Personally I read at -1, Raw and Uncut because I'm a masochist and often find some funny stuff down in the gutter.
I usually read at +3 or +4, but I give extra +5 score to flamebaits. I started doing it years ago after reading about the idea from somebody else. Those posts are funny/interesting often enough that I haven't reverted it.
Maybe then we'll get proper application whitelisting / sandboxing by default in a desktop OS. And, hell, why do applications get the run of every file I use under my account? Should they not have to request such things first? Even on Unix-likes, if you get on as my user, you can trash all my data - why?
The answer is functionality. Let's consider the example of Android, an OS with a fairly recent security model, built on top of Linux which provides for chroot. Why not put apps into their own chroot jail by default? Seems like a good idea, right? How do you explain to Grandma why she can't upload photos from her camera's image gallery to Facebook? Oh, you'll solve that problem by putting the photos in a public directory? Okay, that eliminates the functionality concern, but now you're right back where you started with exposure to ransomware....
Not necessarily. This can be solved by having a standard privileged file open/save dialog that grants the access automatically to apps based on user input. Of course that limits the UI designs in some ways.. I wrote some ideas 11 years ago how something like this could be done. Partially obsolete nowadays though but still could be doable (except for the web browser parts - web security seems to be a lost cause already). Perhaps once these kind of worse malwares start happening people would finally implement a more secure desktop. There's no reason why I shouldn't be able to easily run whatever program I want without it breaking my computer.
Sorry for advertising my own product, but pretty much on topic here.:) Buy two (cheap) servers from completely different networks / data center providers, and keep them replicated with http://wiki2.dovecot.org/Replication. You can set up MX records to both of them, and use DNS to switch between the replicas for IMAP/POP3 as needed. Either one of the data centers can die and your mail won't stop working. Or keep one of the replicas in local network and your mail keeps working even if your internet connection dies.
(Then you'll only need to hope that there are no software bugs bringing down everything.)
Re:Collateralized vs Non-Collateralized Loans
on
Let Them Eat Teslas
·
· Score: 1
Dunno how it works in Germany, but I think the people should be able to decide for themselves what kind of education they want, whenever they want (+- a few years). And maybe more importantly: If you decide wrong at some point, you should be able to switch if you're good enough. I think the way it works in Finland is good enough. I dropped out of high school (wanted to code all nights), finished it 7 years later when I had more motivation, had no problem getting into university trying out something new interesting I re-learned at high school (biotech!), then deciding it wasn't really worth the trouble and switching back to computer science and getting a BSc out of it. The high school and college stories I hear from the US are pretty depressing usually.
Until some laptop has MagSafe or similar I won't even consider it. I remember too well when I used to trip over the power cords and drag my laptop on the floor. Or break the power plug because it got twisted when moving the laptop in a bad direction. Or stepping on the power plug and breaking it. (Yeah, I don't treat my laptops all that well.)
Any time you join an existing project you have to learn how to use its libraries, this is no different. Yeah, maybe you'll save a few hours of learning time if some of it is standardized by the base language. If that becomes a real issue with someone you probably shouldn't have hired him/her anyway.
I'm not sure what you mean. It's possible to have arrays of ints, floats and everything. Looks to me like your idea would assume that array works only on structs? Anyway here's the implementation: http://hg.dovecot.org/dovecot-2.1/file/tip/src/lib/array.h
Well, that kind of GENERATE_SORT() seems very ad-hoc way to do it and very specific to a sort.. My method looks more like this (dynamically growing type safe arrays):
It's also very hard to write type safe code properly in C. Just look at the classic example of the unsafe qsort versus the safer and faster std::sort.
You can do all kinds of nifty stuff with macros and gcc/clang extensions to provide type safety to C. Yeah, if you don't already have a library for that it can be a bit difficult to write one (or find one you like). But once you have the library it's very easy to write (mostly) type safe code with C. For example I have a type safe array_sort() in C.
But every implementation I've seen of a QR code reader in Android and IOS also gives you the option to inspect the content visually before acting on it. They ask if you want to proceed.
Of course one could argue the click-thru generation does not know enough to evaluate the content, but then these are the same people that no amount of malware/antivirus software can protect.
Is the confirmation something like OK/Cancel? I also tend to click OK buttons without hardly even reading them. That's why potentially security sensitive questions shouldn't have such simple buttons, but rather two (radio?) buttons that require you to read (and hopefully understand) what you're doing, such as: "Replace network settings from QR" and "Keep the existing network settings".
Yes, there are some advantages to using SQL database, like I said.. But I highly doubt "huge speed advantage" is one of them, unless you compare to a really badly set up system. I know people have switched from DBMail to Dovecot simply because Dovecot is so much faster..
Email isn't stored in SQL, because typically it's rather pointless. Full text search indexing doesn't require SQL, and it's more efficient without SQL anyway. There are some good use cases for storing emails in SQL database, but efficiency isn't one of them.
