You seem to imply because something is free and automated that there is a lack of trust.
While not my point. I absolutely agree with the above statement because it is factually accurate. ALL of these automated systems depend on INSECURE responses from INSECURE protocols in order to issue certificates including LE.
Third party DV is pointless because registrars are way better positioned to handle this.
The domain registrars need to take over and all of this redundant third party crap needs to go.
What you're complaining about is trust beyond the machines and into the organisation and people behind the servers. This is something outside of the scope of DVs, outside of the scope of Lets Encrypt, and quite critically also handled and displayed differently to the user by the browsers.
Originally this was NOT the case. To get a cert for your domain you were required to be vetted as an organization. Once CA's got out of the business of vetting organizations rather than ownership of domains they became dangerously redundant.
There's nothing dangerous here, just a bunch of people who don't know what they are talking about. You want to pretend to be www.playpal.com go right ahead. You want to pretend to be PayPal Ltd [US] with the domain www.playpal.com?
Nothing dangerous here after having explicitly discounted endless parades of impersonation attacks. The original value of the CA is effectively gone.
Well Lets Encrypt won't let you do that.
Yes it will if you can manage to intercept traffic from LE and your victim. It's all leap of faith and redundant.
Years ago everyone who wanted an SSL cert had to provide actual corporate documentation reviewed by actual people. Everything was essentially "EV".
Then all the CA vendors said fuck it, lets make more money on volume without doing any work and switched to automated systems.
Finally Let's encrypt came along and said double fuck it not only will we use automated systems but we'll make it FREEEEEEEEE.
The end result is a phenomena well known to the technology industry. A race to the bottom where everyone ends up screwed because there is no discipline and no market incentive to chose any path other than the one of least resistance.
We now live in a world where insecure jems like RFC6844 (DNS CAA) are necessary because CA's are too lazy even to be expected to coordinate amongst themselves.
I don't believe a world of countless dozens of overlapping planet scale trust anchors is rational to begin with. I have always advocated for any signing to leverage domain holders relationship with their registrar as a standard feature of domain ownership and get lazy third party CAs out of the equation altogether. The whole system has basically devolved into this only with much worse security/financial/effort outcomes for all concerned anyway. Way past time to force the worlds CAs out of business.
Yes originally it at least made sense if you were a bank or ecommerce site or something important you paid dearly each year for a cert and got something out of it in return. The second CA's abdicated their only value over domain registrars... meaningfully vetting those seeking their blessings it should have been the second they ceased to exist altogether. They essentially became parasitic leaches from that point forward and the world has suffered for it as a result.
The world makes a lot more sense when you look to people's real world choices as a measure of what they want. They had choices. They made their choices in ways that favored constant tracking and surveillance.
What people want is separate from what they understand or are willing to accept. Your willfully conflating two unrelated concepts.
As with almost all technology, it depends on context.
The context of EME is the worlds Internet users.
DRM can be abused to lock up content far in excess of normal copyright protections.
DRM also makes new and useful business models practical, giving us modern replacements for old school rental stores from the likes of Netflix and Spotify, which obvious work out for a lot of people.
There is no mystery or question surrounding the result.
Content providers are somewhat limited to means of access and distribution to what people actually have unless willing or able to go out of their way. When you lower the barrier for making DRM viable the practical result is more DRM. This WILL happen.
This means more browsers downloading and executing black boxes from companies like Adobe. An outstanding trustworthy organization with an absolutely out of this world stellar security record.
For those who think restricting access and encouraging proliferation of closed proprietary bullshit is bad widespread EME in browsers does exactly this.
Protocol/standards designers have very little actual power to dictate terms to anyone yet they are hardly powerless. While capacity for mitigating unchecked commercial interests is often severely constrained the capacity to cause damage by letting them run rampant is not so limited.
When organizations like W3C allow themselves to be corrupted ICANN style it's time for those who care to divest themselves and support a competing structure. W3C is VOTING for the legitimacy to go ahead with this knowing full well there is nothing approaching broad consensus on the subject. The procedures they are using to achieve the desired result (DRM) is explicitly against their own stated principals.
XPoint is well... pointless. It can't compete with MRAM and by the time it matures enough (If it matures enough) to substitute flash in any kind of significant way MRAM is likely to have already taken over.
MRAM has effectively infinite read/write endurance, high density and performance characteristics of static ram.
XPoint even if executed perfectly has only a narrow window in which it can hope to remain relevant.
