many simultaneous connections were in use (or hack it by detecting the browser) and make requests to enough tarpits to bog down all but one of the connections. It would probably be fairly reliable, but the work to build that just to demonstrate the flaw in a different way doesn't seem worth it.
There are places where serial access is more well-defined though. Off the top of my head, the only one I can think of is downloading external scripts (because you can't know ahead of time which of them will call document.write(), but they may be thinking of another case that will apply even when scripts aren't being downloaded.
Billing isn't connected to the phone, it's connected to the SIM card. If you put your SIM card in a friend's phone and make a call, you get billed, not him.
Consumer products aren't measured in subatomic particles. You don't buy n particles of milk when you are at the supermarket. But you do buy computers with hard drives measured in terabytes and you do buy Internet connections measured in megabits per second. If you don't understand the difference between bits and bytes, you can easily be mistaken about the performance of the product or service you are buying by a factor of eight.
Imagine that - an advert for a music player that focuses on a person enjoying music. Yeah, it was stylised, but when you look at the bare essence of the advert, it's about what the product can do for you, not brainwashing people into thinking they are buying a lifestyle.
Likewise, aside from the silhouette ads, they've had ads focusing on taking iPods running, clipping iPod nanos to your clothing, listening to music on a beach, commuting with them, playing games on them - all focusing on people actually using the products. Unsurprisingly, people respond to being shown the value of the devices and buy them in droves. No "buying a lifestyle" bollocks necessary to explain the obvious.
Why don't we take a look at something more recent? These are the latest TV ads for the iPad. Every single one of them is focused like a laser on what you can use them for. Practically every single shot is somebody using an app. This is a defining quality of Apple's marketing strategy, and it has been for a long time.
They actually wrote a book about what happened.
It's really not. This is the excuse trotted out when somebody wants to flame Apple or Apple fanboys, but it really doesn't hold up to the slightest scrutiny. Take a look at their ads. They are all about what you can do with the devices. They are renown for focusing on what you can do with the devices.
Do you really believe that Apple is managing to brainwash people? That there isn't a more plausible explanation, such as the fact that they see an ad showing people using the devices in ways that appeal to them and want to buy them? That people try the competition and are less than thrilled, so they opt for the premium product that does what they want instead? If you really believe that marketing brainwashing is a more plausible explanation than that, I'm afraid you're the one who's brainwashed.
Since when did a single Slashdot submitter speak for the whole of the FOSS community?
There are two other ways he could have gone about it - it's possible to create Facebook applications with read-only access. It's also possible to export your data from Facebook.
Also, if I were a friend of only one of these people and I used Facebook's privacy controls to share things with my friends only, this judge would be forcing my friend to violate my privacy by sharing these things with somebody who was not my friend. This is broken in so many ways.
Good job defeating that straw man!
At first glance, it seems like a good idea. In practice, it has already been rejected. Some states in the USA used to have literacy tests so that only people who could read and write would be able to vote. This disproportionately affected black people, and it was outlawed by the federal government. Any call to raise the bar on voters would inevitably get attacked on the grounds of "elitism" or disenfranchisement of the poor (as poor people are typically less educated).
No, often it really is just stupidity. People are happy to clamour for something without even thinking it through. They are happy to argue to the death for something based on knee-jerk reactions. That's not a lack of domain knowledge, that's just stupidity.
Not a clue, and I'm happy to be quiet on such a topic. Unfortunately, many people in the same situation would not, and I dread to think what would happen if we listened to all of them. The number of people who know something about an esoteric subject is usually outnumbered by the number of people willing to interfere in things they know nothing about.
How many is a brazilian?
Most of the article was quite puzzling, as this is nothing new or remarkable. It's really quite simple to have your application execute stuff it downloads.
If I can reverse-engineer the uninformative article a little, I would hazard a guess to say that he's found a way of bypassing the NX bit protection using Safari as an attack vector. This means that he would be able to inject arbitrary ARM code that wasn't present on the device at review time, meaning that he could execute code against APIs that the application wasn't originally using (but which are available for applications to use legitimately).
As an attack, it sounds real enough, however in real-world terms, Apple's review process is leaky enough to avoid getting caught anyway. Their review consists of some trivial automated checks and everything else is handled by a human reviewer who just looks at the application from an end-user's point of view. During the submission process you have to include instructions on how to trigger any Easter eggs in your application because they wouldn't otherwise find them.
Does the country you live in not have consumer protection laws of any kind? They promised functionality thy haven't delivered. In most countries you'd be well within your rights to take it back for a full refund. It's not fit for purpose.
Untrue. Actually, that was the official excuse why Slashdot refused to warn people that the Slashdot Effect was headed their way or obtain permission for any kind of mirroring, back when Slashdot was powerful enough to knock a website offline and run up huge bandwidth bills. It was because they couldn't possibly delay a story, no matter how trivial.
Any ideas on what this means? I read both articles, but they didn't seem to mention what this "full browser" requirement is.
Isn't Facebook designed to talk to people you already know? Isn't it pretty much a given that you can already communicate with these people?
It's not even SGML syntax any more, it's pseudo-SGML that is reverse-engineered from browser implementations. Some SGML features have been dropped, some alterations have been made to compensate for common syntax errors, and error handling has been defined.
Bonus points to whoever registers under the name Fruit Flies and goes on to like A Banana.
Why do you have a manager managing two people? Why is he stuck in meetings most of the day? Why do you have a liason to coordinate the work of a single person? It sounds like those two people could be easily fired, and the extra money spent to take on two more people with your skillset.
The ex-Facebook developers who founded Quora think Facebook is stuck on [PHP] for legacy reasons, not because it's the best choice right now .
Unquestionably, this is the new OS/2. I've already started steering clients away from developing native PlayBook apps. It's a dying platform, the looming prospect of Android compatibility will dampen demand, there's just no way of making an app cost-effective for my clients. RIM is facing imminent failure on every front.
Some major misconceptions here.
It's never been faster. There have been huge performance improvements over the past few years.
CSS's syntax has barely changed since its very first version 15 years ago. Its readability is like Perl - some developers make an unholy mess, others produce very readable code.
Your information is out of date. Microsoft implemented the W3C's box model in Internet Explorer 6, released a decade ago.
The DOM was explicitly designed to be language-neutral. This was a design goal from the outset.
jQuery is a very nice toolkit, but it didn't make JavaScript more useful. By definition, it cannot do so, being implemented in JavaScript itself. It made it quicker and easier to write. The DOM could have been designed with a much nicer API, but that's neither JavaScript nor implementation.
Way to stick it to your old colleagues too. It's not the CEO that's going to be stuck cleaning up the security breach.
I've been using Android phones since the first one came out. I'm also an iOS developer, so I've been using Android and iOS apps every day for years. There is a massive difference in quality. I choose Android because it's more open, it lets you do more, and because I prefer a hardware keyboard. But if I were to choose on quality alone, there would simply be no contest. Even the built-in apps on Android are terrible, it seems like even they were hastily slapped together. It is a perpetual disappointment.