I am surprised laws still treat software as 'magic'. If my new toaster catches fire and melts the counter, I can count on getting compensation from manufacturer. If my new IoT gets pwned by a canned exploit, leaks my private conversations and pictures of me dressed as a pony (don't ask), then there is absolutely nothing I can do to get damages. What the f*&k?
Some people enjoy getting trolled, but I refuse to care about something so nonsensical as fortune. Is it stable? Can it be used to run exploits or escalate privileges? If not, then I don't care. For people who care, fork it or overload with -nohitler parameter.
I'll take Google over Russian propaganda any time.
Of course you will AmiMoJo, because your SJW values closely align with Google. Now imagine if your feed was "curated" by Fox News or Breitbart. This is what inside this particular Pandora box and this is why we shouldn't open it.
I think additional social engineering could help you find a solution. Is it possible for you to have two mail boxes, one for junk mail and one for addressed letters? Perhaps they would do sorting for you?
"A living wage" is not something that people are entitled to, no matter how much you wish it to be so.
So what do you propose we do with people unable to earn a living wage? Slums? Work camps? Organ farms? More importantly, while I agree that delivery is a basic skill, but so is violence and crime. Personally, if I were put in a situation where my kids are starving because of my inability to earn a living wage, I'd have zero problems robbing a bunch of free market libertarians to provide them with basic needs. Now, what society would you rather live in? Free market paradise that see desperate people committing crime (and maybe get caught and incarcerated, paid for by taxpayers) or socialist hellhole that provides basic needs for everyone and is otherwise orderly and allows productive members to produce?
To put it into terms you can understand, employment in this situation is a coerced transaction. First, employee is prevented from freely negotiating by the platform - there is no ability to turn down unprofitable deliveries, there is no surge pricing based on availability of delivery agents, there is no consideration for traffic and so on. Second, Instacart withholds key information to make informed decision - destination, responsiveness of delivery target and so on prior to assigning the task. As such, delivery workers are prevented by Instacart from obtaining full value out of their labor.
Is this how it works? My understanding that tracking cookies will be a) multi-domain and b) will also include add network domain. For example, Taboola cookie would be still accessible across all sites that use Taboola. Is this not the case?
I configure browser to wipe all my cookies on browser close, and frequently close it. I recommend others to do the same.
I used it intentionally. With minimum effort I can dig up CVEs that are not arguably a bug. For example, CVE-2005-4351 is a design flaw. It happens even in Linux kernel.
To me, Laynes Law implies that there exists universal truth and it is knowable. I disagree with that.
To me, bad design is understanding undesirable consequence and proceeding with them. For example, leaving default hard-coded credentials for the service team to remotely access your product. You can't call this a bug - the functionality is intentional.
Security is adequately meeting requirements in the existing environment. You can't secure for all possible environment and use cases, especially future ones we can't yet anticipate.
I don't consider my example of a hypothetical new exploit a bug because we can't be sure it is connected to a programmatic mistake. It could be the case that in the future all databases start running in a different environment... that is, our assumptions will have to be changed. This happened in the past - in the past databases were a single process run on mainframes that only were locally accessible. Today we typically have WAN-enabled distributed databases talking directly to the infrastructure (e.g. web) servers. Tomorrow the norm might shift again, where end-points directly interface with the cloud-based databases.
My favorite DB exploit example is gold duping duping in Ultima Online circa 98-99. It had nothing to do with hacking or bugs in code. Players figured out how to time database backup, then performed a large set of transactions, then immediately jumped to a different spot in the world that was handled by a different DB node. This caused inaccessible character that reverted to an earlier state from backed up data, with some transactions lost (and multiple gold piles created). Is this a bug in DB software? I don't see it this way, at that time DB that could handle this type of use case simply did not exist.
I disagree that you can view lack of security as a bug. Using your example, lets say a novel way to attack databases developed in 2018. Lets call it relationship mutations. Today we have no idea how it works and how to defend against it, because it isn't invented yet. Are all databases released today buggy as a result? Do they become buggy, without any code change whatsoever, at the time this new exploit is invented?