There are a number of compromise projections which are better overall representations for general purpose use. Equal area maps distort landforms. Conformal maps distort area and so selecting one of either extreme is always suboptimal as a general purpose representation.
The only reason anyone knows or cares about this projection is the re-inventor of the projection's past political statements. Trading one extreme for another isn't progress. It's just stupid.
What the author was implying is that you should take relatively straightforward components of a function and break them out as their own sub-functions with a very descriptive name, especially the inner workings of nested loops. If you take the inner loop and replace it with a function call that describes what the inner loop does, then your outer loop actually gets much easier to read, as it does not have the distraction of the gritty details of how the inner loop performs its duties. With properly written sub-functions, you can simply read the name and understand what it is doing without having to actually read the function at all. I have personally done code reviews on code that has been re-factored in this fashion, and the readability of the code is night and day.
I disagree. Commenting a code block accomplishes the same thing and "distractions" reasoning for taking up a few more lines on a page is of unconvincing value and probably dangerous. What IDE does not allow you to collapse by scope? For all you know someone may discover an important side-effect by actually noticing structure of intervening code. When you replace comments with function names then function names also risk becoming as stale and dangerous to believe as comments.
My personal view organizing code generally to maximize readability at the expense of minimizing complexity leads to unnecessary accumulation of debt that will ultimately be paid back with interest in any non-trivial project.
Actually the vive is not tied to steam at all. You can use it with OpenVR, never even install Steam. Don't let facts get in the way of your bullshit though.
This is incorrect. OpenVR is just an interface shim. You need a hardware stack to drive it and that stack for Vive can only be installed via steam.
No shit Sherlock this announcement is 10 years too late. Years ago the cert list was much better and regularly provided somewhat useful information. Now traffic is nearly nil and warnings they send are comically outdated.
Just wondering, have you tried Minecraft, or any game where you have to "walk" using a controller or keyboard? I don't mean teleporting. Games that make you straffe or move forward/backward without actually moving are the only thing that make me feel queezy. Most games avoid that though since they figured it out in testing. If you have tried those games and don't get sick, mind telling me what graphic card you have? I use a 980 and was thinking that the motion sickness effect could be refresh rate related
Everyone is busy royally fucking up locomotion. Strafing motions are fine. I've played overload alphas (DESCENT) for hours in VR with no problems. Strafe only controls are awesome.
What is getting everyone sick is move to where you are looking schemes which intentionally create disconnects in change of direction/rotation without the user actually doing it. I would argue in many cases without actually wanting to do it either. These mechanics actively penalize players for daring to look around.
HTC vive is artificially tied to steam. You must have steam to even use Vive.
Rift is tied to Facebook. Rift maintains 24x7 persistent connections to Facebook from a service running with full administrative access to your system. It routinely uploads logs with data including every application you used with Rift and imposes mandatory software updates. There are no configuration settings of any kind to disable or prevent any of this from occurring.
Oculus has piss poor QA internally. Their automated updates *routinely* break shit with no recourse to the victim other than "waiting" for Oculus to push a fix and hoping the fix doesn't break anything else. No rolling back to previously working versions and no installing drivers from installation archives. Software and drivers 100% online/cloud managed.
Rift has a long history of screwing with it's customer base from retroactively imposing new "hardware" checks that turn working systems into not working systems for no technically defensible reason. Adding non-configurable features like ASW touted as allowing lower end hardware to work in practice actively introducing new problems for many such as unwanted clipping to 45 FPS. While it can be disabled with a number pad each time it is used it can't be disabled permanently through any configuration option and there is no feedback to know current state of it. They have also introduced new display problems such as very annoying display lag/smearing around dark objects that did not exist in previous versions of the software. Of course there is no configuration to control this either.
Rift seemingly has no intention of ever supporting any operating system other than Windows while Vive is actively working on Linux support.
If your into sims/sitting on yer ass get a Rift. The display is slightly better, cheaper and single IR tracking camera easier to deal with.
If you want "room scale" with tracked motion controllers vive is a better choice but Rift with 3 or more cameras and extension cabling isn't bad.
VR is nice but Facebook/HTC are shitty companies and no other vendors have yet to step up with a better product. 4k and higher FOV is going to be amazing.
