Most people browse the vast majority of the web via HTTP. Even leaving aside sites that don't even support HTTPS, damn near everybody will visit an HTTP page at some point. Hell, Slashdot auto-redirects from HTTPS back to HTTP. Absolutely no need to MitM SSL connections (which they'd have to get an intermediate trusted CA cert for anyhow).
While the vast majority of sites may be HTTP or even HTTP only it is also true there is a significant percentage of users who ever go to a very short list of sites like facebook, google and youtube all of which have SSL. SSL use is growing significantly. In a few years time you will not be able to buy a server without AES-NI.
It is amusing to see comcast and others think just cause everyone else is doing it or because they have "industry" documents like RFC 6108 this somehow insulates them from "stupid".
Injecting shit into http is HARMFUL no matter what BS you can get accepted by throwing your largess around and sponsoring IETF meetings. You simply cannot know a-priori what side effects of injecting javascript crap into HTTP transactions are. In case you have been living under a rock for the past decade sadly everyones using HTTP for transport these days.
As I type no doubt the phishers are working overtime on fake popups emulating comcasts piracy notifications.
I hope sleeping with the MPAA is worth bad press, legal exposure and pissing off your paying customers.
I'm a fan of databases, DSLs, query languages and parallelizing compilers. I think there are huge opportunities to punt problems to all manners of optimizers which dynamically figure out which resources are to be used to crunch a problem. It is in my view inevitable this is the future.
The problem is this only takes you so far. At some level you actually have to design a system that scales and you still have to get into the weeds to do it unless there is some serious human level AI involved.
There is a reason people pay big money for large single system image machines. Not everyone has the luxury of googles and facebooks problems.
I don't normally eat popcorn but some good'ole fashioned jiffy pop made over the stovetop while reading tales of ISPs being sued for playing judge, jury and executioner is gonna be fun.
Ok you guys dislike Windows 8, we know. You guys hated Windows 3.1, 95, 98, ME, 2000, XP, Vista, and 7 when it came out too. When windows 9 comes out you guys are going to go why change Windows 8 windows 9 add whatever features that makes my life so much harder. This will be the version people will finally shift to Linux in droves.
I wish people would stop making these lame arugments. Seeing as they can be applied equally to anything with *total disregard* for merit including hypothetical absurdities like Windows for abacus or a future Windows only supporting CGA displays unless you willingly sign away your first born.
If your argument cannot be falsified I recommend thinking twice before making it.
First off if you are bothering to create separate email accounts for each site you know full well the risks of giving anyone your email address. How do you think spammers get everyones email addresses? Tooth fairy?
Secondly jumping to conclusions is ususally not prudent. "knew immediately that either their systems or their subscriber list had been compromised"
For all we know your system could be hacked and you just don't know it or you've got a directory server or vrfy enabled and the account was brute forced.
The site could well be selling or sharing their customer list with others who are compromised or who are reselling it to spammers. They could be sending emails to other mailboxes where the user is compromised.
Thinking you know whats up is bad enough.
Thinking they owe you some sort of "official response" is whacked.
If you have some spare time restart your browser, fire up wireshark and filter for DNS queries then go to just the home page of any of a bazillion web sites... It is insane... one single page load of something like cnn,fox,nbc,forbes translates into 20-30 of dns queries for all manner of advertising and market intelligence companies.. Everyone knows this stuff exists but I was genuinly shocked by the volume and number of sites involved.
If it isn't cookies it will be fingerprinting, flash cookies, DNS cache probing + IP but we can work to mitigate these things as well.
I have no problem declaring (out of blissfull ignorance) any reason one invents whereby they think 5ghz vechicle to vechicle communication is a good idea is actually not such a great idea upon closer inspection.
Hopefully with more spectrum in 5ghz ISM FCC also plans to allow higher transmitting power so it can be practically utilized.
So basically, the user reached back behind the power supply while fiddling and bumped the 110/220V switch, and it caught fire. Naturally, they didn't say anything to the tech after setting the switch back besides, "It just caught fire! All by itself!"
The user in this case is a giant airline company, and tech support would be Boeing. The FAA, of course, is the QA manager, who reviewed the call, and after reading the ticket closure notes, facepalmed, leaned back into his chair, and took a deep draft of coffee.
In systems with lots of power sources you have to be careful to account for worse case and unexpected current flows between components. Even components you might think are isolated may in fact have unexpected dependancies allowing current flow between them.
The simplest example of this is two batteries operating in parallel to support a given load. If one of the batteries fail or is switched off all of the sudden the remaining battery sees twice the power demand to support the same load. Based on the description my guess is something like this has happened here. One source of power was disrupted which caused unexpected flows of current along a different path. More of a design issue than user error but this is all just wild guessing.
