Really, you would pretty much have to have your head up your own ass not to notice it.
Your other examples are minor variations in how to pronounce the same word... how hard should the g be in gnu, how soft should the i be in linux... these are distinctions of accent. Linus is americanized to Lie-nus... so Lie-nux is an americanization of the finnish Linus (Lee-nus) and his Lee-nux.
That applies to Ubuntu as well... I frequently hear it called you-bun-too, which is a pretty reasonable americanization of the native oo-boon-too. I'm fine with either in that case too.
And as for SQL both variations are correct. IBM originally developed Structured English Query Language (SEQUEL)... eventually it was shortened to just (Structured Query Language) SQL but the sequel pronunciation stuck. But there is also nothing wrong with enunciating the SQL acronym as ess-que-ell.
Calling C# C-hash after you've been corrected is like someone looking at the X.org logo, and then insisting on calling it "greater than less than" even after being told its just X.
If you don't use it why would you know what it stands for.
Its one thing not to know what it stands for the first time you see it, and its entirely reasonable to guess c-hash.
But if you start having conversations about c-hash, you'll pretty rapidly run into someone who knows what its called, and they'll let you know its c-sharp.
After that, calling it c-hash is willful ignorance.
It's entirely possible to do a lot of programming and never use it.
Sure and its entirely possible to a lot of eating and only run into words like ganache, coulis, shitake, edamame, crimini, filet mignon, gyoza, pad kee mao,... and if you asked 100 people, you'd likely get a bunch that didn't know how to pronounce some of those.
But there's no "in my neck of the words we pronounce edamame where it rhymes with 'said-its-lame' and where mignon rhymes with 'doggone'.
There are people who don't know how its pronounced, and that might persist a long time if they never hear it spoken. But if they start wandering around talking about it they will run into lots of people who do know how its pronounced, and they will hear the correct pronunciation.
So while I'm fine with the idea that there are programmers out there who have only seen c# listed on job postings or something... if people are wandering around having conversations about c-hash, odds are they've been corrected, and have chosen to keep calling it c-hash anyway.
Actually, its more that the quality of journalism has fallen so low, that I don't automatically trust a journalist to know the difference between transcription, transposition, and transliteration.
I'm somewhat pleased that its not outright capitalising on typosquatting, but I'm not exactly sure what positive benefit transliterations of.net and.com would be to users of the internet.
And the definition of insanity is doing the same thing over and over...and expecting a different outcome.
Its not really that anyone considering voting for obama expects a different outcome, its that they expect an even worse outcome from Romney... and there is nothing insane about that.
Once they have your email address and your contact list they do not need access to your account to send email.
They can send email to your contacts, impersonating you (so that it shows your from address) any number of other ways.
I've seen what you describe happen too, but the point is that shutting the account down doesn't necessarily prevent your contacts from getting spam "from you".
But in that case they wouldn't be able to impersonate him.
Yes they would.
You set up your spambox with the victims address as your from address, and you authenticate against windows live hotmail's smtp with any account credentials you have.
the smtp authentication doesn't force you to use the same from address as the user account you authenticate with.
the recipient just sees the from address. They don't get to see the username/password you used to authenticate with.
So you can still impersonate people.
SPF doesn't complain because the @hotmail.com from address is authorized to send from the servers its sending from.
Did the user perform an innocuous action that lead to the trojan being run?
So if you perform an innocuous action that leads to you getting infected with malware then its a trojan?
Gotcha.
So if the user were to perform an innocuous action like...
If you just connect a vulnerable Mac to the network [a user initiated action, btw] and let it sit...
Then any infection that leads to is a trojan.
QED.
A user could theoretically avoid an infection if they knew that the site was hosting the trojan
True. And a user could also theoretically avoid an infection if they knew the network was teeming with viruses by not connecting to it too.
So yes, even the most classical worm can be accurately described as a trojan if we're willing to contort. After all you can only get a worm if you physically attach your vulnerable PC to an infected network...
"This graph shows that crash risk is minimized for those drivers travelling 10-15 km/h over the average speed. (Average speeds in BC are almost always over posted speeds.) Contrary to popular belief, there are more crashes at slower speeds than at faster speeds."
Further as you can see from the 2nd graph, the average speed is above the posted limit, and vast majority of people travel above the posted speed limit.
I drive. I drive a lot. I just must be a better driver than you because I don't speed,
You can see on the second chart that the average speed is approximately 95km/h, 5km/h above the posted speed.
