Did you invent RDP or something? You'll break your back bending that far backwards to absolve it of the incident I wrote about.
I fail to understand how the repercussions of social engineering attacks are the fault of a remote access technology unrelated to initial compromise.
Especially given root cause from your story seems to be acceptance followed by execution of unauthenticated, untrusted messages.
You CAN do that with ssh but it's far from the default setting.
Name a popular Linux distro which fails to enable ssh, port redirect and scp by default. I dare you to name one.
suse, debian, ubuntu, fedora, centos all DEFAULT setting. Every unix system I've ever used or connected to in the past decade offers port redirect and file system access via ssh.
Yes, it presents hazards never even dreamed of by X or VNC.
X has always been a breathtaking hazard for reasons entirely the fault of X.
In one case I know of (no, I am bound to not name names here), RDP was a vector for a CryptoLocker attack. A reasonably secure operation (AV on email, IDS, strong user training, etc) granted an outside support person a
AV and IDS are worthless against targeted attacks.
temporary RDP connection to diagnose a problem. It seems the support person opened a bad email on his own machine while connected and CryptoLocker took advantage of the RDP forwarded file shares to encrypt the fileserver.
More importantly those VPN logs are subject to seizure by law enforcement with the appropriate warrant or other legal instrument deemed valid by the Government and the Courts of Law. Show me a VPN service provider that is not subject to lawful access by law enforcement.
I wish that were true. Given US government track record of obtaining everyone's call records without any legal showing the more likely scenario is warrantless seizure of "any tangible thing" justified by invoking 3rd party doctrine or batshit insane abuse of Article II.
... https everywhere, constant VPNs and full encryption for everything...
Trivially blocked by your service provider. This continuing single point of failure is the obstacle to overcome. Not much can be accomplished before then.
I invite them to try. Commercial companies which exist to make money can't just block something everyone uses and expect to remain a viable company with paying customers.
Everywhere I look people still blissfully using completely insecure authentication methods for VPN access effectively broadcasting plaintext passwords to anyone snooping the wire... but hey at least if someone tricks you into connecting to their evil network Microsoft has your back.
Would love an education how this bug is worthy of mention while other much more egregious issues such as true type vulnerabilities affecting anyone who browses to an attacker controlled website were also patched.
Post is the only non-indempotent of the major http verbs. Its one of the core difference between Post and Put and why when you create a new resource without a natural id, you use post, not put...
What happens if you POST to a server and the response is lost? How does client know it was processed or not? The answer is you always need some kind of id/token/big word because non-idempotwhatever is not actually possible.
The only thing POST is... is worthless... defective by design without specific and unnecessary application logic to deal with consequences of HTTP's total lack of a commitment procedure.
The paradigm and semantic is perfectly clean/correct. The roundtrip is just an implementation detail.
Like the rest of HTTP it is perfectly useless. No coherency nor atomicity nor any way to implement verbs beyond trivial "CRUD".
The protocol could simply return the result of the post with a redirect, as well as the result of the get, in 1 response.
Why is returning a pointer to data allowed while returning actual data itself not? This just sounds like bullshit.
Then under the hood even though you do a GET, the get "chunk" of the post result would get rendered. No additional roundtrip.
Or you can just return data and stop being silly.
(yeah, I could request the image and then set the data to the img tag. This was just a roundabout example).
It always is... I'll leave failure to communicate a coherent use case to speak for itself.
That technique works today, and for some edge cases, it is actually being used in the real world. Making a post -> redirect -> Get without roundtrip wouldn't be very different from existing paradigms.
Yep that sounds correct. That is the entire point of GET and POST being different. GET retrieves data, never alters it. POST alters data, never retrieves it.
Both assertions are false.
This is kinda HTTP 101. You might disagree, but then you'd be doing it wrong.
LOL if you disagree with me your doing it wrong. No arguing that.
You are using a perfectly good axe as a door stop then whining that your teaspoon isn't cutting down trees properly.