Translating the latest feb 20th JTSB document page by page... there is not much new and nothing resembling the information presented in TFA:(
Easily acessible answer is WPA2 enterprise with a reasonable passphrase and be done with it.
Regarding involving LEA I'm sure they have better things to do than care about a "theft" of service which is entirely preventable with a few minutes of your time.
With regards to becoming go-go antenna inspector gadget I sincerly hope you have better things to do than to go looking for a fight.
Did you even read the MSDS? It isn't mentioned anywhere.
I read the part where the ingredients are trade secrets. I reckon we are just left to guess whats inside.
As I said before, the article and the study cited are flat out preposterous. The ignorance and lack of understanding of the science is appalling.
The combination of the ingredients working together is what is dangerous as mentioned in the article. Evaluating each component separatly is not sufficient.
It is OK on Unix because that replaced library still exists in memory and can continue to be used by the programs... running in memory!
You update the library in place, with Foo still running using version 1.2.3. You start up Bar, which now loads library version 1.2.4. When the two apps try to interact, you're now going to get bugs or even crashes when they interact.
If a shared library is already loaded why would the system not reuse the reference to that library it already has loaded rather than attempting to ask the current file system view for to establish a separate reference?
If two programs running in separate memory spaces experience these kinds of side effects while communicating with each other this is a protocol design issue. Remember it is entirely possible to have local versions of shared system/runtime libraries that differ between application because of locally installed DLLs or DLLs within search path.
The issue gets worse if on-disk data is involved. You've now got data files potentially being updated by different versions of a library, potentially leading to data corruption or loss.
Who writes an on disk format that changes between versions without properly versioning the file? Garbage In = Garbage Out.
I don't really care if MS gets a share of what I pay for applications either,
I find it disturbing people are soo willing to let this kind of power be aggregated in the hands of the few. The cavalier willingness to take such a short sighted view is depressing.
Surely Apple has never abused their position by locking out competing apps or enforcing their values upon the rest of us have they? What could go wrong with a monopoly on execution..surely no company with a fiduciary duty to their shareholders to make money would ever dare leverage their monoploy status.
You do realize that the article you cited refers to an in-vitro test of isolated cells exposed to a wetting agent (common terminology: soap) used in conjunction with Round-Up. right? And that almost ANY soap would show similar toxicity?
These chemicals purpose is to make it easier for roundup shit to be abosrbed into cells causing damage. See the safety datasheet for their own stinkin product.
Under the Big Bang theory, the universe will eventually collapse in on itself, likely at the speed of light. The tell-tale sign will be redshift instead of blueshift being observed from Earth to various astronomical bodies. What I'd like to ask is how does this change our understanding of the ultimate fate of our universe?
Based on what we currently know this is incorrect. We clearly observe a dark energy dominated universe. There is currently no substantive evidence a "big crunch" will ever occur.
If a bubble that propogates at C does form it does not destroy the entire universe only that portion inside of its hubble volume.
If the chance for us is on order of tens of billions of years given the current age of the universe we should statistically be able to detect these sorts of bombs going off by observing changes upon objects within our hubble sphere made by false vaccume explosions outside of it.
This assertion flies in the face of common sense; pollen from this seed will float through the air and contaminate non-engineered fields and now those farmers will also have a percentage of their crop that produces sterile seed. This time, lawsuits will flow in the opposite direction: farmers who replant seed will sue Monsanto due to reduced germination rates and reduced yields in future years.
From what little I understand of Monsanto contracts... responsibility for all the side effects are hoisted upon the farmers. It will more likely be farmers suing other farmers than anyone suing Monsanto.
I keep thinking the answer to this is not biotech but robotech...how hard can it be to create an army of roombas that kill weeds? Some hyperspectral cameras, pattern recognition and burners or pullers. It has got to be possible to engineer something workable and cost effective.
Anyway here is my delimma... if Monsanto wins they will be happy which will mean I will be sad.
If the farmers win they will be happy which means we all get to eat even more shit "indiscriminately" laced with roundup.
Let's face it. No normal computer user is EVER going to memorize keyboard shortcuts.
I regularly see lots of ordinary non-technical people working the keyboard on POS machines faster than any human can possibly react to all the dialougs appearing on screen for fleeting milliseconds.
Yes, yes, a billion times, yes! This is how normal computer users do it!
This is how n00bs do it. Eventually people learn and improve out of necessity. If your job is using word all day you memorize shortcuts eventually.