I'm not sure if the current proposed budget seriously expects the debt ceiling to remain in effect. What is sure is that the debt ceiling has been punted in the past: hence it being suspended until yesterday. Talking about the budget without any decision on the debt ceiling is pretty stupid, but we will do it
In the real world you don't get to decide not to pay for products you already purchased. Sovereign default is only an option for those deliberately seeking to royally tank the US/world economy.
anyway. If the debt ceiling is real, we probably need to cut more than 18% off
"Debt ceiling" is as real as a flux capacitor.
of a few things, and eliminate more than just a few programs- we probably need to axe at least one department over the next few years. If instead it is just another punt to younger people to pay off our national credit card, then you can go ahead and parse the proposed budget through a petty and partisan lens.
Budget blueprint simply reallocates monies. There are no savings or reductions of deficit spending.
The equation is simply take monies currently used for health / science / climate / efficiency / pollution / USAID and give it to the defense / security industrial complex.
Only in your imagination. What was allegedly illegal was UC failing to make the content accessible under the terms of the ADA. Nowhere was the content of the videos themselves ever declared illegal.
Your claim is as dumb as trying to say someone declared doctor's offices illegal because one place got sued for allegedly failing to meet ADA requirements.
It's as dumb as hospitals claiming they perform the same procedures at one cost for everyone and then allowing insurance companies to simply refuse to pay the asking price and get away with it.
It's as dumb as outlawing abortion clinics by regulating them out of feasible existence.
It is literally true the state is using its monopoly on violence to demand you either pay an infeasible sum of money, pay a punitive fine or delete your speech. These are the real world options facing UC. It isn't dumb for someone to look at that set of circumstance and draw characterizations different from your own.
It was going to cost a ton of time and money to get all the material ADA compliant, and they would have continued to be in violation the entire time they were working toward that. So they did the only thing they could, and removed everything.
Yes they did this to be jerks. It's YouTube. They have automated captioning.
Much like how When Windows XP was released it was a hated OS with its FisherPrice Interface, All its problems from moving the Home PC to the NT
I don't remember anyone hating Windows XP for this reason. It would be strange considering you could easily go back to spitting image of Win95 by adjusting a couple of settings in windows control panel.
kernel vs the DOS based Windowed Shell that use to be Windows. When went out of support we had a bunch of lover saying why get rid of it because it is so good.
The problem was software interoperability not a love of DOS. People just wanted their existing software to work.
I would love to see what love letters are coming out from Vista (one of the most hated WIndows Versions (besides ME) to be released)
There were a couple of real issues with Vista. It was less stable than XP at the time due to immature hardware drivers out of the gate and it used more ram than people had at the time. What people hated was waiting forever as more and more of the system was being paged out to disk. If you had XP and it worked alright for you and then went and installed Vista only to have it run like crap you would be pissed too. This quickly snowballed into "Vista sucks". On top of all that MS royally fucked up min spec for Vista so we had people buying new machines in swap hell out of the box.
And who is to decide? Common decency & humanity will do. But the internet has proven to be uninterested in displaying such common ground, (and actually hosts venomous personalities & groups). So in other words "someone's gotta do it".
We should let the people who can muster the most outrage and draw the maximal offense decide for everyone else... what the hell... "Someone's gotta do it".
You know darn well the difference between 'free speech' moving to 'boisterous rambling' to 'shit talking' and finally to 'hate & violence inspiring speech'. You & I may be immune to nutjobz spewing nonsense but some people are not.
When people say they want all abortion doctors to die because they honestly believe they are in fact murders what are they? Is this just shit talking? Is this inciting violence? Is it hate speech? Is it free speech? The only thing I know darn well is language belongs to EVERYONE... not just you or people who think the way you do.
And they are called to action by such 'free' speech.
Most proponents of censorship invoke fear as justification for censorship. Fear of losing control, fear of other narratives or memes they disagree with taking hold. They want a free lunch off the legitimacy of the state without having to work equally hard to actively build consensus for the ideals they support. Support for censorship is often fueled by laziness and cowardice.
The Germans, given their history, are a bit wiser than that. One man's freedom of speech can infringe on a million other people's freedom to survive. Speech can be dangerous.
I encourage everyone who believes this nonsense to form their own country and live in harmony with other fellow like minded cowards forever. Censorship of ideas was a core enabler of Nazi Germany and go-to means of control of every dictatorship in human history.
It wasn't Adolf Hitler that killed millions of people it was a whole country going along with his insanity. Censoring speech has a proven track record of actually being dangerous.
It's what cowards always do when they can't compete and fear losing.
For once can't a US company pull out of just one repressive country instead of capitulating to their asshattery?