HTTP is a dull rusty blade attached to a termite infested rotted, split, splintered handle yet it is the only axe left in the world and the only way to cut down trees.
It is unwise to attempt to use it properly as "intended" you will just break it and or injure yourself.
Instructions included with moldy packaging the axe originally came in is only a useful as a reminder of old times before our Alien overlords swooped down from the sky and stole all of the worlds axes except one their computer failed to recognize as an axe.
Erm, but in that instance POSTing then doing a GET makes sense.
The POST creates the new user. The GET retrieves the information for user 3813812.
Too many people seem to think it's cool to add round trips for some incoherent appeal to logical consistency.
How are those two things the same? That is exactly how it is supposed to be done.
Who cares? HTTP verbs are insufficient to express jack or jill and HTTP completely lacks any useful transaction semantics. REST in the abstract is a great idea... only problem is HTTP is shit and when you don't treat shit like shit you end up with shit. HTTP is simply the wrong layer to be toying with any kind of abstraction if you care about useful results.
If your server can't handle that 'additonal' load very well, then I've got a 486 upgrade I'll donate for free.
The actual problem is users suffering through yet another round of unnecessary round trips cuz 'GET' *feels* cleaner.
Competent natural-language voice recognition is still too hard for a handheld or embedded device. So, these devices digitize your voice (OMG recording!), ship it off to a server farm for interpretation, and receive the results.
I think this is more or less bullshit given nobody is even trying and no market incentive exists to put any effort into a solution. Many of previous players in the space are simply gone or sold out years ago.
Today there is not one single usable offline voice recognition application available for Android at any cost. Recognizers embedded into devices a decade ago even into "dumb phones" which worked good enough for what they did simply does not exist as an option today.
Relatively easy to discriminate between a handful of commands to control device vs free form data entry (speech to text) which is a much bigger challenge.
Obvious to me reason it does not exist is simply there is no market for offline recognition. Not necessarily because vendors want to be peeping toms and overhear conversations... What they really want is an EXCUSE to obtain a record of everything you do with your device.
The initial panic I'm seeing around this looks ill-informed, but Samsung definitely has to get out in front of it. If they can't -- if they can't provide a simple, clear explanation of what they are and aren't doing -- it's going to cost them.
God I hope so the only way this will change is when vendors start seeing lost sales.
These kinds of attack numbers are routinely paraded around in hearings attended by lawmakers on security issues. From expressed concerns and lack of follow-up tactic seems to effective although I would imagine there must be a shelf-life.
Interesting remaining argument for why they deserve money from NSA rests on invocation of specific incidents involving identity theft and local incidents of crime having nothing to do with NSA activities.
If you don't allow updates, then a drive-by-wire car with a bunch of wireless systems (keyless entry, keyless starter, bluetooth, cellular, 802.11p (DSRC),... ?) connected to its bus is a timebomb. If updates are allowed
This is the best reason I can think of to be against easy updates and unnecessary complexity. If a component needs to be constantly updated to not become a "timebomb" it has no business existing in the first place.
There needs to be a cost (e.g. recall) involved or people will feel no pressure to resist market pressure to enroll us all in their endless beta programs.
In any "terror" campaign media is literally the conduit through which successful propagation of terror occurs.
Likewise when a loony toon expects to become famous doing something heinous medias job is to deliver.
I believe primary reason media is reluctant to show this as their effective role as a tool would become so trivially apparent as to negatively affect viewership.
The media is good at keeping people afraid and or entertained as deliberate story selection, repetition, nonstop trolling and comical hyperbole delivered with stunning lack of domain knowledge attests to every day. The whole system is fucked up with such little information content being delivered thru TV talk about "Journalistic purposes" is rather pointless in my opinion.
If you are talking about wireline broadband, the physical barriers are exactly the same as exists with other utilities: utility poles, underground conduits, and all the rights-of-way necessary to get your wire through.
