ProcMon and Top have different uses. I think you are thinking of Process Explorer. ProcMon logs file accesses, registry accesses, and network activity. Very useful for analyzing process behavior and debugging a non-working application.
Google forced bundling of its apps with Google Play Store BECAUSE those apps made Google money. Now that the EU has ruled Google can't bundle the apps, it should not be surprising they are compensating by charging for Play Store. This was foreseen by the internet back when the ruling was made.
And this is likely the reason Google is making this change. Google provided the tools for users to see what things extensions wanted access to, and users did not care. So now Google has to be more selective with their approval process.
The other big reason is the practice of selling legitimate extensions to "developers" who promptly pump it full of malware and push an update to all of the existing users.
It sounds like Google's changes will address these problems and I welcome them.
The worst part is, you're calling it "my stuff". Except it's not, not really. It's a series of numbers in a database on the company's servers that gets temporarily transmuted into pixels on your monitor as long as the company allows it. It'll be interesting to see how digital ownership evolves, since giving users any sort of control over ownership would allow as a side effect infinite duplication of virtual items (since they effectively cost nothing and are worthless without the company controlling the creation and distribution).
If these are Windows users they screwed with the Compatibility Mode options for DPI in order to make the window smaller or bigger. It looked fine until Google did something differently and now the Compatibility Mode options make it look blurry. Turns out using options designed for use on legacy applications only on modern applications introduces problems. Lots of Steam users have similar problems.
Unfortunately most users have proven to be irresponsible when it comes to keeping their PCs secure. Forced Windows Updates and measures like this are the result.
Funny thing, is, Chrome requires a signature too, but I guess Google thought it was too complicated for developers and abstracted it away (the web store signs it for you on upload. Of course, even if Google switched to requiring devs to sign with their own keys, it doesn't matter if you sell your extension to someone; they'll just switch to asking for your key as part of the deal.
I assumed Google's change of language was because apps like, say, Google Maps clearly need to know your location in order to function. Even if you have Location History turned off, that only affects the location history feature. Google Maps has to request maps from your current location, which means the server knows where you are... it has to, for the app to work. This information can easily end up in log files etc as part of the web requests for map data.
But your point is a much stronger ("We are legally required to" is pretty strong!) argument.
I didn't watch it but apparently he did an apology that was not an apology before the additional plagiarism came to light, in which he claimed there was no additional plagiarism..
Did you read the summary? AT&T happily rerouted his text messages, including security codes for use in two-factor authentication, to thieves who stole his cryptocurrency.
You can say "oh SMS two factor isn't secure" all you want, and there ARE ways it's insecure, but none of those ways mattered here because AT&T turned over the phone number to an unauthorized party!
TypeScript compiles to JavaScript while at the same time you can mix it with pure JavaScript. This makes it easy to add TypeScript to an existing project. The fact TypeScript is based off of JS means it is easy for JS developers to learn it. Plus, you have something JS does not have: consistency. Want to use the class keyword in JS? You need to make sure all your supported browsers have implemented it and it'll work. In TypeScript you have several different compile targets depending on your lowest common denominator of JS version support you need.
TypeScript is a good solution to all the problems JS has, the most serious one I think being the lack of compile-type errors, pushing them to more difficult to find and fix runtime errors and logical errors.
Real 2FA does not require your phone number. SMS-based 2FA is known to be flawed and vulnerable to attacks like this. Real 2FA just needs ANY device, a mobile phone is just a good one since you'll usually have it with you and if your PC is infected your phone won't be. As long as this device has an accurate clock and has a way to do an initial sync with the server (usually by scanning a QR code and inputting a test 2FA code to ensure sync was successful), you're good.
...more than you do. I say this every time someone claims to know better than the OS designer. For example, memory defragmenting applications, RAM boosters, memory cleaners... if they did good, it would be probably built into the OS already.
This is a similar case, but even easier to rationalize. The designers went out of their way to warn you and chastise you for yanking out a USB device. They spent time and effort adding these messages in. I would assume they are valid just from that alone.
Windows in particular I can talk about. Many USB thumb drives are slow especially when you sort by lowest price on NewEgg/Amazon and buy one based on the size of the disk alone. So Windows will avoid using the actual device in real time if it can, instead using a cache. If you write data to the device, the data goes to the write cache first, which is then written to the device as fast as possible in the background. This means that file copy dialog will close BEFORE the data is written to the drive.