Massive welcome signs costing thousands of immigrants their lives
Pursuit of "hate speech" charges against political adversaries
Banning religious attire
German government can't compete in the market of ideas so they shut it down out of fear of losing control. Way past time Merkel finds a new line of work.
People cared about Snowden because NSA overreach affected virtually every US citizen. What NSA was caught doing is ILLEGAL.
Everyone assumes CIA hoards 0-days to be used for espionage purposes against OTHER countries. This is why CIA exists. CIA brass has been publically talking about the cooption of smart* products for such purposes for a number of years.
If there is evidence in one of these leaks of CIA spying on US citizens without a warrant this would be certainly be worthy of more attention.
If CIA was for example caught bulk hacking everyone's smart TV's and recording everything said this would certainly be newsworthy and most likely lead to legal repercussions for the individuals involved.. or maybe not... nobody at NSA went to jail for stealing everyone's phone records.
DST means it doesn't get lighter for another hour. This helps with sleeping for those who chose not to take steps to shield their bedrooms or eyes from evil sunlight. Without DST it would be too light to sleep without radiation shielding at 3:00 AM here.
Most people know they are going to lose an hour of sleep yet make the choice to go to sleep at the same time knowing full well the result in advance. These same people undoubtedly wake up in the morning crying about being tired or end up having a heart attack a couple of days earlier than they would have otherwise.
I don't care either way. The only thing I want is for politicians to not eternally play ping-pong with time because this is extra work and expense with no ROI.
Most of the media reports of this or that focus on abrupt change of 1hr and are either dominated by noise or followed by corrections that are summarily ignored at least in headlines to drum up unnecessary attention.
The ability to implement a web browser within WebAssembly is going to change the Internet forever. No more downloading and installing browsers. This is so exciting.
Completely agree random letter/number/symbol requirements and periodic expiration are extraordinarily lame.
Requiring people to change their passwords often for no reason just encourages them to cheat by necessity of being human in some way.
Stupid complexity requirements that don't understand objective function is maximizing entropy at the least expense to human people actively makes outcomes worse for everyone. The real world outcome of most of these systems is symbols and numbers are typically placed at the end of the password making brute force attacks easier than simply enforcing a minimum length.
There are some points I strongly disagree with.
Requiring hashed passwords and password amplification measures.
In my view the most dangerous aspect is the delusion operators thinking hashed passwords are somehow secure. They are NOT. No matter what you do any sufficiently large and or valuable password database that is hacked will be easily reversed even with SHA-Infinity PBKDF-Infinity key stretching because expecting people to actually chose a password capable of surviving a brute force campaign is asking too much and has a history of well documented failure. It simply isn't a rational option.
My advice for protecting passwords is to break up system to use dedicated authenticators who do nothing but authenticate. Application passes users password (encrypted with keys application does NOT possess) and secure authentication protocol stream to authenticator which authenticates user and passes back a result to app. This way even if app is compromised stored passwords remain are useless even against dictionary attack. The authenticator has a limited attack surface compared to your typical password protected application.
Skimping out on reversible encryption of storage because passwords are hashed is an extraordinarily bad idea that continues to end in disaster after disaster.
The other problem with hashing it actively discourages secure authentication mechanisms. The goal here is to maximize overall systems security not just maximizing one aspect such as secure storage. When you rely on hashed passwords you actively discourage the use of more advanced mutual authentication protocols (Zero knowledge PAKEs) that leverage mutual possession of password to establish end-end trust relationships. Yes you can use hashes by proxy but these systems already have "verifiers" in place which effectively do the same thing.
With these systems:
1. Backend password hash format has to be explicitly supported by authenticators including crazy schemes to transmit salt keys to authenticating user.
2. Knowledge of hash weakens security of these systems because it effectively nulls the "mutual" part of the authentication enabling impersonation attacks.
In short the problem with passwords is not the passwords themselves it is the insane concept users should be required to provide passwords capable of surviving off-line brute force attack to ensure the integrity of YOUR system. History has already demonstrated this delusion to be false.
Slashdot Mirror
You seem to imply because something is free and automated that there is a lack of trust.
While not my point. I absolutely agree with the above statement because it is factually accurate. ALL of these automated systems depend on INSECURE responses from INSECURE protocols in order to issue certificates including LE.
Third party DV is pointless because registrars are way better positioned to handle this.
The domain registrars need to take over and all of this redundant third party crap needs to go.