I wasn't planning on fixing all of security problems, but the typical case of clicking open random email attachments or running random programs from internet should and could be made safe, while still keeping the user interface user friendly. Those are the reasons for most of today's security problems.
SELinux doesn't address the problem. I agree with grandparent, although I think the focus should be more about on the UI side. The really low level implementation could perhaps be addressed with SELinux, but it's not a practical solution for any GUI app currently. For example how would you prevent Open Office from deleting everything in your home dir with SELinux, while still allowing it to read and write arbitrary documents? Yeah, you can't unless you manually go changing the labels every time you want to write somewhere.
The apps can tell the firewall to open up a port for a period of time and then shut it back down.
I mean, it sounds almost like they could listen() a specific port, and once they're done with it, they could close() it! If all applications could always do this automatically, I think we could actually get rid of manual firewall configuration entirely!
Obvious non native English speakers do not understand that "then" is a form of time and "than" is a form of consequence.
I'm pretty sure it's the native speakers who have the most trouble with this. Many foreign countries teach English primarily by reading and writing it. Then the than/then difference is obvious. It's only when you learn English by listening that you have trouble with this. I only started having these kind of accidents once I started thinking/speaking fluently in English (not just then/than, but things like file/fail).
Oh yes, I am a native Dutch speaker.
Maybe they teach you English differently down there than in Finland:)
Look at the first "Look and feel" dialog. What the hell is that "cancel" button doing in there? There are two choices. One of them is already selected, but the OK button is greyed out. I think, since I've never used Vista.. Even if that greying out means it's simply not focused, what is the purpose of the OK/Cancel there? Does the cancel mean the same as the second option? Does it mean it's going to ask you again the next time? It should be clearly said there, not left to user's guesstimation. I guess it's an improvement, but that page is definitely not something that should be pointed to as an example of good UI design.
>>>Hitting reply-all on old emails destroys threading on pretty much all clients that support it.
(1) Don't care because it saves me typing ~50 emails. (2) Not if you change the subject. Then it starts a new thread.
No it doesn't. If you hit reply button, it adds In-Reply-To: and/or References: headers, so your new message will still show up as belonging to an old thread. Changing the subject doesn't change this in any email clients I know of.
Q: What other artificial life/intelligence projects are you keeping tabs on? What should we be excited about? A: Oh, I’m the wrong person to ask. I try not to look....and then he goes on about not wanting to be "polluted" as an artist. While claiming this is not a game, but research.
Research and science, that is uninterested in what is being done in the field... I have a hard time coming up with something that fits that bill except pseudo-science.
Well, considering how awesome all the AIs that all the REAL researchers have already managed to produce, I'm shocked that anyone even considers trying any alternative approaches, without even thinking about how such magnificent beings came into existence. I mean, how could you possibly compete with the researchers' AIs that just in a few more years will already be available for everyone to run in their own computers, performing all kinds of complex tasks only by describing them to the AI. As a programmer myself, I fear it's the end of my days as the recently developed AIs will soon out-program myself, generating perfect code and design themselves.
1. An Echange replacement. Not 8 things I can lash up to work but a single system that is easy to install that offers all the features of Exchange with none of the pain. Oh and it must work with Outlook and should have a good client that does everything Outlook does plus a good web interface.
Fully open source Exchange replacement is finally available, thanks to SOGo and Openchange people: http://www.sogo.nu/english.html
It's also awesome that it can use your existing IMAP server for mail storage rather than reimplementing its own. Also if you don't want to lash up 8 things together, they have all-in-one package you can install.
By default sudo gives just an error about "switch your device to R&D mode if you want to break your device". You have to install a separate gainroot package to do it without R&D mode. Anyone who does either of those should be experienced enough to realize what the consequences are.
Of course, allowing ALL users rather than just the normal "user" to get root privileges is worse. And yes, a quick look at/etc/sudoers does look as if any user could simply do that. But I just tried:
1. start xterm 2. sudo gainroot 3. su (some other user than "user") 4. sudo gainroot -> it asks for password! 5. su user 6. sudo gainroot -> it works (just as in step 2)
So the user named "user" apparently is checked in (all? of) those scripts that sudo is allowed to execute. It's perfect. Just what you'd expect.
Slashdot Mirror
Personally I read at -1, Raw and Uncut because I'm a masochist and often find some funny stuff down in the gutter.
I usually read at +3 or +4, but I give extra +5 score to flamebaits. I started doing it years ago after reading about the idea from somebody else. Those posts are funny/interesting often enough that I haven't reverted it.
Maybe then we'll get proper application whitelisting / sandboxing by default in a desktop OS. And, hell, why do applications get the run of every file I use under my account? Should they not have to request such things first? Even on Unix-likes, if you get on as my user, you can trash all my data - why?