He is demonstrably wrong. True, some security problems are bugs, but there are also security problems that are bad design choices, that are misconfigurations, that are counting use of old technology (e.g. RSA 1024), that are poor use cases (nobody follows policy, because it is too complex and/or convoluted). You can't secure systems with just code reviews and patching. No way, no how.
You are in the wrong with you believes and you are in the wrong with your behavior. Your infantile behavior and antics are squarely aimed at true believers, since you are not event attempted engaging prior to descending into shrill hysterics. This is why I called it virtue signaling - you are hanging it all out there in all its ugliness, shouting "Look, I am one of you, like me!". However, posting as AC makes this whole exercise pointless. You are not convincing anyone, you are not scoring points for the home team, and you are not endearing yourself to anyone. In other words, you miserably failed again, like you always do, no matter how hard you try.
Everyone on./ knows that the perpetual motion machine must run on hot grits, as this substance when appropriately applied transitions to strange matter phase.
Feminism infantilize women. They are not allowed to make non-approved decisions like focus on children instead of career, formula feed toddlers, sleep with the boss to get a raise, delegate decision making authority to the husband, and so on.
So when any of this happens, feminist like to pretend that it must have been coerced instead of admitting that women have agency of their lives and can make good and bad decisions.
Also when these kids grow up they will accept privacy violations from the government and corporations, because parents trained them that fake safety is more important than your privacy.
Slashdot Mirror
>>>but is not aware of either who the attacker is, or how the attack took place
This does not instill confidence.
I am surprised laws still treat software as 'magic'. If my new toaster catches fire and melts the counter, I can count on getting compensation from manufacturer. If my new IoT gets pwned by a canned exploit, leaks my private conversations and pictures of me dressed as a pony (don't ask), then there is absolutely nothing I can do to get damages. What the f*&k?
Some people enjoy getting trolled, but I refuse to care about something so nonsensical as fortune. Is it stable? Can it be used to run exploits or escalate privileges? If not, then I don't care. For people who care, fork it or overload with -nohitler parameter.
"We're going to block news that HR and our Chief Diversity Officer find offensive."
Good post, too bad it isn't getting indexed by Google.
I'll take Google over Russian propaganda any time.
Of course you will AmiMoJo, because your SJW values closely align with Google. Now imagine if your feed was "curated" by Fox News or Breitbart. This is what inside this particular Pandora box and this is why we shouldn't open it.
I think additional social engineering could help you find a solution. Is it possible for you to have two mail boxes, one for junk mail and one for addressed letters? Perhaps they would do sorting for you?
"A living wage" is not something that people are entitled to, no matter how much you wish it to be so.
So what do you propose we do with people unable to earn a living wage? Slums? Work camps? Organ farms?
More importantly, while I agree that delivery is a basic skill, but so is violence and crime. Personally, if I were put in a situation where my kids are starving because of my inability to earn a living wage, I'd have zero problems robbing a bunch of free market libertarians to provide them with basic needs. Now, what society would you rather live in? Free market paradise that see desperate people committing crime (and maybe get caught and incarcerated, paid for by taxpayers) or socialist hellhole that provides basic needs for everyone and is otherwise orderly and allows productive members to produce?
To put it into terms you can understand, employment in this situation is a coerced transaction. First, employee is prevented from freely negotiating by the platform - there is no ability to turn down unprofitable deliveries, there is no surge pricing based on availability of delivery agents, there is no consideration for traffic and so on. Second, Instacart withholds key information to make informed decision - destination, responsiveness of delivery target and so on prior to assigning the task. As such, delivery workers are prevented by Instacart from obtaining full value out of their labor.
I am still not convinced.
For example, my goddamn login page stops working when the singularity arrives. Is this a bug?
Have you tried "Please no junk mail" label in/on your mail box?