What you're complaining about is trust beyond the machines and into the organisation and people behind the servers. This is something outside of the scope of DVs, outside of the scope of Lets Encrypt, and quite critically also handled and displayed differently to the user by the browsers.
Originally this was NOT the case. To get a cert for your domain you were required to be vetted as an organization. Once CA's got out of the business of vetting organizations rather than ownership of domains they became dangerously redundant.
There's nothing dangerous here, just a bunch of people who don't know what they are talking about. You want to pretend to be www.playpal.com go right ahead. You want to pretend to be PayPal Ltd [US] with the domain www.playpal.com?
Nothing dangerous here after having explicitly discounted endless parades of impersonation attacks. The original value of the CA is effectively gone.
Well Lets Encrypt won't let you do that.
Yes it will if you can manage to intercept traffic from LE and your victim. It's all leap of faith and redundant.
Years ago everyone who wanted an SSL cert had to provide actual corporate documentation reviewed by actual people. Everything was essentially "EV".
Then all the CA vendors said fuck it, lets make more money on volume without doing any work and switched to automated systems.
Finally Let's encrypt came along and said double fuck it not only will we use automated systems but we'll make it FREEEEEEEEE.
The end result is a phenomena well known to the technology industry. A race to the bottom where everyone ends up screwed because there is no discipline and no market incentive to chose any path other than the one of least resistance.
We now live in a world where insecure jems like RFC6844 (DNS CAA) are necessary because CA's are too lazy even to be expected to coordinate amongst themselves.
I don't believe a world of countless dozens of overlapping planet scale trust anchors is rational to begin with. I have always advocated for any signing to leverage domain holders relationship with their registrar as a standard feature of domain ownership and get lazy third party CAs out of the equation altogether. The whole system has basically devolved into this only with much worse security/financial/effort outcomes for all concerned anyway. Way past time to force the worlds CAs out of business.
Yes originally it at least made sense if you were a bank or ecommerce site or something important you paid dearly each year for a cert and got something out of it in return. The second CA's abdicated their only value over domain registrars ... meaningfully vetting those seeking their blessings it should have been the second they ceased to exist altogether. They essentially became parasitic leaches from that point forward and the world has suffered for it as a result.
The world makes a lot more sense when you look to people's real world choices as a measure of what they want. They had choices. They made their choices in ways that favored constant tracking and surveillance.
What people want is separate from what they understand or are willing to accept. Your willfully conflating two unrelated concepts.
Forced enslavement of 12 year old children to work coal mines is legal in Oregon so it should be legal in all remaining 49 states.
My neighbors happen to be contract killers so murder should be legal.
Yo Judge!! some dude in front of me was speeding like waaayy faster than me so I shouldn't have to pay this here traffic fine.
Shoplifting should be legal because I live on the west side and EVERYONE else does it.
BUUUTTT MOOOOMMEEEEE!!!! Lil Jimmy did it tooo!!!!!!
As with almost all technology, it depends on context.
The context of EME is the worlds Internet users.
DRM can be abused to lock up content far in excess of normal copyright protections.
DRM also makes new and useful business models practical, giving us modern replacements for old school rental stores from the likes of Netflix and Spotify, which obvious work out for a lot of people.
There is no mystery or question surrounding the result.
Content providers are somewhat limited to means of access and distribution to what people actually have unless willing or able to go out of their way. When you lower the barrier for making DRM viable the practical result is more DRM. This WILL happen.
This means more browsers downloading and executing black boxes from companies like Adobe. An outstanding trustworthy organization with an absolutely out of this world stellar security record.
For those who think restricting access and encouraging proliferation of closed proprietary bullshit is bad widespread EME in browsers does exactly this.
Protocol/standards designers have very little actual power to dictate terms to anyone yet they are hardly powerless. While capacity for mitigating unchecked commercial interests is often severely constrained the capacity to cause damage by letting them run rampant is not so limited.
When organizations like W3C allow themselves to be corrupted ICANN style it's time for those who care to divest themselves and support a competing structure. W3C is VOTING for the legitimacy to go ahead with this knowing full well there is nothing approaching broad consensus on the subject. The procedures they are using to achieve the desired result (DRM) is explicitly against their own stated principals.
XPoint is well... pointless. It can't compete with MRAM and by the time it matures enough (If it matures enough) to substitute flash in any kind of significant way MRAM is likely to have already taken over.
MRAM has effectively infinite read/write endurance, high density and performance characteristics of static ram.
XPoint even if executed perfectly has only a narrow window in which it can hope to remain relevant.