On a typical highway in Canada you therefore would be proudly deviating from the average speed by about -5km/h.
Fom the first chart, we can see that the crash risk of driving at -5km is quite a bit higher than then the minimum crash risk.
Moreover we can see that the crash risk is about the same as driving +25km from the average. Thus driving the speed limit, 90km/h is about the same crash risk as driving 120km/h.
You may think you are a "better driver than me" but you are arguably something of a hazard on the road.
Withdraw first party insurance from speeders, no issues with that at all.
Only people who say that are those who don't drive.
The only way to ensure you aren't speeding is to drive a few mph BELOW the speed limit, otherwise hills, transitions from one posted speed limit to another, and the fact that holding exactly X mph is pretty much impossible in the real world, will ensure that some percentage of the time you are above the posted speed limit and some percentage you are below it.
Anyone with half a brain in their head knows that
a) nobody drives a few mph below the speed limit everywhere.
b) driving a few mph below the speed limit everywhere is dangerous because NOBODY ELSE drives like that.
So to withdraw first party insurance from speeders is to effectively withdraw insurance from everyone.
A huge shift in culture needs to happen with respect to posted speed limits... from how they are posted, to how they are enforced, to the societal norms around them.
You can't just decide that tomorrow anyone determined to be "speeding" has no insurance (and therefore can't legally drive??)
Birth control prevents ovarian cysts? Why don't they put that into the ads for Trojans? Why isn't ParaGard advertising that?
Pretty sure i said "birth control pills"... yup. I did say that. But don't let that distract you from your fun little rant about condom ads.
When they aren't being used for "birth control", then it is wrong to call them "birth control".
A rose by any other name...
There are too many other things that "birth control" includes to say that "birth control controls ovarian cysts".
Great argument, if anyone had actually said that. But nobody did.
If you want a condition covered under insurance, talk about the condition you want covered, not something else
Everyone discussing the issue conflates them. I would love to have a rational discussion calling things what they are.
But seeing as you've conflated my statement specifically about "birth control PILLS" with "birth control" and then wandered off to rant about condoms... I hardly think you are starting us off on the right foot here.
You have absolutely no idea what you are talking about.
And you talked right past him missing his point completely... how is that any better?
MiTM is easier to perform if you use 'official' certs (from CAs already in browsers/etc) than self-signed ones.
Yes, and no. Often no.
If the end user is allowed to accept a self-signed cert that is presented to him, and is trained that this is in fact necessary then a MitM is trivial, all the attacker has to do is present your user with a self signed cert. The end user will accept it. The attacker doesn't have to compromise YOUR certificates at all as the user can and will accept anything he is presented with.
This is clearly less safe than using "official" certs. This is what the person you replied to was talking about, and he's absolutely right.
If YOU install your own own self-signed certs for the end user, and the end user is not able to do this, and the end user is only allowed to accept certificates signed against installed root certificates and then you subsequently present the user with a connection signed against that root certificate then that is indeed potentially safer than official certificates... (depending on how secure you own certificate infrastructure actually is).
You may have done this, but that doesn't make the other poster incorrect. Self-signed certificates ONLY add security if they are added to a device directly by IT in a highly controlled environment; as soon as end users are interacting with self-signed certificates over the internet and accepting them its no security at all and the most common situations involving self-signed certs do expose just that situation.
Why? Because pregnancy is a 100% preventable condition. How do you 100% prevent it? Don't. Have. Sex.
And if you never touch anybody else you can avoid all kinds of other communicable diseases as well. What's the difference?
If you always wear a face mask you can avoid even more diseases. What you got meningitis? Strep throat? tuberculosis? the measles? where was your face mask? I'm not paying a dime for your treatment if you weren't wearing one.
I have zero sympathy for people expecting insurance to cover birth control.
And zero sympathy for people with ovarian cysts?
Birth control pills also help control painful menstrual cycles and ovarian cysts. Yet they are not covered for these uses because in these cases: they also incidentally prevent pregnancy.
Full disclosure: I'm a libertarian atheist.
Really, the fact that your ignorant is only tangentially relevant here.
The major powers already have enough offensive to destroy anyone else.
However, they can't use it because of mutual assured destruction. Or put another way, they can use it, but the retaliation would be too devasting to contemplate.
On the defense side, a missle defense system disables the enemies ability to first strike on us. This is a good thing, and is the defensive aspect to a missile defense system.