Now, you can access the properties of the drive and change Windows to not use a cache specifically to make it safer to yank the drive at the cost of making things slower. But either way, why? Just choose the Eject option and let Windows tell you when it's safe to remove the drive. Then you can be sure your data is done being recorded. It also lets you know if there is an application still actively using the drive, which is better than yanking it and seeing the application crash or lose data.
PHP encourages short bursts of code, a remnant of it's non-OOP past. ASP.NET encourages well-organized code. And the VS IDE is awesome. I can't speak to any of the other alternatives like Java but I would expect it to have many of the same advantages of ASP.NET over PHP. Though the one time I worked with Java in a desktop application I disliked how it insisted I had to catch every exception. Sometimes you want SomeObscureException to crash your app since you can't do anything about it anyway.
It breaks down to PHP being much less capable than ASP.NET in its capabilities, though I admit it's been a while since I've used PHP, some of these limitations are built into the basic design of PHP so I'm not sure how they could have improved those aspects since then.
ASP.NET and ASP.NET Core have control of pretty much the entire web server stack (to a point). So you can do things like declare REST APIs and map them to single functions, whereas it is much harder to do that in PHP because first the web server needs to map a request to your PHP script file before you even get control in the first place, so you need to use Apache mod_rewrite or whatever (as opposed to a single line of ASP.NET code embedded with your REST API function.
I think that's really the biggest thing. PHP code starts and ends at the PHP script file and all code is run in the context of a HTTP request. There's no built-in way to do background processing outside of that, and you are writing a collection of scripts, not a full application. In ASP.NET you are writing an APPLICATION, and you get as much control over requests into your application URLs as you need. You can filter requests, add middleware, and your app doesn't even serve static files from disk unless you tell it to.
PHP has also had growing pains, starting out with no OOP support but having such things added eventually and having their APIs eventually converted over to use OOP (I stopped using it before this point so I am not sure how good it is). Also some bad security decisions that had to be corrected have led to things like mysql_escape and mysql_real_escape functions. Meanwhile in.NET you just use SQL parameters and you're good from a security standpoint. It has been awhile so I would hope PHP has SQL parameters now. I can't speak to the current state of PHP from a security standpoint but they've had a rocky journey for sure.
Also as a side note,.NET has EF/EF Core, which is amazing. I fell in love with it. Use any DB you want. Write classes that represent objects. And then EF/EF Core generates DB structures and queries for you; you don't have to deal with any of that. Change the object structure? DBs will be migrated to the new structure. It's pretty much magic. With PHP you're stuck picking a specific database and manually writing queries. If you want objects to represent your records (a database abstraction layer of some sort is a good idea for security reasons) you have to build all that by hand.
Some states have two party consent required for recording, so I can't see this being used in those states. I doubt WalMart will want to have their cashiers remind you every time you visit that everything you say is recorded.
Valve has recently announced they have partnered with a Chinese company to formally bring Steam to China so it's likely Valve is preparing to make sure they're fully compliant in China soon. Source
Well, the problem is some sites are configured such that an affirmative click would not be possible. This is mostly related to site which implement hotlink blocking.
For example, let's say I don't want people hotlinking my downloads so I require the user to load a landing page first so they see they are on my site, and I am providing them with the file. When the page loads, I generate a unique download url for them that will only work once, so hotlinking is not possible. Then the page will redirect them to the link so they get their download.
In your scenario, the browser would be redirected to the file, but then drop the connection once it sees its a file (you don't want to start downloading, after all) and asks the user if they really want to save it, providing the.EXE or.ZIP or whatever file name. Once you hit save the browser repeats its request, but now the server sees you are reusing a link and the hotlink block kicks in, and the browser downloads an error page to an.EXE or.ZIP name. Not very useful.
Lots of free file hosting sites use this model so it's important browsers support it for users who use those sites.
The current method Chrome uses, the file quietly downloads to your Downloads folder in the background while the user makes their choice. If they deny the download, the download is aborted and the file deleted. If it is accepted the download simply keeps going, having gotten a head start.
Chrome will block multiple file downloads from a single user interaction outright. So it sounds like this is just a bug with that functionality failing to handle this extreme case. There is no need to break websites over it.
Slashdot Mirror
ProcMon and Top have different uses. I think you are thinking of Process Explorer. ProcMon logs file accesses, registry accesses, and network activity. Very useful for analyzing process behavior and debugging a non-working application.
ProcMon will show you file access attempts to find a DLL
"It rather involved being on the other side of this airtight hatchway."
