I guess the tide serves a dual purpose, rising and falling tides will expose sea-dwelling life forms to the air, eventually a variant life form will evolve that can survive in both states, and that leads eventually to land dwelling organisms. On a world with no tide there'd be little opportunity for life forms to be stranded out of water in sufficient quantities for that mutation to take hold, or at least not in anywhere near the same timeframe.
It doesn't seem like much of an ifiltration if all it does (by the sound of it) is allow you to open your Firefox bookmarks, etc in the native iPhone browser and provide a search bar that does the same thing. Still nice to have the option to take your bookmarks across to the mobile device, though, and it might help win/retain a little FF mindshare but a far cry from the win that native FF on the iPhone would be.
The really crazy thing is that newspapers have been given away to customers for many years, the price you pay pretty much just covers the cost of printing, all of the profit comes from the advertisement and the difficulty is usually getting enough eyeballs on your content to make the advertising pay. So this industry is then gifted with almost zero distribution costs via the internet, and a major search portal directing users to your site, and they somehow can't make money from advertising any more? I don't buy it, this strikes me as just plain old greed, they worked out by having zero distribution costs they could make more from the cover price than the ads (although you can bet even the paying subscribers will still have to wade through ads). Let's hope this fails as dismally as we already suspect.
1-2% when the site has something of particular interest to you. When it's just regurgitating the same stale news as every other site, I can see this being even less. I certainly don't think they'll be able to use the quality of their journalism as a major selling point.
So it benefits established designers and incredibly talented emerging designers and everyone else has to either work damn hard to succeed or find a new career. I don't see a problem with that, nobody should expect to have IP in place to give them a free ride, if they're not prepared to work for success they probably don't deserve it.
You're underestimating the value of a designer original. The fact is copies these days often hit the market at the same time as, if not before, the originals, sometimes the copies are even of better quality, and yet people still buy the originals because there is some level of perceived value in that. If that weren't the case, top designers would be forced to compete on price or go out of business, I don't see much evidence of designer brands competing against copies on price...
Yes, JavaScript has always been able to do this, and while it might provide slightly better security to not allow a script in one window to alter another window, there are legitimate uses that would have to be worked around (and eventually you have an entirely secure system that nobody can use at all, the line has to be drawn somewhere).
Spot on, I've met lots of socially challenged but incredibly intelligent people working in development, and I've met lots of socially adept idiots in management/ownership positions - getting ahead in business is far often much more about how confident you are and how you sell yourself to others (and how good you are at making them feel important) than how brainy you are. Chances are if the average nerd comes up with a world shattering idea, he'll be lucky to get a pat on the back while his boss (or more likely his boss's boss) gets the new Ferrarri - not advocating that nerds turn to crime, but I've seen this pattern far too often for it to be a mere coincidence.
Indeed, when I'm researching something I'll often pull up ten or so sites from the first page of my search results and read Slashdot while they're loading in the background. These are sites I likely haven't visited before so they won't be whitelisted, yet often they'll be AJAX heavy as they're usually web design/development oriented. It would be incredibly onerous if I had to individually open each site and wait for it to fully finish loading before opening the next. Not to mention you'd give rise to a whole slew of other issues. Opened a connection to a web service and then tabbed away before your AJAX request completes? Should the web service listen indefinitely until you decide to tab back and finish the request or should every AJAX script on the web that communicates with a web service be rewritten to allow this kind of stop-start approach without breaking/timeout issues?
The problem is, users don't understand what is happening, they just know that every single time they switch tabs they get this annoying prompt, for every single website they visit until they tick the "always allow" action - just think for a minute how annoying the entire internet experience would be if that was the situation. Even then, at the cost of spoiling the online experience, you've solved nothing when malicious users can still inject their attacks via adverts on otherwise trusted websites, as has happened recently.
I tend to have to switch between, on average, four or five projects per day. Of those projects, each one has a local development environment, a system test, sometimes pre-production and a live production environment. If I'm viewing the differences between a single page on just two of the three or four environments, I already have ten tabs open - then there's webmail, issue tracking, online analytics and time management apps open in other tabs (and there'll usually be three or four issue tracking tabs open because, as I mentioned, usually switching between projects). I'm already at 15 - 20 tabs on an average day where I'm working on small, isolated projects (if anything I'm changing on any of those five projects has a site-wide impact, I'll of course have a bunch of windows open for that project so I can visually check nothing's screwed up, and this scenario is more usual for me than the one where what I'm changing affects only one page) - add in forums and information sites if I'm reading about particular technologies or tracking down bugs etc and on any given day it's not unusual for me to have 30-40 tabs open, it's just not worth the overhead of having to shut down, re-open and reload all those URLs as and when I need them. I already have several hundred bookmarks, so I don't want to pollute that pool even more with sites I might only need to use for a week and then never visit again.