However, a missile defense system disables the opponents ability to retaliate our first strike, and is a crucial element to enabling us to first strike with impunity. That is a very VERY offensive element to missle defense systems.
That said, we still should participate in the missile defense race, it would be beyond foolish to let our opponents develop missile defense while we have none.
However, the humanist in me would argue that the minute we developed strategic missile defense that we should give it away. The world will be a better place if NOBODY can first strike on anyone.
The world will not be a better place if any nation, including the US, can first strike with impunity.
only an idiot would build their retirement in cash dollars. this is why as soon as you've got more than a few thousand bucks in cash savings you should invest them.
One of the many purposes of investjment is to preserve the value of wealth in an inflationary environment, where the devaluation of currency over time is assumed, and hedged against.
I assume there are patents covering most of the modern anti counterfeiting techniques that are in use along with the counterfeit detection techniques...
"And unlike BitCoin, a peer-to-peer hosted digital currency with a fluctuating value, MintChip is simply a new way to exchange Canadian dollars. Plus, itâ(TM)s backed by the Canadian government. "
A lot of self taught programmers wouldn't necessarily know the correct pronunciation.
Because they went on the web and looked at c-hash tutorials on c-hash forums?
You know... c-hash forums like
csharp-station.com
csharpfriends.com
c-sharpcorner.com
and surely they never went to:
social.msdn.microsoft.com/forums/en-US/category/visualcsharp
And the article this very slashdot story was attached to:
Android Ported to C#
http://blog.xamarin.com/2012/05/01/android-in-c-sharp/
Really, you would pretty much have to have your head up your own ass not to notice it.
Your other examples are minor variations in how to pronounce the same word ... how hard should the g be in gnu, how soft should the i be in linux... these are distinctions of accent. Linus is americanized to Lie-nus... so Lie-nux is an americanization of the finnish Linus (Lee-nus) and his Lee-nux.
That applies to Ubuntu as well... I frequently hear it called you-bun-too, which is a pretty reasonable americanization of the native oo-boon-too. I'm fine with either in that case too.
And as for SQL both variations are correct. IBM originally developed Structured English Query Language (SEQUEL)... eventually it was shortened to just (Structured Query Language) SQL but the sequel pronunciation stuck. But there is also nothing wrong with enunciating the SQL acronym as ess-que-ell.
Calling C# C-hash after you've been corrected is like someone looking at the X.org logo, and then insisting on calling it "greater than less than" even after being told its just X.
Yes, it is deliberate ignorance.
If you don't use it why would you know what it stands for.
Its one thing not to know what it stands for the first time you see it, and its entirely reasonable to guess c-hash.
But if you start having conversations about c-hash, you'll pretty rapidly run into someone who knows what its called, and they'll let you know its c-sharp.
After that, calling it c-hash is willful ignorance.
It's entirely possible to do a lot of programming and never use it.
Sure and its entirely possible to a lot of eating and only run into words like ganache, coulis, shitake, edamame, crimini, filet mignon, gyoza, pad kee mao,... and if you asked 100 people, you'd likely get a bunch that didn't know how to pronounce some of those.
But there's no "in my neck of the words we pronounce edamame where it rhymes with 'said-its-lame' and where mignon rhymes with 'doggone'.
There are people who don't know how its pronounced, and that might persist a long time if they never hear it spoken. But if they start wandering around talking about it they will run into lots of people who do know how its pronounced, and they will hear the correct pronunciation.
So while I'm fine with the idea that there are programmers out there who have only seen c# listed on job postings or something... if people are wandering around having conversations about c-hash, odds are they've been corrected, and have chosen to keep calling it c-hash anyway.
That's willful ignorance.
In my part of the woods, the Microsoft language is simply known as C hash.
If you are going to be deliberately ignorant, why not call it C octothorpe?
I was thinking more that the article had them confused. But yes, transposition would be the situation I alluded to.
I'm not really sure that transliterated versions of .net etc have much point either though, except maybe to typosquatters in other countries?
Actually, its more that the quality of journalism has fallen so low, that I don't automatically trust a journalist to know the difference between transcription, transposition, and transliteration.
I'm somewhat pleased that its not outright capitalising on typosquatting, but I'm not exactly sure what positive benefit transliterations of .net and .com would be to users of the internet.
