And it's the developers of all those packages and distros that symlink/bin/sh to bash instead of something minimal and well-audited that we should be screaming at. But "remote root exploit in bash" is sexier (after all, Apple doesn't put procmail on every Mac) so that's what goes in the headline.
...and next time someone goes on a rant about systemd versus "the Unix way", remember that daemons passing input from the network to/bin/sh is part of "the Unix way".
"In a Reddit thread under the title “Every Man Is Responsible For His Own Soul” [sic], Mr Wong wrote: “I did not say ‘we won’t ban any subreddits ever’. I said that we don’t ban subreddits for being morally bad."
Mr. Wong, with all due respect (that's not much for the record). Horse. Fucking. Shit.
If you make a rule against X (and ban X-related subreddits) but not rules against Y and Z, you're making a moral statement that Y and Z are more acceptable than X. There's just no other coherent reading of those rules. If you're trying to make a community where bestiality and racism are considered morally better than leaked celebrity nudes, that's fine - it's your site, but have the spine to fucking own it.
Selling your house or breaking your lease, truck rental and fuel to haul all your shit halfway across the continent, being unemployed for however long it takes to find a job within commuting distance of your new home, etc.
Disclosing the existence of a vulnerability destroys a lot of its value, too. People who can stop using Tails until the issue is sorted out will do so, shutting off whatever intelligence could be gathered from them. If these guys had a real-world exploitable vulnerability and a willingness to sell it to the NSA, they would have sold it and said nothing.
"normal draw is less than 140 watts, put it in standby and get 15 watts"
That's less than 500, but still an order of magnitude more than a set top box should need! IIRC power supply ratings on Apple TV and Roku box are both under 10 watts, real usage is probably 3-5. Add a WD green or similar hard drive (6-8W) and a couple of tuners and encoding ASICS and it still shouldn't break 20 watts at full load.
One device to compromise. If malware infects the LAN-of-things gateway, it can tell your pillows to play deadmau5, tell the lights to flash, and tell the security system to upload shower-cam photos to facebook.
(But then, computer viruses that just annoy the user with sounds and flashing text are deader than dial-up. Connected home malware would probably wait silently for bad weather, then lock you out and demand 0.25 bitcoin to let you back inside, or steal your amazon credentials when the refrigerator orders more milk, or turn on everyone's air conditioner at the same instant to DDoS the power grid.)
Because I already have one Facebook profile, and it's more than enough. I don't want to have to maintain another one just to keep rating Android apps or commenting on Youtube cat videos.
"Yes, we can trace the changelogs in the software & note who was checking the changes and missed them, but that all can be circumvented."
Actually it can't. That's kind of the point of git.
"The fact is we don't know if Heartbleed was an honest mistake or not...we don't know who knew and when..."
We do know who and what and when, because the person who wrote it and the person who signed off on it have commented publicly about the bug.
Maybe you're thinking of Apple's "goto fail" SSL exploit where we really don't know who or what or when and probably never will because it's not likely Apple is going to release their RCS logs.
Zynga paid $180 million for Draw Something's 10 million users, tried to monetize the userbase by adding the sort of pay-to-win "features" that ruined Words With Friends, and they all left.
Personally, I think it would be too easy for a company that has the data on hand, and no concept of "boundaries" or "no, that's creepy" to resist. They already have millions of users complete address books from the find a friend feature, faces of people they know IRL tagged in photos, locations from check-ins, etc. it's just a matter of writing the right queries to tie them all together into a barebones profile. They either built shadow profiles for non-FB-users until the legal complaints started, or they still do but they keep them in US data centers where "your data is our trade secret" trumps "I never agreed to that!".
Re:And if they make me have a Facebook account...
on
Facebook To Buy WhatsApp
·
· Score: 5, Insightful
Too late, you already have a Facebook account, everyone on the internet does.
Is this a money play by Comcast/NBC to get some subscribers back?
Obviously.
Should the FCC step in and require NBC to at least provide a stream of their OTA content?
No, but the IOC should, if they want the games to be a thing Americans still watch in 15-20 years. The FCC already failed when they allowed the anti-competitive Comcast/NBC merger in the first place.