There are a number of compromise projections which are better overall representations for general purpose use. Equal area maps distort landforms. Conformal maps distort area and so selecting one of either extreme is always suboptimal as a general purpose representation.
The only reason anyone knows or cares about this projection is the re-inventor of the projection's past political statements. Trading one extreme for another isn't progress. It's just stupid.
Amazon's same day and even 2 day shipping is rarely on time. Heck even the amazon NOW service here at work is rarely within the 2 hours promised.
This is going to be a problem given the number of eBay sellers with no inventory using Amazon as a drop shipping service.
What the author was implying is that you should take relatively straightforward components of a function and break them out as their own sub-functions with a very descriptive name, especially the inner workings of nested loops. If you take the inner loop and replace it with a function call that describes what the inner loop does, then your outer loop actually gets much easier to read, as it does not have the distraction of the gritty details of how the inner loop performs its duties. With properly written sub-functions, you can simply read the name and understand what it is doing without having to actually read the function at all. I have personally done code reviews on code that has been re-factored in this fashion, and the readability of the code is night and day.
I disagree. Commenting a code block accomplishes the same thing and "distractions" reasoning for taking up a few more lines on a page is of unconvincing value and probably dangerous. What IDE does not allow you to collapse by scope? For all you know someone may discover an important side-effect by actually noticing structure of intervening code. When you replace comments with function names then function names also risk becoming as stale and dangerous to believe as comments.
My personal view organizing code generally to maximize readability at the expense of minimizing complexity leads to unnecessary accumulation of debt that will ultimately be paid back with interest in any non-trivial project.
Actually the vive is not tied to steam at all. You can use it with OpenVR, never even install Steam. Don't let facts get in the way of your bullshit though.
This is incorrect. OpenVR is just an interface shim. You need a hardware stack to drive it and that stack for Vive can only be installed via steam.
No shit Sherlock this announcement is 10 years too late. Years ago the cert list was much better and regularly provided somewhat useful information. Now traffic is nearly nil and warnings they send are comically outdated.
Just wondering, have you tried Minecraft, or any game where you have to "walk" using a controller or keyboard? I don't mean teleporting. Games that make you straffe or move forward/backward without actually moving are the only thing that make me feel queezy. Most games avoid that though since they figured it out in testing. If you have tried those games and don't get sick, mind telling me what graphic card you have? I use a 980 and was thinking that the motion sickness effect could be refresh rate related
Everyone is busy royally fucking up locomotion. Strafing motions are fine. I've played overload alphas (DESCENT) for hours in VR with no problems. Strafe only controls are awesome.
What is getting everyone sick is move to where you are looking schemes which intentionally create disconnects in change of direction/rotation without the user actually doing it. I would argue in many cases without actually wanting to do it either. These mechanics actively penalize players for daring to look around.
HTC vive is artificially tied to steam. You must have steam to even use Vive.
Rift is tied to Facebook. Rift maintains 24x7 persistent connections to Facebook from a service running with full administrative access to your system. It routinely uploads logs with data including every application you used with Rift and imposes mandatory software updates. There are no configuration settings of any kind to disable or prevent any of this from occurring.
Oculus has piss poor QA internally. Their automated updates *routinely* break shit with no recourse to the victim other than "waiting" for Oculus to push a fix and hoping the fix doesn't break anything else. No rolling back to previously working versions and no installing drivers from installation archives. Software and drivers 100% online/cloud managed.
Rift has a long history of screwing with it's customer base from retroactively imposing new "hardware" checks that turn working systems into not working systems for no technically defensible reason. Adding non-configurable features like ASW touted as allowing lower end hardware to work in practice actively introducing new problems for many such as unwanted clipping to 45 FPS. While it can be disabled with a number pad each time it is used it can't be disabled permanently through any configuration option and there is no feedback to know current state of it. They have also introduced new display problems such as very annoying display lag/smearing around dark objects that did not exist in previous versions of the software. Of course there is no configuration to control this either.
Rift seemingly has no intention of ever supporting any operating system other than Windows while Vive is actively working on Linux support.
If your into sims/sitting on yer ass get a Rift. The display is slightly better, cheaper and single IR tracking camera easier to deal with.
If you want "room scale" with tracked motion controllers vive is a better choice but Rift with 3 or more cameras and extension cabling isn't bad.
VR is nice but Facebook/HTC are shitty companies and no other vendors have yet to step up with a better product. 4k and higher FOV is going to be amazing.