This is not a bug but a key feature of gig economy. Also, multi-billion valuation for a grocery delivery service? Why?
Is this how it works? My understanding that tracking cookies will be a) multi-domain and b) will also include add network domain. For example, Taboola cookie would be still accessible across all sites that use Taboola. Is this not the case?
I configure browser to wipe all my cookies on browser close, and frequently close it. I recommend others to do the same.
I used it intentionally. With minimum effort I can dig up CVEs that are not arguably a bug. For example, CVE-2005-4351 is a design flaw. It happens even in Linux kernel.
Very interesting and new to me idea.
To me, Laynes Law implies that there exists universal truth and it is knowable. I disagree with that.
To me, bad design is understanding undesirable consequence and proceeding with them. For example, leaving default hard-coded credentials for the service team to remotely access your product. You can't call this a bug - the functionality is intentional.
Security is adequately meeting requirements in the existing environment. You can't secure for all possible environment and use cases, especially future ones we can't yet anticipate.
I don't consider my example of a hypothetical new exploit a bug because we can't be sure it is connected to a programmatic mistake. It could be the case that in the future all databases start running in a different environment... that is, our assumptions will have to be changed. This happened in the past - in the past databases were a single process run on mainframes that only were locally accessible. Today we typically have WAN-enabled distributed databases talking directly to the infrastructure (e.g. web) servers. Tomorrow the norm might shift again, where end-points directly interface with the cloud-based databases.
My favorite DB exploit example is gold duping duping in Ultima Online circa 98-99. It had nothing to do with hacking or bugs in code. Players figured out how to time database backup, then performed a large set of transactions, then immediately jumped to a different spot in the world that was handled by a different DB node. This caused inaccessible character that reverted to an earlier state from backed up data, with some transactions lost (and multiple gold piles created). Is this a bug in DB software? I don't see it this way, at that time DB that could handle this type of use case simply did not exist.
I disagree that you can view lack of security as a bug. Using your example, lets say a novel way to attack databases developed in 2018. Lets call it relationship mutations. Today we have no idea how it works and how to defend against it, because it isn't invented yet. Are all databases released today buggy as a result? Do they become buggy, without any code change whatsoever, at the time this new exploit is invented?
He is demonstrably wrong. True, some security problems are bugs, but there are also security problems that are bad design choices, that are misconfigurations, that are counting use of old technology (e.g. RSA 1024), that are poor use cases (nobody follows policy, because it is too complex and/or convoluted). You can't secure systems with just code reviews and patching. No way, no how.
You are in the wrong with you believes and you are in the wrong with your behavior. Your infantile behavior and antics are squarely aimed at true believers, since you are not event attempted engaging prior to descending into shrill hysterics. This is why I called it virtue signaling - you are hanging it all out there in all its ugliness, shouting "Look, I am one of you, like me!". However, posting as AC makes this whole exercise pointless. You are not convincing anyone, you are not scoring points for the home team, and you are not endearing yourself to anyone. In other words, you miserably failed again, like you always do, no matter how hard you try.
I am fairly sure you are not doing virtue signaling right, how are you going to claim your rightink credit when posting as AC?
Everyone on ./ knows that the perpetual motion machine must run on hot grits, as this substance when appropriately applied transitions to strange matter phase.
Feminism infantilize women. They are not allowed to make non-approved decisions like focus on children instead of career, formula feed toddlers, sleep with the boss to get a raise, delegate decision making authority to the husband, and so on.
So when any of this happens, feminist like to pretend that it must have been coerced instead of admitting that women have agency of their lives and can make good and bad decisions.
Also when these kids grow up they will accept privacy violations from the government and corporations, because parents trained them that fake safety is more important than your privacy.
I think it is only fair that age of consent rules should apply to getting sodomized by an insecure IoT.
It is by for more efficient to reduce drag and turbulence then it is to try to harness some power back from turbulence you caused.
I imagine electric trucks, when fully optimized for aerodynamics, will resemble art-deco steam locomotives in appearance.