"According to Bidzos, 12 of the 14 gTLD applications are transliterations of .com and .net. "
Please tell me that this doesn't mean Verisign is poised to scoop up: .nte .ten .ent .tne .cmo .moc .mco .ocm...
to resell them to domain typo-squatters?
And the definition of insanity is doing the same thing over and over...and expecting a different outcome.
Its not really that anyone considering voting for obama expects a different outcome, its that they expect an even worse outcome from Romney... and there is nothing insane about that.
You think Romney has a shot of winning?
Or that it would be better with Romney in charge?
Sure, but #3 is entirely gratuitous.
Once they have your email address and your contact list they do not need access to your account to send email.
They can send email to your contacts, impersonating you (so that it shows your from address) any number of other ways.
I've seen what you describe happen too, but the point is that shutting the account down doesn't necessarily prevent your contacts from getting spam "from you".
But in that case they wouldn't be able to impersonate him.
Yes they would.
You set up your spambox with the victims address as your from address, and you authenticate against windows live hotmail's smtp with any account credentials you have.
the smtp authentication doesn't force you to use the same from address as the user account you authenticate with.
the recipient just sees the from address. They don't get to see the username/password you used to authenticate with.
So you can still impersonate people.
SPF doesn't complain because the @hotmail.com from address is authorized to send from the servers its sending from.
Not really, because they can use any hotmail account to send their spam; they don't need yours.
What makes you think deleting the email account that minute would have made the slightest difference?
They got in, skimmed it for the contact list, and they are done.
They don't actually need access to your account to send email masquerading as being from you to spam your contacts from then on.
Did the user perform an innocuous action that lead to the trojan being run?
So if you perform an innocuous action that leads to you getting infected with malware then its a trojan?
Gotcha.
So if the user were to perform an innocuous action like...
If you just connect a vulnerable Mac to the network [a user initiated action, btw] and let it sit...
Then any infection that leads to is a trojan.
QED.
A user could theoretically avoid an infection if they knew that the site was hosting the trojan
True. And a user could also theoretically avoid an infection if they knew the network was teeming with viruses by not connecting to it too.
So yes, even the most classical worm can be accurately described as a trojan if we're willing to contort. After all you can only get a worm if you physically attach your vulnerable PC to an infected network...
Are you really suggesting most people are very bad drivers?
Not at all, but I am absolutely suggesting you are not a safe driver.
http://sense.bc.ca/research.htm
"This graph shows that crash risk is minimized for those drivers travelling 10-15 km/h over the average speed. (Average speeds in BC are almost always over posted speeds.) Contrary to popular belief, there are more crashes at slower speeds than at faster speeds."
Further as you can see from the 2nd graph, the average speed is above the posted limit, and vast majority of people travel above the posted speed limit.
I drive. I drive a lot. I just must be a better driver than you because I don't speed,
You can see on the second chart that the average speed is approximately 95km/h, 5km/h above the posted speed.
On a typical highway in Canada you therefore would be proudly deviating from the average speed by about -5km/h.
Fom the first chart, we can see that the crash risk of driving at -5km is quite a bit higher than then the minimum crash risk.
Moreover we can see that the crash risk is about the same as driving +25km from the average. Thus driving the speed limit, 90km/h is about the same crash risk as driving 120km/h.
You may think you are a "better driver than me" but you are arguably something of a hazard on the road.
I'm quite fine with the constitutional republic of the United States that I reside in. Not perfect, but works
It works in that the same 10 people that would control your hypthetical 1000 man democracy control this constitutional republic.
"A government of laws, and not of men" - John Adams
The same 10 people decide what the laws are.
Democracy? No thanks.
And your better idea is?
Withdraw first party insurance from speeders, no issues with that at all.
Only people who say that are those who don't drive.
The only way to ensure you aren't speeding is to drive a few mph BELOW the speed limit, otherwise hills, transitions from one posted speed limit to another, and the fact that holding exactly X mph is pretty much impossible in the real world, will ensure that some percentage of the time you are above the posted speed limit and some percentage you are below it.
Anyone with half a brain in their head knows that
a) nobody drives a few mph below the speed limit everywhere.
b) driving a few mph below the speed limit everywhere is dangerous because NOBODY ELSE drives like that.
So to withdraw first party insurance from speeders is to effectively withdraw insurance from everyone.
A huge shift in culture needs to happen with respect to posted speed limits... from how they are posted, to how they are enforced, to the societal norms around them.