What needs to and I believe inevitably will happen physical infrastructure needs to be effectively managed as a utility separate from the provision of services over that infrastructure where there can be local competition on FRAND basis to "light up" the last mile with services. In *some* ways similar to operation of CLECs or ISPs delivering DSL service thru Telco ATM cloud.
In summary decouple the physical last-mile infrastructure from service delivered over that infrastructure.
But perhaps you are considering wireless as being free from physical barriers to competition. Not so. Spectrum is a scarce resource; you have to buy, at auction to the highest bidder, the right to use it, which excludes anyone else from using it. And wireless is no replacement for wireline in performance or reliablility.
I currently agree wireless can't and probably will never be able to compete with wired service. I will just stipulate there is some crazy shit coming down the pipe lots of R&D in wireless space that will improve density without increasing spectrum.
So much for robust competition. I say again, competition is for small fry and suckers. Once a company has reached a critical mass (e.g., Comcast-size), it becomes more cost-effective to simply crush competition or buy them out. Why compete, risk revenue on innovation that might fail, when you don't have to?
Given Comcast's ever increasing rates providing reasonable barriers to entry for new ISPs good luck maintaining that strategy over the long haul.
Really? So you have a choice of 30 competing ISPs in your area then? No?
My point not evident in a single sentence quoted out of context is you *should* have a choice. It wasn't uncommon to see many local competing ISPs in the early dial-up days of the network where there existed effective decoupling of Internet from last mile. It can be done you just need to decouple the physical infrastructure from the service provider.
And reproducing without bounds isn't batshit crazy?
Oh noes problem is too many PPL reproducing like rabid rabbits. Fact many developed countries are seeing negative population growth. If not for immigration USA would be one of them.
Seems kind of foolish to cling to overpopulation when difference in resource consumption between poor vs rich societies easily exceeds an order of magnitude.
We are going to overrun this planets capacity to sustain us. What then?
This has been a recurring sentiment for hundreds of years. I would suggest introspection before committing same mistakes in reasoning as those before you.
Do you know what planets carrying capacity is or can be projected to be 40 years from now? I personally have no idea. All I know for sure it is far from static and very much a function of need/innovation and how resources are managed.
For all anyone knows in 40 years the world will be completely powered by fusion reactors, all of our food generated by artificial means in factories rather than grown and only remaining reason to pull hydrocarbons out of the ground is production of goods or it could essentially be the same or worse than today. Predictions of the distant future have a habit of being worthless.
It doesn't track road miles (and people will claim they don't drive on roads, and demand exceptions!), or vehicle weight (see the ratio of road wear per vehicle weight and cringe).
Sorry, but the odometer won't be enough.
Hard to believe statistical models couldn't be employed to arrive at essentially the same figures detailed big-brother GPS tracks would provide.
It is unnecessary to be hyper fair in collection or distribution of tax revenues nor is it necessary to consider behavior of outliers.
It turns out Adam Smith invented this thing called a utility to solve the problem of monopoly pricing power when he invented capitalism. This is literally a common sense move by regulators. The only issues are whether loop holes get snuck in and whether it survives the flood of court challenges and lobbying to congress to kill it.
Major difference there are no practical physical barriers to competition in the ISP space as exists with other utilities. There is no practical technical reason there cannot exist a diverse and competitive ISP market and so it is invalid to use "utility" banner as an excuse for government to manage monopolies when robust competition always does a better job.
If anything what government needs to do is stop getting in the way of decoupling ISP from the last mile and provide framework for incentives / subsidies to make it happen. Breaking massive ISPs up along the way would be swell.
The role of government should be to accelerate restoration of ISP industry to a functioning competitive market rather than acting to police monopolies who will enviably capture the regulators.
The problem is lack of competition. Title II does nothing to address the underlying problem. It only mask symptoms making it more difficult to gain consensus necessary to correct problem of monopolization of the last mile.
What are the downsides? Should we now expect USF line items on our bills? Do mom-and-pop operations have to deal with new red tape disproportionately favoring larger organizations? Will it be leveraged to provide cover for "information sharing" regimes affording customers no legal recourse?