The answer is functionality. Let's consider the example of Android, an OS with a fairly recent security model, built on top of Linux which provides for chroot. Why not put apps into their own chroot jail by default? Seems like a good idea, right? How do you explain to Grandma why she can't upload photos from her camera's image gallery to Facebook? Oh, you'll solve that problem by putting the photos in a public directory? Okay, that eliminates the functionality concern, but now you're right back where you started with exposure to ransomware....
Not necessarily. This can be solved by having a standard privileged file open/save dialog that grants the access automatically to apps based on user input. Of course that limits the UI designs in some ways.. I wrote some ideas 11 years ago how something like this could be done. Partially obsolete nowadays though but still could be doable (except for the web browser parts - web security seems to be a lost cause already). Perhaps once these kind of worse malwares start happening people would finally implement a more secure desktop. There's no reason why I shouldn't be able to easily run whatever program I want without it breaking my computer.
Sorry for advertising my own product, but pretty much on topic here. :) Buy two (cheap) servers from completely different networks / data center providers, and keep them replicated with http://wiki2.dovecot.org/Replication. You can set up MX records to both of them, and use DNS to switch between the replicas for IMAP/POP3 as needed. Either one of the data centers can die and your mail won't stop working. Or keep one of the replicas in local network and your mail keeps working even if your internet connection dies.
(Then you'll only need to hope that there are no software bugs bringing down everything.)
Dunno how it works in Germany, but I think the people should be able to decide for themselves what kind of education they want, whenever they want (+- a few years). And maybe more importantly: If you decide wrong at some point, you should be able to switch if you're good enough. I think the way it works in Finland is good enough. I dropped out of high school (wanted to code all nights), finished it 7 years later when I had more motivation, had no problem getting into university trying out something new interesting I re-learned at high school (biotech!), then deciding it wasn't really worth the trouble and switching back to computer science and getting a BSc out of it. The high school and college stories I hear from the US are pretty depressing usually.
My laptop comparisons nowadays:
Apple laptop:
MagSafe
Non-Apple laptop:
Non-MagSafe
Until some laptop has MagSafe or similar I won't even consider it. I remember too well when I used to trip over the power cords and drag my laptop on the floor. Or break the power plug because it got twisted when moving the laptop in a bad direction. Or stepping on the power plug and breaking it. (Yeah, I don't treat my laptops all that well.)
Any time you join an existing project you have to learn how to use its libraries, this is no different. Yeah, maybe you'll save a few hours of learning time if some of it is standardized by the base language. If that becomes a real issue with someone you probably shouldn't have hired him/her anyway.
I'm not sure what you mean. It's possible to have arrays of ints, floats and everything. Looks to me like your idea would assume that array works only on structs? Anyway here's the implementation: http://hg.dovecot.org/dovecot-2.1/file/tip/src/lib/array.h
Well, that kind of GENERATE_SORT() seems very ad-hoc way to do it and very specific to a sort.. My method looks more like this (dynamically growing type safe arrays):
#include "array.h" .. .. ..
int foobar_cmp(const struct foobar *f1, const struct foobar *f2);
ARRAY_DEFINE(foobars, struct foobar);
struct foobar f;
array_init(&foobars, 16);
array_append(&foobars, &f);
array_sort(&foobars, foobar_cmp);
I don't think that's much different (or more difficult) from how you'd do it with C++ templates. Of course implementing array.h is easier with C++.
It's also very hard to write type safe code properly in C. Just look at the classic example of the unsafe qsort versus the safer and faster std::sort.
You can do all kinds of nifty stuff with macros and gcc/clang extensions to provide type safety to C. Yeah, if you don't already have a library for that it can be a bit difficult to write one (or find one you like). But once you have the library it's very easy to write (mostly) type safe code with C. For example I have a type safe array_sort() in C.
I kinda did in my next sentence, but whatever..
But every implementation I've seen of a QR code reader in Android and IOS also gives you the option to inspect the content visually before acting on it. They ask if you want to proceed.
Of course one could argue the click-thru generation does not know enough to evaluate the content, but then these are the same people that no amount of malware/antivirus software can protect.
Is the confirmation something like OK/Cancel? I also tend to click OK buttons without hardly even reading them. That's why potentially security sensitive questions shouldn't have such simple buttons, but rather two (radio?) buttons that require you to read (and hopefully understand) what you're doing, such as: "Replace network settings from QR" and "Keep the existing network settings".
Yes, there are some advantages to using SQL database, like I said.. But I highly doubt "huge speed advantage" is one of them, unless you compare to a really badly set up system. I know people have switched from DBMail to Dovecot simply because Dovecot is so much faster..
Email isn't stored in SQL, because typically it's rather pointless. Full text search indexing doesn't require SQL, and it's more efficient without SQL anyway. There are some good use cases for storing emails in SQL database, but efficiency isn't one of them.