I'm not sure if the current proposed budget seriously expects the debt ceiling to remain in effect. What is sure is that the debt ceiling has been punted in the
past: hence it being suspended until yesterday. Talking about the budget without any decision on the debt ceiling is pretty stupid, but we will do it
In the real world you don't get to decide not to pay for products you already purchased. Sovereign default is only an option for those deliberately seeking to royally tank the US/world economy.
anyway. If the debt ceiling is real, we probably need to cut more than 18% off
"Debt ceiling" is as real as a flux capacitor.
of a few things, and eliminate more than just a few programs- we probably need to axe at least one department over the next few years. If instead it is just another punt to younger people to pay off our national credit card, then you can go ahead and parse the proposed budget through a petty and partisan lens.
Budget blueprint simply reallocates monies. There are no savings or reductions of deficit spending.
The equation is simply take monies currently used for health / science / climate / efficiency / pollution / USAID and give it to the defense / security industrial complex.
Only in your imagination. What was allegedly illegal was UC failing to make the content accessible under the terms of the ADA. Nowhere was the content of the videos themselves ever declared illegal.
Your claim is as dumb as trying to say someone declared doctor's offices illegal because one place got sued for allegedly failing to meet ADA requirements.
It's as dumb as hospitals claiming they perform the same procedures at one cost for everyone and then allowing insurance companies to simply refuse to pay the asking price and get away with it.
It's as dumb as outlawing abortion clinics by regulating them out of feasible existence.
It is literally true the state is using its monopoly on violence to demand you either pay an infeasible sum of money, pay a punitive fine or delete your speech. These are the real world options facing UC. It isn't dumb for someone to look at that set of circumstance and draw characterizations different from your own.
It was going to cost a ton of time and money to get all the material ADA compliant, and they would have continued to be in violation the entire time they were working toward that. So they did the only thing they could, and removed everything.
Yes they did this to be jerks. It's YouTube. They have automated captioning.
Much like how When Windows XP was released it was a hated OS with its FisherPrice Interface, All its problems from moving the Home PC to the NT
I don't remember anyone hating Windows XP for this reason. It would be strange considering you could easily go back to spitting image of Win95 by adjusting a couple of settings in windows control panel.
kernel vs the DOS based Windowed Shell that use to be Windows. When went out of support we had a bunch of lover saying why get rid of it because it is so good.
The problem was software interoperability not a love of DOS. People just wanted their existing software to work.
I would love to see what love letters are coming out from Vista (one of the most hated WIndows Versions (besides ME) to be released)
There were a couple of real issues with Vista. It was less stable than XP at the time due to immature hardware drivers out of the gate and it used more ram than people had at the time. What people hated was waiting forever as more and more of the system was being paged out to disk. If you had XP and it worked alright for you and then went and installed Vista only to have it run like crap you would be pissed too. This quickly snowballed into "Vista sucks". On top of all that MS royally fucked up min spec for Vista so we had people buying new machines in swap hell out of the box.
And who is to decide? Common decency & humanity will do. But the internet has proven to be uninterested in displaying such common ground, (and actually hosts venomous personalities & groups). So in other words "someone's gotta do it".
We should let the people who can muster the most outrage and draw the maximal offense decide for everyone else... what the hell... "Someone's gotta do it".
You know darn well the difference between 'free speech' moving to 'boisterous rambling' to 'shit talking' and finally to 'hate & violence inspiring speech'. You & I may be immune to nutjobz spewing nonsense but some people are not.
When people say they want all abortion doctors to die because they honestly believe they are in fact murders what are they? Is this just shit talking? Is this inciting violence? Is it hate speech? Is it free speech? The only thing I know darn well is language belongs to EVERYONE... not just you or people who think the way you do.
And they are called to action by such 'free' speech.
Most proponents of censorship invoke fear as justification for censorship. Fear of losing control, fear of other narratives or memes they disagree with taking hold. They want a free lunch off the legitimacy of the state without having to work equally hard to actively build consensus for the ideals they support. Support for censorship is often fueled by laziness and cowardice.
The Germans, given their history, are a bit wiser than that. One man's freedom of speech can infringe on a million other people's freedom to survive. Speech can be dangerous.
I encourage everyone who believes this nonsense to form their own country and live in harmony with other fellow like minded cowards forever. Censorship of ideas was a core enabler of Nazi Germany and go-to means of control of every dictatorship in human history.
It wasn't Adolf Hitler that killed millions of people it was a whole country going along with his insanity. Censoring speech has a proven track record of actually being dangerous.