How will Title-II prevent underhanded techniques to maximize leverage such as Comcast intentionally keeping links saturated? There must be an endless stream of "creative" ways to circumvent intent of net neutrality under other plausibly legitimate banners.
Whenever I find myself rooting for government to step in and fix a problem it makes me nervous. For all I know it may end up being better for everyone but I sure as heck wouldn't bet on it either way.
Again we see the same with iOS and Android. If MS wants to take the phone market all it has to do is open Windows phone and remove all the restrictions, or at the least be less restrictive than Google. If MS would allow any app store it would take the lead. Or even less restrictive allow people to use and modify it as they see fit.
I remember when software was like hardware where at least some people were focused on delivering cool new shit people will want to spend money on.
Today everybody just wants to be an asshole and play marketing games to sell their bullshit. You can only install software we tell you to from our store. Use our "cloud" service because we won't even PERMIT you to maintain a local list of contacts on your own device... They are openly hostile to their customers in a bid to maximize dependency on their platforms.
The future isn't about progress it's about metering out as little value as possible for as much as possible.
Slashdot Mirror
Did you invent RDP or something? You'll break your back bending that far backwards to absolve it of the incident I wrote about.
I fail to understand how the repercussions of social engineering attacks are the fault of a remote access technology unrelated to initial compromise.
Especially given root cause from your story seems to be acceptance followed by execution of unauthenticated, untrusted messages.
You CAN do that with ssh but it's far from the default setting.
Name a popular Linux distro which fails to enable ssh, port redirect and scp by default. I dare you to name one.
suse, debian, ubuntu, fedora, centos all DEFAULT setting. Every unix system I've ever used or connected to in the past decade offers port redirect and file system access via ssh.
Yes, it presents hazards never even dreamed of by X or VNC.
X has always been a breathtaking hazard for reasons entirely the fault of X.
In one case I know of (no, I am bound to not name names here), RDP was a vector for a CryptoLocker attack. A reasonably secure operation (AV on email, IDS, strong user training, etc) granted an outside support person a
AV and IDS are worthless against targeted attacks.
temporary RDP connection to diagnose a problem. It seems the support person opened a bad email on his own machine while connected and CryptoLocker took advantage of the RDP forwarded file shares to encrypt the fileserver.
You can do the same with SSH.
Personally I'm looking forward to the shit storm of global, coordinated backlash against TPP when the politicians are done jerking off.
More importantly those VPN logs are subject to seizure by law enforcement with the appropriate warrant or other legal instrument deemed valid by the Government and the Courts of Law. Show me a VPN service provider that is not subject to lawful access by law enforcement.
I wish that were true. Given US government track record of obtaining everyone's call records without any legal showing the more likely scenario is warrantless seizure of "any tangible thing" justified by invoking 3rd party doctrine or batshit insane abuse of Article II.
... https everywhere, constant VPNs and full encryption for everything...
Trivially blocked by your service provider. This continuing single point of failure is the obstacle to overcome. Not much can be accomplished before then.
I invite them to try. Commercial companies which exist to make money can't just block something everyone uses and expect to remain a viable company with paying customers.
Everywhere I look people still blissfully using completely insecure authentication methods for VPN access effectively broadcasting plaintext passwords to anyone snooping the wire... but hey at least if someone tricks you into connecting to their evil network Microsoft has your back.
Would love an education how this bug is worthy of mention while other much more egregious issues such as true type vulnerabilities affecting anyone who browses to an attacker controlled website were also patched.
Hard to believe such a racist comment is posted from an account with positive karma, but even harder to believe this has been upvoted. WTF??
Hard to believe people still feed trolls.
Post is the only non-indempotent of the major http verbs. Its one of the core difference between Post and Put and why when you create a new resource without a natural id, you use post, not put...
