not as much, but still (for planning to use the MS key). It's a very bad position we (Free Software) are in with Restricted/Secure boot. I think it's time the Linux friendly vendors really get behind CoreBoot [http://www.coreboot.org/Welcome_to_coreboot] and let us be truly independent.
As it is setup right now: Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own. Not all vendors may support letting users add their own keys. (and even if they do it certainly complicates a fresh install). ARM will be completely locked down if vendors want MS to run on it. If you use the Microsoft key, they can revoke your access (they likely need cause, but still)
You have to contact them... that doesn't seem so outrageous.. and they are willing to give you a proprietary license for a cost, (likely relative to how big a project or some other metric)
FastLZ is really fast, but compresses less well then zip, is MIT License... 7-Zip is LGPL. and LZJB looks like it is CDDL, which is also a weak copyleft license..
Whoever built Flame, who likely doesn't care about licenses at all, choose this.. That is a pretty good indicator it was the best tool (or easiest) for the job. They certainly could have afforded paying for something else.
Umm.. the developers behind Flame were able to hijack Windows update, gain access to a Microsoft code signing and website signing key, stay undetected in the wild for at least 2+ years.
But System Restore 2.0 is going to stop them? Your average piece of malware can survive a system restore...
From the article: Unsurprisingly, people who change their password from time to time tend to select the strongest ones.
That actually is surprising to me... Although I guess storing passwords in Firefox (w/ Sync), and having them be very long (32 random characters+), might not be a common demographic...
I'm no fan of.NET, but I'm pretty sure the Mono developers aren't the only ones using it.
He is saying there is no future for Silverlight (the.NET based web plugin), not all of.NET. And that they won't put resouces into developing Moonlight (the open source version of Silverlight).
...or maybe I was the only one confused by the summary....
I know of two sites that use Silverlight, netflix and xfinity. They both use it just for the Microsoft DRM, afaik.
I forgot to mention ZaReason also has a sale page, with some great steals sometimes, they occasionally put laptops there as well.. https://zareason.com/shop/Sale/
My only actual experience with one of the above vendors is ZaReason and it was a desktop (my current desktop working very nicely still).
On an old dell P4 with 512 MB of ram: Firefox can play a YouTube video (at 360p) no problem, with multiple tabs open. Now if you were saying it can't play 1080p, I would completely agree (it can't even play 480p).
On a low end machine, I find modern version of Firefox to be much better [faster/uses less memory] than Chrome. (Especially when playing Flash content).
Wolfram Alpha, "Mobile phones ranked by Best Buy customer review average and customer review count:"
Currently HTC Trophy is first followed by an iPhone.
The winning phone has maybe 23 reviews (http://www.bestbuy.com/site/searchpage.jsp?_dyncharset=ISO-8859-1&_dynSessConf=-1144113708518003664&id=pcat17071&type=page&st=htc+trophy&sc=Global&cp=1&nrp=15&sp=&qp=&list=n&iht=y&usc=All+Categories&ks=960). Which must be highly significant .
The most interesting thing to me here is, that BestBuy.com reviews can be exploited to influence Siri users....
Not to jump on SpryGuy or anything but I have noticed a bunch of people posting about Windows Phone on here.
It's really not a very interesting OS, what Nokia had previous to the Microsoft "buyout" was: http://swipe.nokia.com/
I do agree we need more competition doing well in the marketplace than Android and iStuff, but can we not get stuck with another propriatary OS that doesn't even allow GPL licensed software to compete?
It's even worse when you consider the sites using mixed content, which passed with flying colors on the analysis. To do a proper test you really need to check every page that uses SSL.
Fixing Mixed content is not always so difficult, we replaced image links to use "//" instead of "http://", which allows it to use whatever protocol you are already using. This also works if you still might need to fall back to http:/// for whatever archaic reason (or for us development).
My very limited understanding was that evolution really could only work if the survivors were of reproductive age. If they are great at surviving and making children then it would work, otherwise not.
Ah.. fine I read the article: "The probable existence of lots of prehistoric middle-aged people means that natural selection had plenty to work on. Those with beneficial traits would have been more successful at nurturing their children to reproductive age and helping provide for their grandchildren, and hence would have passed on those traits to their descendants. As a result, modern middle age is the result of millennia of natural selection."
So really it's grandparents that this article is really getting at. Middle aged for the purpose of having your offspring's offspring survive. That actually makes sense.