I bank with HSBC, which is by no means a little no-name bank, and they let me log in with just typed credentials (account details and three digits of a 6-9 digit pin). I wish they'd back this up with some kind of dongle authentication, like other banks, but their answer is to have me install some rubbish plugin if I want added security, which I can't always do if I'm using different machines, working off site, etc. so I have little choice (other than the hassle of changing banks) than to accept their requirements. I have taken to using the on-screen keyboard so that I can enter with mouseclicks rather than keypresses if I'm on an untrusted machine, but other than that I can't do much else.
It seems to me that online security is being loosened rather than tightened, in the name of providing more freedom to users (in other words just not making them jump through a couple more hoops to protect their life savings) - simple text entry, banking on mobile phones, isn't all this just asking for trouble? Ten years ago I could create one-time debit/credit card accounts with a fixed maximum or that expired after X payments or that could only be charged by client Y, etc and yet I have a hard time finding any of that from the major banks today.
Facebook is just a convenient example people have heard of. There are other sites where such an attack could do a lot more damage and which the user would expect to be periodically logged out of - banking for example, although if you leave a banking session open and logged in while you're working in other tabs you're probably asking for trouble anyway, but that doesn't mean it never happens.
Except your Facebook never times out unless you log into it on another computer or you don't tick the box to stay logged in.. which I suppose some people might if they don't know how to set up multiple accounts on their computer.
More likely users on public machines who might want to have a few windows open while they're working but don't want to have to remember to sign out if they get called away for a few hours and don't have a chance to return to their session.
To create a site that people will feel compelled to leave open while they go off and do something else.. that actually sounds incredibly easy - either a porn site or a "humourous" video amalgamation feed type thing which opens the links you click on in a new tab.
Not that easy, in fact, if you could come up with a way to create sites people never wanted to close (and to repeat the success at will, because as soon as your original phishing site got blacklisted you'd have to be able to create a bew one) then you could earn very good money legitimately without needing to phish.
As far as I can tell that's exactly what the author is getting at, it's just badly summed up by saying they leave the page. What it means is, you open Facebook or something in one tab, in another tab you go to a site which has an embedded attack that reloads the Facebook tab with a phishing site that looks the same but has some "timeout, please login again" message. To the user it doesn't appear that they left the FB site at all, and likely when they "log in" the phishing site will collect their details and redirect the tab to the original page so unless the user is paying particular attention to the URLs it's completely transparent. I don't know what the feasibility of the attack is, but if it's valid you certainly wouldn't have to be stupid to fall for it.
Oops, one of those common language misunderstandings, I think from reading the other comments below this that she worked for the police rather than in medicine? The comment still probably stands (given the police are largely not well predisposed to drug users).
Yes, they should. And a 21 year veteran should have more common sense than to joke about a subject which, working in the medical field, might be seen as poor judgement. I think there's blame on both sides here (definitely more blame for the massive overreaction, but certainly people in responsible positions such as this need to think about the image they're conveying to the public who rely on them in their most vulnerable moments).
Doubtless it was an overreaction to fire her, I'm sure there were many less severe methods to handle this, but who decides where the line is drawn? What if the joke was about stealing drugs from work, or smothering patients so she can go home on time? What if she'd took out an ad in the NYT telling people she took drugs as a "joke"? If you spread information that calls your own reputation (and by extention, the reputation of your employer) into disrepute, even as an attempt at humour, you can't be entirely surprised when it comes back to bite you. Maybe the average person won't take any notice, but what if a patient who didn't realise it was a joke refuses treatment on the basis of her comments and suffers injurious consequences? My other half is a nurse so I know first hand that they are subject to incredibly strict rules around their conduct in public, so why should posting to the internet be any different?
Re:too successful for their own good
on
Lost Ends
·
· Score: 1
The problem is they became a massive hit, got renewed for a few seasons, and then made up the rest as they went along.
That's only a "problem" where the people behind the show care more about the money than the story, surely? Six seasons ought to be plenty to tell this story, and many other fantastic shows ended on a high point after only two or three series, leaving the fans wanting more, certainly, but also being all the more tightly scripted and paced, and therefore better, for the shorter run.