What happens if you POST to a server and the response is lost? How does client know it was processed or not? The answer is you always need some kind of id/token/big word because non-idempotwhatever is not actually possible.
The only thing POST is... is worthless... defective by design without specific and unnecessary application logic to deal with consequences of HTTP's total lack of a commitment procedure.
The paradigm and semantic is perfectly clean/correct. The roundtrip is just an implementation detail.
Like the rest of HTTP it is perfectly useless. No coherency nor atomicity nor any way to implement verbs beyond trivial "CRUD".
The protocol could simply return the result of the post with a redirect, as well as the result of the get, in 1 response.
Why is returning a pointer to data allowed while returning actual data itself not? This just sounds like bullshit.
Then under the hood even though you do a GET, the get "chunk" of the post result would get rendered. No additional roundtrip.
Or you can just return data and stop being silly.
(yeah, I could request the image and then set the data to the img tag. This was just a roundabout example).
It always is... I'll leave failure to communicate a coherent use case to speak for itself.
That technique works today, and for some edge cases, it is actually being used in the real world. Making a post -> redirect -> Get without roundtrip wouldn't be very different from existing paradigms.
But what is the point?
Yep that sounds correct. That is the entire point of GET and POST being different.
GET retrieves data, never alters it. POST alters data, never retrieves it.
Both assertions are false.
This is kinda HTTP 101. You might disagree, but then you'd be doing it wrong.
LOL if you disagree with me your doing it wrong. No arguing that.
You are using a perfectly good axe as a door stop then whining that your teaspoon isn't cutting down trees properly.
HTTP is a dull rusty blade attached to a termite infested rotted, split, splintered handle yet it is the only axe left in the world and the only way to cut down trees.
It is unwise to attempt to use it properly as "intended" you will just break it and or injure yourself.
Instructions included with moldy packaging the axe originally came in is only a useful as a reminder of old times before our Alien overlords swooped down from the sky and stole all of the worlds axes except one their computer failed to recognize as an axe.
Erm, but in that instance POSTing then doing a GET makes sense.
The POST creates the new user.
The GET retrieves the information for user 3813812.
Too many people seem to think it's cool to add round trips for some incoherent appeal to logical consistency.
How are those two things the same? That is exactly how it is supposed to be done.
Who cares? HTTP verbs are insufficient to express jack or jill and HTTP completely lacks any useful transaction semantics. REST in the abstract is a great idea... only problem is HTTP is shit and when you don't treat shit like shit you end up with shit. HTTP is simply the wrong layer to be toying with any kind of abstraction if you care about useful results.
If your server can't handle that 'additonal' load very well, then I've got a 486 upgrade I'll donate for free.
The actual problem is users suffering through yet another round of unnecessary round trips cuz 'GET' *feels* cleaner.
Competent natural-language voice recognition is still too hard for a handheld or embedded device. So, these devices digitize your voice (OMG recording!), ship it off to a server farm for interpretation, and receive the results.
I think this is more or less bullshit given nobody is even trying and no market incentive exists to put any effort into a solution. Many of previous players in the space are simply gone or sold out years ago.
Today there is not one single usable offline voice recognition application available for Android at any cost. Recognizers embedded into devices a decade ago even into "dumb phones" which worked good enough for what they did simply does not exist as an option today.
Relatively easy to discriminate between a handful of commands to control device vs free form data entry (speech to text) which is a much bigger challenge.
Obvious to me reason it does not exist is simply there is no market for offline recognition. Not necessarily because vendors want to be peeping toms and overhear conversations... What they really want is an EXCUSE to obtain a record of everything you do with your device.
The initial panic I'm seeing around this looks ill-informed, but Samsung definitely has to get out in front of it. If they can't -- if they can't provide a simple, clear explanation of what they are and aren't doing -- it's going to cost them.
God I hope so the only way this will change is when vendors start seeing lost sales.
These kinds of attack numbers are routinely paraded around in hearings attended by lawmakers on security issues. From expressed concerns and lack of follow-up tactic seems to effective although I would imagine there must be a shelf-life.