Some places are still offloading old inventory but the vast majority of high-street retailers for example are selling all Win8. This is another Slashdot attempt at convincing everyone Win8 is terrible and Microsoft are doomed - it's been the same tired narrative for as long as I can remember, the only variables are the version-numbers of [product]. Flame away, my crimes of going against the group-think will not go unpunished I'm sure.
You can get windows 7 when you buy a new PC loaded with win8 in the US but you have to ask the vendor for a "downgrade".
The rest of your statement is not falsifiable. Your assertion can be equally applied to any change without concern for merit.
Everything must be judged on actual merit otherwise no useful information has been communicated.
This is the problem with "success" of open projects as they grow they require more and more money to continue to reinforce their expansion and it only snowballs downhill from there. Before you know it your out there selling your soul and your users data to the highest bidder. You can still reap profit on support alone but you can't expect it to support an organization of any size with fat paychecks for all doing this. There aint any shortage of corporate customers happily willing to purchase yearly support subscriptions whether they actually need it or use it.
Distributions put together by people who give a shit don't have this problem. The cost of packaging in time and effort is such a minsicule effort and mostly a solved problem contrasted with the effort required to produce operating system and software bundled with it.
What if bash maintainers decided they need more money too and decided to ship your keystrokes off to facebook as well? What if the maintainers of every one of the thousands of packages that go into a modern distribution followed suite? Spying by default is indefensible.
Funny story.. kept on reading assuming I would eventually run into the fine print...ye know that little jem which says this is really about some clever method to detect a complex of genetic code not the code itself... such text never materialized.
Was it ommitted or have things actually devolved to the point where we are seriously now yabbin about direct attempts at patenting gods handiwork just cause someone discovered what it does?
1. It is free. If it costed $150 per download the numbers would obviously be quite different.
2. How much of this is the same person upgrading a current version or reinstalling on a new computer? If it were office this activity would not register as a new purchase it would be closer to inserting the installation DVD.
3. OpenOffice is not feature competitive with MS office. While it does not necessarily need to be to be in order to be relevant and useful to a great many people... for $150 it actually kind of does.
Most people browse the vast majority of the web via HTTP. Even leaving aside sites that don't even support HTTPS, damn near everybody will visit an HTTP page at some point. Hell, Slashdot auto-redirects from HTTPS back to HTTP. Absolutely no need to MitM SSL connections (which they'd have to get an intermediate trusted CA cert for anyhow).
While the vast majority of sites may be HTTP or even HTTP only it is also true there is a significant percentage of users who ever go to a very short list of sites like facebook, google and youtube all of which have SSL. SSL use is growing significantly. In a few years time you will not be able to buy a server without AES-NI.
It is amusing to see comcast and others think just cause everyone else is doing it or because they have "industry" documents like RFC 6108 this somehow insulates them from "stupid".
Injecting shit into http is HARMFUL no matter what BS you can get accepted by throwing your largess around and sponsoring IETF meetings. You simply cannot know a-priori what side effects of injecting javascript crap into HTTP transactions are. In case you have been living under a rock for the past decade sadly everyones using HTTP for transport these days.
As I type no doubt the phishers are working overtime on fake popups emulating comcasts piracy notifications.
I hope sleeping with the MPAA is worth bad press, legal exposure and pissing off your paying customers.
I'm a fan of databases, DSLs, query languages and parallelizing compilers. I think there are huge opportunities to punt problems to all manners of optimizers which dynamically figure out which resources are to be used to crunch a problem. It is in my view inevitable this is the future.
The problem is this only takes you so far. At some level you actually have to design a system that scales and you still have to get into the weeds to do it unless there is some serious human level AI involved.
There is a reason people pay big money for large single system image machines. Not everyone has the luxury of googles and facebooks problems.
I don't normally eat popcorn but some good'ole fashioned jiffy pop made over the stovetop while reading tales of ISPs being sued for playing judge, jury and executioner is gonna be fun.
Ok you guys dislike Windows 8, we know. You guys hated Windows 3.1, 95, 98, ME, 2000, XP, Vista, and 7 when it came out too. When windows 9 comes out you guys are going to go why change Windows 8 windows 9 add whatever features that makes my life so much harder. This will be the version people will finally shift to Linux in droves.
I wish people would stop making these lame arugments. Seeing as they can be applied equally to anything with *total disregard* for merit including hypothetical absurdities like Windows for abacus or a future Windows only supporting CGA displays unless you willingly sign away your first born.
If your argument cannot be falsified I recommend thinking twice before making it.
First off if you are bothering to create separate email accounts for each site you know full well the risks of giving anyone your email address. How do you think spammers get everyones email addresses? Tooth fairy?