"The old data is always copied over, regardless of whether the new size will be enough. This allows us to turn this truncation into what is effectively:
memcpy(heap_buffer, , );"
Letting the attacker write to arbitrary/unexpected memory is always a security issue... [I guess it might not be easily exploitable in all cases based on system setup/random memory allocation, etc though]
"Carmakers themselves have trouble with software--Fisker has issued a recall and apology recently with its Karma". Perhaps they should not be allowed to use proprietary software code. Opening up the code allows for more control by the people who actually own the cars.
Furthermore, in many incidents like the Toyota acceleration issue, having open code/data is essential for proper investigations and accident reconstruction.
I for one, really do want to buy a car running on a RMS style of software freedom. I'm trusting my life to this car, I want to increase the chances a bug will be caught. I don't even necessarily want to make any modifications without the car companies blessing. At the end of the day, I'm spending >$20,000 on this thing, I want and should have control of it.
So.. which car companies/cars are the most easy to modify by the owners? Have any car companies embraced this? If not for underlying systems, how about at least for the GPS/Infotainment systems?
Slashdot Mirror
http://gs.statcounter.com/ is my goto site for this. It has IE at 32% http://gs.statcounter.com/#browser-ww-daily-20120702-20120708-bar
not as much, but still (for planning to use the MS key). It's a very bad position we (Free Software) are in with Restricted/Secure boot. I think it's time the Linux friendly vendors really get behind CoreBoot [http://www.coreboot.org/Welcome_to_coreboot] and let us be truly independent.
As it is setup right now:
Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own.
Not all vendors may support letting users add their own keys. (and even if they do it certainly complicates a fresh install).
ARM will be completely locked down if vendors want MS to run on it.
If you use the Microsoft key, they can revoke your access (they likely need cause, but still)
Sorry no.. almost anyone but the ISPs.. I want my ISP to be as close to a dumb pipe as it can be.
Silver Bullet for a Privacy Nightmare?
I would watch one or two targeted ads for 1 hour of TV. Otherwise, I have less boring things to do with my time.
for those curious what they meant by "commercial friendly open source".
http://www.apache.org/licenses/LICENSE-2.0.html
https://www.browserid.org/
It's the closest I've seen to SSH Keys. That's all I want, SSH Keys for web auth.
I need to do better at maintaining this site.. but it is dedicated to Ending the Corn Subsidies.
https://endcornsubsidy.wordpress.com/help/politics/
It does seem insane to be taxing and subsidizing the same thing.... However, it is at different levels of government..
On the good side, President Obama supports getting rid of some of these direct farm subsidies: http://www.whitehouse.gov/blog/2011/09/19/someday-now-direct-farm-payments-and-president-s-plan-economic-growth-and-deficit-re
Now we just need congress to act...
You have to contact them... that doesn't seem so outrageous.. and they are willing to give you a proprietary license for a cost, (likely relative to how big a project or some other metric)
FastLZ is really fast, but compresses less well then zip, is MIT License... 7-Zip is LGPL. and LZJB looks like it is CDDL, which is also a weak copyleft license..
Whoever built Flame, who likely doesn't care about licenses at all, choose this.. That is a pretty good indicator it was the best tool (or easiest) for the job. They certainly could have afforded paying for something else.
Umm.. the developers behind Flame were able to hijack Windows update, gain access to a Microsoft code signing and website signing key, stay undetected in the wild for at least 2+ years.
But System Restore 2.0 is going to stop them? Your average piece of malware can survive a system restore...
From the article: Unsurprisingly, people who change their password from time to time tend to select the strongest ones.
That actually is surprising to me... Although I guess storing passwords in Firefox (w/ Sync), and having them be very long (32 random characters+), might not be a common demographic...
I'm no fan of .NET, but I'm pretty sure the Mono developers aren't the only ones using it.
He is saying there is no future for Silverlight (the .NET based web plugin), not all of .NET. And that they won't put resouces into developing Moonlight (the open source version of Silverlight).
I know of two sites that use Silverlight, netflix and xfinity. They both use it just for the Microsoft DRM, afaik.