Interesting remaining argument for why they deserve money from NSA rests on invocation of specific incidents involving identity theft and local incidents of crime having nothing to do with NSA activities.
If you don't allow updates, then a drive-by-wire car with a bunch of wireless systems (keyless entry, keyless starter, bluetooth, cellular, 802.11p (DSRC), ... ?) connected to its bus is a timebomb. If updates are allowed
This is the best reason I can think of to be against easy updates and unnecessary complexity. If a component needs to be constantly updated to not become a "timebomb" it has no business existing in the first place.
There needs to be a cost (e.g. recall) involved or people will feel no pressure to resist market pressure to enroll us all in their endless beta programs.
In any "terror" campaign media is literally the conduit through which successful propagation of terror occurs.
Likewise when a loony toon expects to become famous doing something heinous medias job is to deliver.
I believe primary reason media is reluctant to show this as their effective role as a tool would become so trivially apparent as to negatively affect viewership.
The media is good at keeping people afraid and or entertained as deliberate story selection, repetition, nonstop trolling and comical hyperbole delivered with stunning lack of domain knowledge attests to every day. The whole system is fucked up with such little information content being delivered thru TV talk about "Journalistic purposes" is rather pointless in my opinion.
How?
If you are talking about wireline broadband, the physical barriers are exactly the same as exists with other utilities: utility poles, underground conduits, and all the rights-of-way necessary to get your wire through.
What needs to and I believe inevitably will happen physical infrastructure needs to be effectively managed as a utility separate from the provision of services over that infrastructure where there can be local competition on FRAND basis to "light up" the last mile with services. In *some* ways similar to operation of CLECs or ISPs delivering DSL service thru Telco ATM cloud.
In summary decouple the physical last-mile infrastructure from service delivered over that infrastructure.
But perhaps you are considering wireless as being free from physical barriers to competition. Not so. Spectrum is a scarce resource; you have to buy, at auction to the highest bidder, the right to use it, which excludes anyone else from using it. And wireless is no replacement for wireline in performance or reliablility.
I currently agree wireless can't and probably will never be able to compete with wired service. I will just stipulate there is some crazy shit coming down the pipe lots of R&D in wireless space that will improve density without increasing spectrum.
So much for robust competition. I say again, competition is for small fry and suckers. Once a company has reached a critical mass (e.g., Comcast-size), it becomes more cost-effective to simply crush competition or buy them out. Why compete, risk revenue on innovation that might fail, when you don't have to?
Given Comcast's ever increasing rates providing reasonable barriers to entry for new ISPs good luck maintaining that strategy over the long haul.
Really? So you have a choice of 30 competing ISPs in your area then? No?
My point not evident in a single sentence quoted out of context is you *should* have a choice. It wasn't uncommon to see many local competing ISPs in the early dial-up days of the network where there existed effective decoupling of Internet from last mile. It can be done you just need to decouple the physical infrastructure from the service provider.
And reproducing without bounds isn't batshit crazy?
Oh noes problem is too many PPL reproducing like rabid rabbits. Fact many developed countries are seeing negative population growth. If not for immigration USA would be one of them.
http://esa.un.org/unpd/ppp/Fig...
Seems kind of foolish to cling to overpopulation when difference in resource consumption between poor vs rich societies easily exceeds an order of magnitude.
http://worldcentric.org/consci...
We are going to overrun this planets capacity to sustain us. What then?
This has been a recurring sentiment for hundreds of years. I would suggest introspection before committing same mistakes in reasoning as those before you.
Do you know what planets carrying capacity is or can be projected to be 40 years from now?
I personally have no idea. All I know for sure it is far from static and very much a function of need/innovation and how resources are managed.
For all anyone knows in 40 years the world will be completely powered by fusion reactors, all of our food generated by artificial means in factories rather than grown and only remaining reason to pull hydrocarbons out of the ground is production of goods or it could essentially be the same or worse than today. Predictions of the distant future have a habit of being worthless.