The difference is marginal utility. You can only use one shovel at a time, owning a hundred shovels doesn't let you mine gold any faster than the guy with only one. Someone with a hundred Bitcoin mining rigs can mine 100x as many Bitcoins as somebody with one.
If there's no drop-off in marginal utility as you own more of the machines, and if we assume anyone who has the skills and capital to manufacture ASIC Bitcoin miners obviously has the skills and capital to use them (safe assumption, IMO - the required skills are the ability to lift a computer and plug it in, and the capital is just rack space and electricity), why sell them?
The downside is, if the dickhead in Russia uses your credit card number to order a new iPad, you'll get that money back with only a minor hassle; if your cash is stolen, it's just fucking gone.
What the good guys know will be quoted (inaccurately) on cable news; shoppers and shareholders will find out how badly they're screwed. What the bad guys know stays on obscure forums in.ru.
"Disc" is a non-trademarkable dictionary word for any round, flat object. "Disk" is a shortened form of "Diskette", which was an IBM trademark for 8" floppy disks (and later their 5.25" and 3.5" descendants).
We shall all fly at the lowest common denominator, because that's how the US airline industry works. No airline enforces the rules on carry-on bag size so everyone can get on and off the plane in less than 20 minutes, or offers no-crying-baby flights, or more legroom, or still serves real food in coach. If one allows phone calls, the rest will within a week.
Completely true, if you go to a real source and not the passenger infotainment display. Tune in air traffic control, and there will generally be a) everything spoken in English b) altitude given in feet c) velocity given in knots.
Slashdot Mirror
And it's the developers of all those packages and distros that symlink /bin/sh to bash instead of something minimal and well-audited that we should be screaming at. But "remote root exploit in bash" is sexier (after all, Apple doesn't put procmail on every Mac) so that's what goes in the headline.
...and next time someone goes on a rant about systemd versus "the Unix way", remember that daemons passing input from the network to /bin/sh is part of "the Unix way".
"In a Reddit thread under the title “Every Man Is Responsible For His Own Soul” [sic], Mr Wong wrote: “I did not say ‘we won’t ban any subreddits ever’. I said that we don’t ban subreddits for being morally bad."
Mr. Wong, with all due respect (that's not much for the record). Horse. Fucking. Shit.
If you make a rule against X (and ban X-related subreddits) but not rules against Y and Z, you're making a moral statement that Y and Z are more acceptable than X. There's just no other coherent reading of those rules. If you're trying to make a community where bestiality and racism are considered morally better than leaked celebrity nudes, that's fine - it's your site, but have the spine to fucking own it.
Their business plan was "get acquired by Twitter", and that's not happening.
Nothing goes over your head, eh Drax?
Different features, the 85s and 86s were more for calculus, and the 84 series has more features for statistics.
Selling your house or breaking your lease, truck rental and fuel to haul all your shit halfway across the continent, being unemployed for however long it takes to find a job within commuting distance of your new home, etc.
Maybe, has Netcraft confirmed it yet?
Disclosing the existence of a vulnerability destroys a lot of its value, too. People who can stop using Tails until the issue is sorted out will do so, shutting off whatever intelligence could be gathered from them. If these guys had a real-world exploitable vulnerability and a willingness to sell it to the NSA, they would have sold it and said nothing.
Only 56.5 acres on land, but 395 million acres downrange.
"normal draw is less than 140 watts, put it in standby and get 15 watts"
That's less than 500, but still an order of magnitude more than a set top box should need! IIRC power supply ratings on Apple TV and Roku box are both under 10 watts, real usage is probably 3-5. Add a WD green or similar hard drive (6-8W) and a couple of tuners and encoding ASICS and it still shouldn't break 20 watts at full load.
One device to compromise. If malware infects the LAN-of-things gateway, it can tell your pillows to play deadmau5, tell the lights to flash, and tell the security system to upload shower-cam photos to facebook.
(But then, computer viruses that just annoy the user with sounds and flashing text are deader than dial-up. Connected home malware would probably wait silently for bad weather, then lock you out and demand 0.25 bitcoin to let you back inside, or steal your amazon credentials when the refrigerator orders more milk, or turn on everyone's air conditioner at the same instant to DDoS the power grid.)