Secondly jumping to conclusions is ususally not prudent. "knew immediately that either their systems or their subscriber list had been compromised"
For all we know your system could be hacked and you just don't know it or you've got a directory server or vrfy enabled and the account was brute forced.
The site could well be selling or sharing their customer list with others who are compromised or who are reselling it to spammers. They could be sending emails to other mailboxes where the user is compromised.
Thinking you know whats up is bad enough.
Thinking they owe you some sort of "official response" is whacked.
I think this is a great idea. Makes it really easy and really transparent for voters to identify these people.
If you have some spare time restart your browser, fire up wireshark and filter for DNS queries then go to just the home page of any of a bazillion web sites... It is insane... one single page load of something like cnn,fox,nbc,forbes translates into 20-30 of dns queries for all manner of advertising and market intelligence companies.. Everyone knows this stuff exists but I was genuinly shocked by the volume and number of sites involved.
If it isn't cookies it will be fingerprinting, flash cookies, DNS cache probing + IP but we can work to mitigate these things as well.
I have no problem declaring (out of blissfull ignorance) any reason one invents whereby they think 5ghz vechicle to vechicle communication is a good idea is actually not such a great idea upon closer inspection.
Hopefully with more spectrum in 5ghz ISM FCC also plans to allow higher transmitting power so it can be practically utilized.
So basically, the user reached back behind the power supply while fiddling and bumped the 110/220V switch, and it caught fire. Naturally, they didn't say anything to the tech after setting the switch back besides, "It just caught fire! All by itself!"
The user in this case is a giant airline company, and tech support would be Boeing. The FAA, of course, is the QA manager, who reviewed the call, and after reading the ticket closure notes, facepalmed, leaned back into his chair, and took a deep draft of coffee.
In systems with lots of power sources you have to be careful to account for worse case and unexpected current flows between components. Even components you might think are isolated may in fact have unexpected dependancies allowing current flow between them.
The simplest example of this is two batteries operating in parallel to support a given load. If one of the batteries fail or is switched off all of the sudden the remaining battery sees twice the power demand to support the same load. Based on the description my guess is something like this has happened here. One source of power was disrupted which caused unexpected flows of current along a different path. More of a design issue than user error but this is all just wild guessing.
Translating the latest feb 20th JTSB document page by page... there is not much new and nothing resembling the information presented in TFA :(
Easily acessible answer is WPA2 enterprise with a reasonable passphrase and be done with it.
Regarding involving LEA I'm sure they have better things to do than care about a "theft" of service which is entirely preventable with a few minutes of your time.
With regards to becoming go-go antenna inspector gadget I sincerly hope you have better things to do than to go looking for a fight.
Did you even read the MSDS? It isn't mentioned anywhere.
I read the part where the ingredients are trade secrets. I reckon we are just left to guess whats inside.
As I said before, the article and the study cited are flat out preposterous. The ignorance and lack of understanding of the science is appalling.
The combination of the ingredients working together is what is dangerous as mentioned in the article. Evaluating each component separatly is not sufficient.
It is OK on Unix because that replaced library still exists in memory and can continue to be used by the programs ... running in memory!
You update the library in place, with Foo still running using version 1.2.3. You start up Bar, which now loads library version 1.2.4. When the two apps try to interact, you're now going to get bugs or even crashes when they interact.
If a shared library is already loaded why would the system not reuse the reference to that library it already has loaded rather than attempting to ask the current file system view for to establish a separate reference?
If two programs running in separate memory spaces experience these kinds of side effects while communicating with each other this is a protocol design issue. Remember it is entirely possible to have local versions of shared system/runtime libraries that differ between application because of locally installed DLLs or DLLs within search path.
The issue gets worse if on-disk data is involved. You've now got data files potentially being updated by different versions of a library, potentially leading to data corruption or loss.
Who writes an on disk format that changes between versions without properly versioning the file? Garbage In = Garbage Out.
I don't really care if MS gets a share of what I pay for applications either,
I find it disturbing people are soo willing to let this kind of power be aggregated in the hands of the few. The cavalier willingness to take such a short sighted view is depressing.
Surely Apple has never abused their position by locking out competing apps or enforcing their values upon the rest of us have they? What could go wrong with a monopoly on execution..surely no company with a fiduciary duty to their shareholders to make money would ever dare leverage their monoploy status.
You do realize that the article you cited refers to an in-vitro test of isolated cells exposed to a wetting agent (common terminology: soap) used in conjunction with Round-Up. right? And that almost ANY soap would show similar toxicity?