It doesn't track road miles (and people will claim they don't drive on roads, and demand exceptions!), or vehicle weight (see the ratio of road wear per vehicle weight and cringe).
Sorry, but the odometer won't be enough.
Hard to believe statistical models couldn't be employed to arrive at essentially the same figures detailed big-brother GPS tracks would provide.
It is unnecessary to be hyper fair in collection or distribution of tax revenues nor is it necessary to consider behavior of outliers.
It turns out Adam Smith invented this thing called a utility to solve the problem of monopoly pricing power when he invented capitalism. This is literally a common sense move by regulators. The only issues are whether loop holes get snuck in and whether it survives the flood of court challenges and lobbying to congress to kill it.
Major difference there are no practical physical barriers to competition in the ISP space as exists with other utilities. There is no practical technical reason there cannot exist a diverse and competitive ISP market and so it is invalid to use "utility" banner as an excuse for government to manage monopolies when robust competition always does a better job.
If anything what government needs to do is stop getting in the way of decoupling ISP from the last mile and provide framework for incentives / subsidies to make it happen. Breaking massive ISPs up along the way would be swell.
The role of government should be to accelerate restoration of ISP industry to a functioning competitive market rather than acting to police monopolies who will enviably capture the regulators.
The problem is lack of competition. Title II does nothing to address the underlying problem. It only mask symptoms making it more difficult to gain consensus necessary to correct problem of monopolization of the last mile.
What are the downsides? Should we now expect USF line items on our bills? Do mom-and-pop operations have to deal with new red tape disproportionately favoring larger organizations? Will it be leveraged to provide cover for "information sharing" regimes affording customers no legal recourse?
How will Title-II prevent underhanded techniques to maximize leverage such as Comcast intentionally keeping links saturated? There must be an endless stream of "creative" ways to circumvent intent of net neutrality under other plausibly legitimate banners.
Whenever I find myself rooting for government to step in and fix a problem it makes me nervous. For all I know it may end up being better for everyone but I sure as heck wouldn't bet on it either way.
Media whores with little to no domain knowledge paid to invoke hyperbole and spread FUD for ratings.
Science whores paid to generate gibberish about benefits of Smoking, Asbestos and Lead for citation by marketing and political whores (see below)
Marketing whores sticking every piece of crap on the wall allowable by law.
Political whores making policy based on what is best for industries who enrich them rather than people they represent.
Finally we have vast seas of individuals virally propagating assumptions and hearsay without ever checking or knowing the source.
Most everyone is responsible in one way or another by action or inaction.
This "cool brick" looks like a $5 humidifier pad with funky abstract patterns etched on the sides.
God, what a nightmare is to try to actually understand existing code from a different coder.
Where have I heard this? I'm sure someone uttered this phrase before I just can't place ... oh well I'm sure it will come to me.
Before you blame me for being my fault, trolling, etc...
"How come" every time "everybody" starts a paragraph with this phrase disaster is certain to follow?
How come I don't have any problem with any other language?
We all keep lists of languages YOU don't have a problem with.
How come everybody sane I know avoids it as well?
We also know everyone you know whom you deem to be sane.
NSA is actually a bunch of wannabee chumps next to your average Slashdotter with karma to burn.
Again we see the same with iOS and Android. If MS wants to take the phone market all it has to do is open Windows phone and remove all the restrictions, or at the least be less restrictive than Google. If MS would allow any app store it would take the lead. Or even less restrictive allow people to use and modify it as they see fit.
I remember when software was like hardware where at least some people were focused on delivering cool new shit people will want to spend money on.
Today everybody just wants to be an asshole and play marketing games to sell their bullshit. You can only install software we tell you to from our store. Use our "cloud" service because we won't even PERMIT you to maintain a local list of contacts on your own device... They are openly hostile to their customers in a bid to maximize dependency on their platforms.
The future isn't about progress it's about metering out as little value as possible for as much as possible.