Because I already have one Facebook profile, and it's more than enough. I don't want to have to maintain another one just to keep rating Android apps or commenting on Youtube cat videos.
"Yes, we can trace the changelogs in the software & note who was checking the changes and missed them, but that all can be circumvented."
Actually it can't. That's kind of the point of git.
"The fact is we don't know if Heartbleed was an honest mistake or not...we don't know who knew and when..."
We do know who and what and when, because the person who wrote it and the person who signed off on it have commented publicly about the bug.
Maybe you're thinking of Apple's "goto fail" SSL exploit where we really don't know who or what or when and probably never will because it's not likely Apple is going to release their RCS logs.
Ok, how about Draw Something?
Zynga paid $180 million for Draw Something's 10 million users, tried to monetize the userbase by adding the sort of pay-to-win "features" that ruined Words With Friends, and they all left.
Facebook says they don't, law suits against Facebook Ireland say they do (and that it's a violation of EU data privacy laws).
Personally, I think it would be too easy for a company that has the data on hand, and no concept of "boundaries" or "no, that's creepy" to resist. They already have millions of users complete address books from the find a friend feature, faces of people they know IRL tagged in photos, locations from check-ins, etc. it's just a matter of writing the right queries to tie them all together into a barebones profile. They either built shadow profiles for non-FB-users until the legal complaints started, or they still do but they keep them in US data centers where "your data is our trade secret" trumps "I never agreed to that!".
Too late, you already have a Facebook account, everyone on the internet does.
You just don't know the password yet.
Is this a money play by Comcast/NBC to get some subscribers back?
Obviously.
Should the FCC step in and require NBC to at least provide a stream of their OTA content?
No, but the IOC should, if they want the games to be a thing Americans still watch in 15-20 years. The FCC already failed when they allowed the anti-competitive Comcast/NBC merger in the first place.
The difference is marginal utility. You can only use one shovel at a time, owning a hundred shovels doesn't let you mine gold any faster than the guy with only one. Someone with a hundred Bitcoin mining rigs can mine 100x as many Bitcoins as somebody with one.
If there's no drop-off in marginal utility as you own more of the machines, and if we assume anyone who has the skills and capital to manufacture ASIC Bitcoin miners obviously has the skills and capital to use them (safe assumption, IMO - the required skills are the ability to lift a computer and plug it in, and the capital is just rack space and electricity), why sell them?
Opera users typically were hardcore about it, and would only let go when you pried their cold dead hand away from it.
Truly, Opera is the Eudora of the web browser world.
Mercedes bursts into flames on the freeway? Doesn't make the news.
Tesla bursts into flames on the freeway? Front page of Slashdot!
Chevy won't start when it's minus 40 degrees? "Yup. They do that."
Tesla won't charge when it's minus 40 degrees? Front page of Slashdot!
Whatever the shadowy consortium of conventional car dealers is paying you guys, it's worth every penny. Keep it up.
The downside is, if the dickhead in Russia uses your credit card number to order a new iPad, you'll get that money back with only a minor hassle; if your cash is stolen, it's just fucking gone.
It is for Target management!
What the good guys know will be quoted (inaccurately) on cable news; shoppers and shareholders will find out how badly they're screwed. What the bad guys know stays on obscure forums in .ru.
That's backwards.
"Disc" is a non-trademarkable dictionary word for any round, flat object.
"Disk" is a shortened form of "Diskette", which was an IBM trademark for 8" floppy disks (and later their 5.25" and 3.5" descendants).
We shall all fly at the lowest common denominator, because that's how the US airline industry works. No airline enforces the rules on carry-on bag size so everyone can get on and off the plane in less than 20 minutes, or offers no-crying-baby flights, or more legroom, or still serves real food in coach. If one allows phone calls, the rest will within a week.
Completely true, if you go to a real source and not the passenger infotainment display. Tune in air traffic control, and there will generally be a) everything spoken in English b) altitude given in feet c) velocity given in knots.