These chemicals purpose is to make it easier for roundup shit to be abosrbed into cells causing damage. See the safety datasheet for their own stinkin product.
http://www.ces.ncsu.edu/fletcher/programs/xmas/pesticides/labels/Roundup-orig-max-msds.pdf
Under the Big Bang theory, the universe will eventually collapse in on itself, likely at the speed of light. The tell-tale sign will be redshift instead of blueshift being observed from Earth to various astronomical bodies. What I'd like to ask is how does this change our understanding of the ultimate fate of our universe?
Based on what we currently know this is incorrect. We clearly observe a dark energy dominated universe. There is currently no substantive evidence a "big crunch" will ever occur.
If a bubble that propogates at C does form it does not destroy the entire universe only that portion inside of its hubble volume.
If the chance for us is on order of tens of billions of years given the current age of the universe we should statistically be able to detect these sorts of bombs going off by observing changes upon objects within our hubble sphere made by false vaccume explosions outside of it.
This assertion flies in the face of common sense; pollen from this seed will float through the air and contaminate non-engineered fields and now those farmers will also have a percentage of their crop that produces sterile seed. This time, lawsuits will flow in the opposite direction: farmers who replant seed will sue Monsanto due to reduced germination rates and reduced yields in future years.
From what little I understand of Monsanto contracts... responsibility for all the side effects are hoisted upon the farmers. It will more likely be farmers suing other farmers than anyone suing Monsanto.
"that allowed Bowman to use Roundup indiscriminately to kill weeds without any risk of harming the soybean crop. "
Oh great.. what about the risk to humans who eat this shit? Are people round-up ready?
http://www.scientificamerican.com/article.cfm?id=weed-whacking-herbicide-p
I keep thinking the answer to this is not biotech but robotech...how hard can it be to create an army of roombas that kill weeds? Some hyperspectral cameras, pattern recognition and burners or pullers. It has got to be possible to engineer something workable and cost effective.
Anyway here is my delimma... if Monsanto wins they will be happy which will mean I will be sad.
If the farmers win they will be happy which means we all get to eat even more shit "indiscriminately" laced with roundup.
It seems I loose either way.
Let's face it. No normal computer user is EVER going to memorize keyboard shortcuts.
I regularly see lots of ordinary non-technical people working the keyboard on POS machines faster than any human can possibly react to all the dialougs appearing on screen for fleeting milliseconds.
Yes, yes, a billion times, yes! This is how normal computer users do it!
This is how n00bs do it. Eventually people learn and improve out of necessity. If your job is using word all day you memorize shortcuts eventually.
Some places are still offloading old inventory but the vast majority of high-street retailers for example are selling all Win8. This is another Slashdot attempt at convincing everyone Win8 is terrible and Microsoft are doomed - it's been the same tired narrative for as long as I can remember, the only variables are the version-numbers of [product]. Flame away, my crimes of going against the group-think will not go unpunished I'm sure.
You can get windows 7 when you buy a new PC loaded with win8 in the US but you have to ask the vendor for a "downgrade".
The rest of your statement is not falsifiable. Your assertion can be equally applied to any change without concern for merit.
Everything must be judged on actual merit otherwise no useful information has been communicated.
This is the problem with "success" of open projects as they grow they require more and more money to continue to reinforce their expansion and it only snowballs downhill from there. Before you know it your out there selling your soul and your users data to the highest bidder. You can still reap profit on support alone but you can't expect it to support an organization of any size with fat paychecks for all doing this. There aint any shortage of corporate customers happily willing to purchase yearly support subscriptions whether they actually need it or use it.
Distributions put together by people who give a shit don't have this problem. The cost of packaging in time and effort is such a minsicule effort and mostly a solved problem contrasted with the effort required to produce operating system and software bundled with it.
What if bash maintainers decided they need more money too and decided to ship your keystrokes off to facebook as well? What if the maintainers of every one of the thousands of packages that go into a modern distribution followed suite? Spying by default is indefensible.
Specific guy who works in a specific field at a specific place rambling about his field of expertise creates fact.
Only in your specific imagination.
Funny story.. kept on reading assuming I would eventually run into the fine print...ye know that little jem which says this is really about some clever method to detect a complex of genetic code not the code itself... such text never materialized.
Was it ommitted or have things actually devolved to the point where we are seriously now yabbin about direct attempts at patenting gods handiwork just cause someone discovered what it does?
There are some obvious problems...
1. It is free. If it costed $150 per download the numbers would obviously be quite different.
2. How much of this is the same person upgrading a current version or reinstalling on a new computer? If it were office this activity would not register as a new purchase it would be closer to inserting the installation DVD.
3. OpenOffice is not feature competitive with MS office. While it does not necessarily need to be to be in order to be relevant and useful to a great many people... for $150 it actually kind of does.