Google forced bundling of its apps with Google Play Store BECAUSE those apps made Google money. Now that the EU has ruled Google can't bundle the apps, it should not be surprising they are compensating by charging for Play Store. This was foreseen by the internet back when the ruling was made.
A valid assessment... and, Google's being quite the hypocrite by delivering THEIR OWN search results via http.
Uh, google.com has been HTTPS only for some time now. Not sure what you're talking about,
And this is likely the reason Google is making this change. Google provided the tools for users to see what things extensions wanted access to, and users did not care. So now Google has to be more selective with their approval process.
The other big reason is the practice of selling legitimate extensions to "developers" who promptly pump it full of malware and push an update to all of the existing users.
It sounds like Google's changes will address these problems and I welcome them.
Only a JUDGE has the power to shutdown this endeavor, not some Intern at CBS writing cut-and-paste form letters.
You say this, and yet, the project got shut down. So clearly this is incorrect.
The worst part is, you're calling it "my stuff". Except it's not, not really. It's a series of numbers in a database on the company's servers that gets temporarily transmuted into pixels on your monitor as long as the company allows it. It'll be interesting to see how digital ownership evolves, since giving users any sort of control over ownership would allow as a side effect infinite duplication of virtual items (since they effectively cost nothing and are worthless without the company controlling the creation and distribution).
If these are Windows users they screwed with the Compatibility Mode options for DPI in order to make the window smaller or bigger. It looked fine until Google did something differently and now the Compatibility Mode options make it look blurry. Turns out using options designed for use on legacy applications only on modern applications introduces problems. Lots of Steam users have similar problems.
Unfortunately most users have proven to be irresponsible when it comes to keeping their PCs secure. Forced Windows Updates and measures like this are the result.
Funny thing, is, Chrome requires a signature too, but I guess Google thought it was too complicated for developers and abstracted it away (the web store signs it for you on upload. Of course, even if Google switched to requiring devs to sign with their own keys, it doesn't matter if you sell your extension to someone; they'll just switch to asking for your key as part of the deal.
The VM has no network adapter. So, no internet.
...is TI-84s still cost $100.
I assumed Google's change of language was because apps like, say, Google Maps clearly need to know your location in order to function. Even if you have Location History turned off, that only affects the location history feature. Google Maps has to request maps from your current location, which means the server knows where you are... it has to, for the app to work. This information can easily end up in log files etc as part of the web requests for map data.
But your point is a much stronger ("We are legally required to" is pretty strong!) argument.
I didn't watch it but apparently he did an apology that was not an apology before the additional plagiarism came to light, in which he claimed there was no additional plagiarism..
Did you read the summary? AT&T happily rerouted his text messages, including security codes for use in two-factor authentication, to thieves who stole his cryptocurrency.
You can say "oh SMS two factor isn't secure" all you want, and there ARE ways it's insecure, but none of those ways mattered here because AT&T turned over the phone number to an unauthorized party!
TypeScript compiles to JavaScript while at the same time you can mix it with pure JavaScript. This makes it easy to add TypeScript to an existing project. The fact TypeScript is based off of JS means it is easy for JS developers to learn it. Plus, you have something JS does not have: consistency. Want to use the class keyword in JS? You need to make sure all your supported browsers have implemented it and it'll work. In TypeScript you have several different compile targets depending on your lowest common denominator of JS version support you need.
TypeScript is a good solution to all the problems JS has, the most serious one I think being the lack of compile-type errors, pushing them to more difficult to find and fix runtime errors and logical errors.
Real 2FA does not require your phone number. SMS-based 2FA is known to be flawed and vulnerable to attacks like this. Real 2FA just needs ANY device, a mobile phone is just a good one since you'll usually have it with you and if your PC is infected your phone won't be. As long as this device has an accurate clock and has a way to do an initial sync with the server (usually by scanning a QR code and inputting a test 2FA code to ensure sync was successful), you're good.
...more than you do. I say this every time someone claims to know better than the OS designer. For example, memory defragmenting applications, RAM boosters, memory cleaners... if they did good, it would be probably built into the OS already.
This is a similar case, but even easier to rationalize. The designers went out of their way to warn you and chastise you for yanking out a USB device. They spent time and effort adding these messages in. I would assume they are valid just from that alone.
Windows in particular I can talk about. Many USB thumb drives are slow especially when you sort by lowest price on NewEgg/Amazon and buy one based on the size of the disk alone. So Windows will avoid using the actual device in real time if it can, instead using a cache. If you write data to the device, the data goes to the write cache first, which is then written to the device as fast as possible in the background. This means that file copy dialog will close BEFORE the data is written to the drive.