You can't just decide that tomorrow anyone determined to be "speeding" has no insurance (and therefore can't legally drive??)
Birth control prevents ovarian cysts? Why don't they put that into the ads for Trojans? Why isn't ParaGard advertising that?
Pretty sure i said "birth control pills"... yup. I did say that. But don't let that distract you from your fun little rant about condom ads.
When they aren't being used for "birth control", then it is wrong to call them "birth control".
A rose by any other name...
There are too many other things that "birth control" includes to say that "birth control controls ovarian cysts".
Great argument, if anyone had actually said that. But nobody did.
If you want a condition covered under insurance, talk about the condition you want covered, not something else
Everyone discussing the issue conflates them. I would love to have a rational discussion calling things what they are.
But seeing as you've conflated my statement specifically about "birth control PILLS" with "birth control" and then wandered off to rant about condoms... I hardly think you are starting us off on the right foot here.
You have absolutely no idea what you are talking about.
And you talked right past him missing his point completely... how is that any better?
MiTM is easier to perform if you use 'official' certs (from CAs already in browsers/etc) than self-signed ones.
Yes, and no. Often no.
If the end user is allowed to accept a self-signed cert that is presented to him, and is trained that this is in fact necessary then a MitM is trivial, all the attacker has to do is present your user with a self signed cert. The end user will accept it. The attacker doesn't have to compromise YOUR certificates at all as the user can and will accept anything he is presented with.
This is clearly less safe than using "official" certs. This is what the person you replied to was talking about, and he's absolutely right.
If YOU install your own own self-signed certs for the end user, and the end user is not able to do this, and the end user is only allowed to accept certificates signed against installed root certificates and then you subsequently present the user with a connection signed against that root certificate then that is indeed potentially safer than official certificates... (depending on how secure you own certificate infrastructure actually is).
You may have done this, but that doesn't make the other poster incorrect. Self-signed certificates ONLY add security if they are added to a device directly by IT in a highly controlled environment; as soon as end users are interacting with self-signed certificates over the internet and accepting them its no security at all and the most common situations involving self-signed certs do expose just that situation.
Why? Because pregnancy is a 100% preventable condition. How do you 100% prevent it? Don't. Have. Sex.
And if you never touch anybody else you can avoid all kinds of other communicable diseases as well. What's the difference?
If you always wear a face mask you can avoid even more diseases. What you got meningitis? Strep throat? tuberculosis? the measles? where was your face mask? I'm not paying a dime for your treatment if you weren't wearing one.
I have zero sympathy for people expecting insurance to cover birth control.
And zero sympathy for people with ovarian cysts?
Birth control pills also help control painful menstrual cycles and ovarian cysts. Yet they are not covered for these uses because in these cases: they also incidentally prevent pregnancy.
Full disclosure: I'm a libertarian atheist.
Really, the fact that your ignorant is only tangentially relevant here.
The major powers already have enough offensive to destroy anyone else.
However, they can't use it because of mutual assured destruction. Or put another way, they can use it, but the retaliation would be too devasting to contemplate.
On the defense side, a missle defense system disables the enemies ability to first strike on us. This is a good thing, and is the defensive aspect to a missile defense system.
However, a missile defense system disables the opponents ability to retaliate our first strike, and is a crucial element to enabling us to first strike with impunity. That is a very VERY offensive element to missle defense systems.
That said, we still should participate in the missile defense race, it would be beyond foolish to let our opponents develop missile defense while we have none.
However, the humanist in me would argue that the minute we developed strategic missile defense that we should give it away. The world will be a better place if NOBODY can first strike on anyone.
The world will not be a better place if any nation, including the US, can first strike with impunity.
only an idiot would build their retirement in cash dollars. this is why as soon as you've got more than a few thousand bucks in cash savings you should invest them.
One of the many purposes of investjment is to preserve the value of wealth in an inflationary environment, where the devaluation of currency over time is assumed, and hedged against.
I assume there are patents covering most of the modern anti counterfeiting techniques that are in use along with the counterfeit detection techniques...
"And unlike BitCoin, a peer-to-peer hosted digital currency with a fluctuating value, MintChip is simply a new way to exchange Canadian dollars. Plus, itâ(TM)s backed by the Canadian government. "
There's a whole spectrum of faith between deciding the Bible is just a book, and going full agnostic or "passive believer"
For example, lots of people have decided the Bible is just a book, but still pray, and seek communion with God.