I forgot to mention ZaReason also has a sale page, with some great steals sometimes, they occasionally put laptops there as well..
https://zareason.com/shop/Sale/
My only actual experience with one of the above vendors is ZaReason and it was a desktop (my current desktop working very nicely still).
both have nice websites with the obvious base choices for you being:
https://zareason.com/shop/Strata-6770.html
Stock at $849
with a 160GB SSD comes to $1,148
and for me the winner would be:
https://www.system76.com/laptops/model/gazp7
3rd Generation Intel Core i7-3610QM Processor
Stock at $899
With 180 GB SSD comes $1178
Btw, for what you are asking for, your budget seems high actually :).
On an old dell P4 with 512 MB of ram:
Firefox can play a YouTube video (at 360p) no problem, with multiple tabs open. Now if you were saying it can't play 1080p, I would completely agree (it can't even play 480p).
On a low end machine, I find modern version of Firefox to be much better [faster/uses less memory] than Chrome. (Especially when playing Flash content).
Wolfram Alpha, "Mobile phones ranked by Best Buy customer review average and customer review count:"
Currently HTC Trophy is first followed by an iPhone.
The winning phone has maybe 23 reviews (http://www.bestbuy.com/site/searchpage.jsp?_dyncharset=ISO-8859-1&_dynSessConf=-1144113708518003664&id=pcat17071&type=page&st=htc+trophy&sc=Global&cp=1&nrp=15&sp=&qp=&list=n&iht=y&usc=All+Categories&ks=960). Which must be highly significant .
The most interesting thing to me here is, that BestBuy.com reviews can be exploited to influence Siri users....
US used to be a place where migrants could actually feel welcome but those times are firmly in the past.
When, exactly was this?
http://www.dosomething.org/tipsandtools/background-discrimination-against-immigrants
Not to jump on SpryGuy or anything but I have noticed a bunch of people posting about Windows Phone on here.
It's really not a very interesting OS, what Nokia had previous to the Microsoft "buyout" was: http://swipe.nokia.com/
I do agree we need more competition doing well in the marketplace than Android and iStuff, but can we not get stuck with another propriatary OS that doesn't even allow GPL licensed software to compete?
It's even worse when you consider the sites using mixed content, which passed with flying colors on the analysis. To do a proper test you really need to check every page that uses SSL.
More about mixed content: https://www.eff.org/https-everywhere/deploying-https
Fixing Mixed content is not always so difficult, we replaced image links to use "//" instead of "http://", which allows it to use whatever protocol you are already using. This also works if you still might need to fall back to http:/// for whatever archaic reason (or for us development).
This specific new updater is Windows only. Linux hasn't had this issue as long as your disto actually keeps up with Firefox releases (most do now).
So yea.. as long as you aren't running Mac OS...
My very limited understanding was that evolution really could only work if the survivors were of reproductive age. If they are great at surviving and making children then it would work, otherwise not.
Ah.. fine I read the article:
"The probable existence of lots of prehistoric middle-aged people means that natural selection had plenty to work on. Those with beneficial traits would have been more successful at nurturing their children to reproductive age and helping provide for their grandchildren, and hence would have passed on those traits to their descendants. As a result, modern middle age is the result of millennia of natural selection."
So really it's grandparents that this article is really getting at. Middle aged for the purpose of having your offspring's offspring survive. That actually makes sense.
I'm posting to cancel out a bad moderation.... yay :/
http://teamphoenicia.blogspot.com/ An extra dot/broken link.
From TFA:
"The old data is always copied over, regardless of whether the new size will be
enough. This allows us to turn this truncation into what is effectively:
memcpy(heap_buffer, , );"
Letting the attacker write to arbitrary/unexpected memory is always a security issue... [I guess it might not be easily exploitable in all cases based on system setup/random memory allocation, etc though]
"Carmakers themselves have trouble with software--Fisker has issued a recall and apology recently with its Karma". Perhaps they should not be allowed to use proprietary software code. Opening up the code allows for more control by the people who actually own the cars.
Furthermore, in many incidents like the Toyota acceleration issue, having open code/data is essential for proper investigations and accident reconstruction.
I for one, really do want to buy a car running on a RMS style of software freedom. I'm trusting my life to this car, I want to increase the chances a bug will be caught. I don't even necessarily want to make any modifications without the car companies blessing. At the end of the day, I'm spending >$20,000 on this thing, I want and should have control of it.
So.. which car companies/cars are the most easy to modify by the owners? Have any car companies embraced this? If not for underlying systems, how about at least for the GPS/Infotainment systems?
Python is not going to cut it. It's interpreted (i.e. 'too slow').
Go isn't going to cut it either because it's a purely compiled language.
Wait.. what?? What's left?