It's what cowards always do when they can't compete and fear losing.
For once can't a US company pull out of just one repressive country instead of capitulating to their asshattery?
Massive welcome signs costing thousands of immigrants their lives
Pursuit of "hate speech" charges against political adversaries
Banning religious attire
German government can't compete in the market of ideas so they shut it down out of fear of losing control. Way past time Merkel finds a new line of work.
People cared about Snowden because NSA overreach affected virtually every US citizen. What NSA was caught doing is ILLEGAL.
Everyone assumes CIA hoards 0-days to be used for espionage purposes against OTHER countries. This is why CIA exists. CIA brass has been publically talking about the cooption of smart* products for such purposes for a number of years.
If there is evidence in one of these leaks of CIA spying on US citizens without a warrant this would be certainly be worthy of more attention.
If CIA was for example caught bulk hacking everyone's smart TV's and recording everything said this would certainly be newsworthy and most likely lead to legal repercussions for the individuals involved.. or maybe not... nobody at NSA went to jail for stealing everyone's phone records.
Microsoft leverages non-robotic automation to reduce labor cost of producing it's products.
Microsoft abuses H-1B and fucks country and state out of billions in tax revenues.
Someone with billions locked up in Microsoft interests supports increasing taxation of OTHER industries.
DST means it doesn't get lighter for another hour. This helps with sleeping for those who chose not to take steps to shield their bedrooms or eyes from evil sunlight. Without DST it would be too light to sleep without radiation shielding at 3:00 AM here.
Most people know they are going to lose an hour of sleep yet make the choice to go to sleep at the same time knowing full well the result in advance. These same people undoubtedly wake up in the morning crying about being tired or end up having a heart attack a couple of days earlier than they would have otherwise.
I don't care either way. The only thing I want is for politicians to not eternally play ping-pong with time because this is extra work and expense with no ROI.
Most of the media reports of this or that focus on abrupt change of 1hr and are either dominated by noise or followed by corrections that are summarily ignored at least in headlines to drum up unnecessary attention.
The ability to implement a web browser within WebAssembly is going to change the Internet forever. No more downloading and installing browsers. This is so exciting.
Completely agree random letter/number/symbol requirements and periodic expiration are extraordinarily lame.
Requiring people to change their passwords often for no reason just encourages them to cheat by necessity of being human in some way.
Stupid complexity requirements that don't understand objective function is maximizing entropy at the least expense to human people actively makes outcomes worse for everyone. The real world outcome of most of these systems is symbols and numbers are typically placed at the end of the password making brute force attacks easier than simply enforcing a minimum length.
There are some points I strongly disagree with.
Requiring hashed passwords and password amplification measures.
In my view the most dangerous aspect is the delusion operators thinking hashed passwords are somehow secure. They are NOT. No matter what you do any sufficiently large and or valuable password database that is hacked will be easily reversed even with SHA-Infinity PBKDF-Infinity key stretching because expecting people to actually chose a password capable of surviving a brute force campaign is asking too much and has a history of well documented failure. It simply isn't a rational option.
My advice for protecting passwords is to break up system to use dedicated authenticators who do nothing but authenticate. Application passes users password (encrypted with keys application does NOT possess) and secure authentication protocol stream to authenticator which authenticates user and passes back a result to app. This way even if app is compromised stored passwords remain are useless even against dictionary attack. The authenticator has a limited attack surface compared to your typical password protected application.
Skimping out on reversible encryption of storage because passwords are hashed is an extraordinarily bad idea that continues to end in disaster after disaster.
The other problem with hashing it actively discourages secure authentication mechanisms. The goal here is to maximize overall systems security not just maximizing one aspect such as secure storage. When you rely on hashed passwords you actively discourage the use of more advanced mutual authentication protocols (Zero knowledge PAKEs) that leverage mutual possession of password to establish end-end trust relationships. Yes you can use hashes by proxy but these systems already have "verifiers" in place which effectively do the same thing.
With these systems:
1. Backend password hash format has to be explicitly supported by authenticators including crazy schemes to transmit salt keys to authenticating user.
2. Knowledge of hash weakens security of these systems because it effectively nulls the "mutual" part of the authentication enabling impersonation attacks.
In short the problem with passwords is not the passwords themselves it is the insane concept users should be required to provide passwords capable of surviving off-line brute force attack to ensure the integrity of YOUR system. History has already demonstrated this delusion to be false.