I wasn't planning on fixing all of security problems, but the typical case of clicking open random email attachments or running random programs from internet should and could be made safe, while still keeping the user interface user friendly. Those are the reasons for most of today's security problems.
SELinux doesn't address the problem. I agree with grandparent, although I think the focus should be more about on the UI side. The really low level implementation could perhaps be addressed with SELinux, but it's not a practical solution for any GUI app currently. For example how would you prevent Open Office from deleting everything in your home dir with SELinux, while still allowing it to read and write arbitrary documents? Yeah, you can't unless you manually go changing the labels every time you want to write somewhere.
I thought about how to implement an actually secure operating system in 2004, where you could safely just run any random program from internet, but no one cared to listen and I moved on.
The apps can tell the firewall to open up a port for a period of time and then shut it back down.
I mean, it sounds almost like they could listen() a specific port, and once they're done with it, they could close() it! If all applications could always do this automatically, I think we could actually get rid of manual firewall configuration entirely!
So .. If you can only run Mac apps from the Mac app store, how do you develop the Mac apps in the first place, if not using your Mac?
Oh, just read 0olong's comment. That explains it then. Only native english people and dutch have this problem. :)
Obvious non native English speakers do not understand that "then" is a form of time and "than" is a form of consequence.
I'm pretty sure it's the native speakers who have the most trouble with this. Many foreign countries teach English primarily by reading and writing it. Then the than/then difference is obvious. It's only when you learn English by listening that you have trouble with this. I only started having these kind of accidents once I started thinking/speaking fluently in English (not just then/than, but things like file/fail).
Oh yes, I am a native Dutch speaker.
Maybe they teach you English differently down there than in Finland :)
Look at the first "Look and feel" dialog. What the hell is that "cancel" button doing in there? There are two choices. One of them is already selected, but the OK button is greyed out. I think, since I've never used Vista.. Even if that greying out means it's simply not focused, what is the purpose of the OK/Cancel there? Does the cancel mean the same as the second option? Does it mean it's going to ask you again the next time? It should be clearly said there, not left to user's guesstimation. I guess it's an improvement, but that page is definitely not something that should be pointed to as an example of good UI design.
>>>Hitting reply-all on old emails destroys threading on pretty much all clients that support it.
(1) Don't care because it saves me typing ~50 emails.
(2) Not if you change the subject. Then it starts a new thread.
No it doesn't. If you hit reply button, it adds In-Reply-To: and/or References: headers, so your new message will still show up as belonging to an old thread. Changing the subject doesn't change this in any email clients I know of.
Q: What other artificial life/intelligence projects are you keeping tabs on? What should we be excited about? ...and then he goes on about not wanting to be "polluted" as an artist. While claiming this is not a game, but research.
A: Oh, I’m the wrong person to ask. I try not to look.
Research and science, that is uninterested in what is being done in the field... I have a hard time coming up with something that fits that bill except pseudo-science.
Well, considering how awesome all the AIs that all the REAL researchers have already managed to produce, I'm shocked that anyone even considers trying any alternative approaches, without even thinking about how such magnificent beings came into existence. I mean, how could you possibly compete with the researchers' AIs that just in a few more years will already be available for everyone to run in their own computers, performing all kinds of complex tasks only by describing them to the AI. As a programmer myself, I fear it's the end of my days as the recently developed AIs will soon out-program myself, generating perfect code and design themselves.
I bet phishers will love this feature...
Well, google probably fares much better for most people than typing the URL directly. There's a reason why scammers register typoed URLs.
Then there are of course a lot of people who already use google to type any web addresses, not realizing there's even such a thing as URL bar.
1. An Echange replacement. Not 8 things I can lash up to work but a single system that is easy to install that offers all the features of Exchange with none of the pain. Oh and it must work with Outlook and should have a good client that does everything Outlook does plus a good web interface.
Fully open source Exchange replacement is finally available, thanks to SOGo and Openchange people: http://www.sogo.nu/english.html
It's also awesome that it can use your existing IMAP server for mail storage rather than reimplementing its own. Also if you don't want to lash up 8 things together, they have all-in-one package you can install.
By default sudo gives just an error about "switch your device to R&D mode if you want to break your device". You have to install a separate gainroot package to do it without R&D mode. Anyone who does either of those should be experienced enough to realize what the consequences are.
Of course, allowing ALL users rather than just the normal "user" to get root privileges is worse. And yes, a quick look at /etc/sudoers does look as if any user could simply do that. But I just tried:
1. start xterm
2. sudo gainroot
3. su (some other user than "user")
4. sudo gainroot -> it asks for password!
5. su user
6. sudo gainroot -> it works (just as in step 2)
So the user named "user" apparently is checked in (all? of) those scripts that sudo is allowed to execute. It's perfect. Just what you'd expect.