Now, you can access the properties of the drive and change Windows to not use a cache specifically to make it safer to yank the drive at the cost of making things slower. But either way, why? Just choose the Eject option and let Windows tell you when it's safe to remove the drive. Then you can be sure your data is done being recorded. It also lets you know if there is an application still actively using the drive, which is better than yanking it and seeing the application crash or lose data.
PHP encourages short bursts of code, a remnant of it's non-OOP past. ASP.NET encourages well-organized code. And the VS IDE is awesome. I can't speak to any of the other alternatives like Java but I would expect it to have many of the same advantages of ASP.NET over PHP. Though the one time I worked with Java in a desktop application I disliked how it insisted I had to catch every exception. Sometimes you want SomeObscureException to crash your app since you can't do anything about it anyway.
It breaks down to PHP being much less capable than ASP.NET in its capabilities, though I admit it's been a while since I've used PHP, some of these limitations are built into the basic design of PHP so I'm not sure how they could have improved those aspects since then.
ASP.NET and ASP.NET Core have control of pretty much the entire web server stack (to a point). So you can do things like declare REST APIs and map them to single functions, whereas it is much harder to do that in PHP because first the web server needs to map a request to your PHP script file before you even get control in the first place, so you need to use Apache mod_rewrite or whatever (as opposed to a single line of ASP.NET code embedded with your REST API function.
I think that's really the biggest thing. PHP code starts and ends at the PHP script file and all code is run in the context of a HTTP request. There's no built-in way to do background processing outside of that, and you are writing a collection of scripts, not a full application. In ASP.NET you are writing an APPLICATION, and you get as much control over requests into your application URLs as you need. You can filter requests, add middleware, and your app doesn't even serve static files from disk unless you tell it to.
PHP has also had growing pains, starting out with no OOP support but having such things added eventually and having their APIs eventually converted over to use OOP (I stopped using it before this point so I am not sure how good it is). Also some bad security decisions that had to be corrected have led to things like mysql_escape and mysql_real_escape functions. Meanwhile in .NET you just use SQL parameters and you're good from a security standpoint. It has been awhile so I would hope PHP has SQL parameters now. I can't speak to the current state of PHP from a security standpoint but they've had a rocky journey for sure.
Also as a side note, .NET has EF/EF Core, which is amazing. I fell in love with it. Use any DB you want. Write classes that represent objects. And then EF/EF Core generates DB structures and queries for you; you don't have to deal with any of that. Change the object structure? DBs will be migrated to the new structure. It's pretty much magic. With PHP you're stuck picking a specific database and manually writing queries. If you want objects to represent your records (a database abstraction layer of some sort is a good idea for security reasons) you have to build all that by hand.
Some states have two party consent required for recording, so I can't see this being used in those states. I doubt WalMart will want to have their cashiers remind you every time you visit that everything you say is recorded.
Valve has recently announced they have partnered with a Chinese company to formally bring Steam to China so it's likely Valve is preparing to make sure they're fully compliant in China soon. Source
Well, the problem is some sites are configured such that an affirmative click would not be possible. This is mostly related to site which implement hotlink blocking.
For example, let's say I don't want people hotlinking my downloads so I require the user to load a landing page first so they see they are on my site, and I am providing them with the file. When the page loads, I generate a unique download url for them that will only work once, so hotlinking is not possible. Then the page will redirect them to the link so they get their download.
In your scenario, the browser would be redirected to the file, but then drop the connection once it sees its a file (you don't want to start downloading, after all) and asks the user if they really want to save it, providing the .EXE or .ZIP or whatever file name. Once you hit save the browser repeats its request, but now the server sees you are reusing a link and the hotlink block kicks in, and the browser downloads an error page to an .EXE or .ZIP name. Not very useful.
Lots of free file hosting sites use this model so it's important browsers support it for users who use those sites.
The current method Chrome uses, the file quietly downloads to your Downloads folder in the background while the user makes their choice. If they deny the download, the download is aborted and the file deleted. If it is accepted the download simply keeps going, having gotten a head start.
Chrome will block multiple file downloads from a single user interaction outright. So it sounds like this is just a bug with that functionality failing to handle this extreme case. There is no need to break websites over it.
But... but it's THE CLOUD.
Nothing can possibly happen to your data as long as it's in the cloud. /s