I assume this is a reference to something in the show, otherwise it makes no sense. Isn't a hatch like a door? You wouldn't say living in a door, you'd say living behind a door maybe, therefore living behind a hatch would make sense but I suspect I'm missing something!
Re:Meandering story not going anywhere
on
Lost Ends
·
· Score: 2, Funny
I am about to give up on "flash forward" for the same reason.
You're not going to have a choice as the show was canceled last week.
How did they not see that one coming?</horrible-pun>
Somehow I doubt, after not being able to give people the answers they wanted after 6 years, that they'll manage it in 20 minutes. However, since the comments seem to have been largely negative (I never watched it, was kind of waiting for this point to see if it was worth starting based on whether the ending was awesome) I guess they need some way to sell more DVDs so hinting that the answers are actually on there is maybe a last ditch effort.
But there's a difference of scale. You probably don't care if some random guy walking down the street sees your traffic. You don't expect that same guy being there all day, every day, and record everything, now do you? There's a difference between looking out the window and seeing the neighbor naked, and pointing a camera at their house. While the obvious solution is to close the shades, there's still a fucking camera pointed at your house.
Guess what Google does.
The first one? It drives down the street and takes a snapshot of one point in time. Even if it does that a million times per day it's still only taking one snapshot of you, it's in no way equivalent to sticking a camera outside your house. Even with your MAC address it can't use that information (since it will be lost when your traffic is routed via your ISP). The only way their actions would be equivalent to them permanently looking at what you're doing is if Google were your ISP, since that way they could tie up your MAC address with your physical location and the sites you're browsing, but your current ISP can do all of that already without driving past your house, so I fail to see the issue.
Might be illegal. It seems to me this would hinge on the definition of identifiable information. There's nothing being broadcast that identifies you personally, even tying it down to a house would be difficult unless you live out in the middle of nowhere. Even if you have your address/name as the SSID, it's not necessarily identifiable, as it might actually be your neighbour using your name/address as his SSID, or you might have purchased the router used from ebay and have never met or spoken to the person who's name is being used. There's simply not enough useful information being broadcast here to in any way claim this infringed upon privacy, and weighed against the simplicity of people taking mitigating action and not broadcasting that information, I find it hard to see that Google would have a case to answer.
You're not thinking like a politician. Why fit WiFi to 1,000,000 lamp posts when you can initiate a "take back the night skies" policy, reduce the number of lamp posts tenfold and easily keep your WiFi promise into the bargain.
Slashdot Mirror
I guess the tide serves a dual purpose, rising and falling tides will expose sea-dwelling life forms to the air, eventually a variant life form will evolve that can survive in both states, and that leads eventually to land dwelling organisms. On a world with no tide there'd be little opportunity for life forms to be stranded out of water in sufficient quantities for that mutation to take hold, or at least not in anywhere near the same timeframe.
It doesn't seem like much of an ifiltration if all it does (by the sound of it) is allow you to open your Firefox bookmarks, etc in the native iPhone browser and provide a search bar that does the same thing. Still nice to have the option to take your bookmarks across to the mobile device, though, and it might help win/retain a little FF mindshare but a far cry from the win that native FF on the iPhone would be.
The really crazy thing is that newspapers have been given away to customers for many years, the price you pay pretty much just covers the cost of printing, all of the profit comes from the advertisement and the difficulty is usually getting enough eyeballs on your content to make the advertising pay. So this industry is then gifted with almost zero distribution costs via the internet, and a major search portal directing users to your site, and they somehow can't make money from advertising any more? I don't buy it, this strikes me as just plain old greed, they worked out by having zero distribution costs they could make more from the cover price than the ads (although you can bet even the paying subscribers will still have to wade through ads). Let's hope this fails as dismally as we already suspect.
1-2% when the site has something of particular interest to you. When it's just regurgitating the same stale news as every other site, I can see this being even less. I certainly don't think they'll be able to use the quality of their journalism as a major selling point.
So it benefits established designers and incredibly talented emerging designers and everyone else has to either work damn hard to succeed or find a new career. I don't see a problem with that, nobody should expect to have IP in place to give them a free ride, if they're not prepared to work for success they probably don't deserve it.
You're underestimating the value of a designer original. The fact is copies these days often hit the market at the same time as, if not before, the originals, sometimes the copies are even of better quality, and yet people still buy the originals because there is some level of perceived value in that. If that weren't the case, top designers would be forced to compete on price or go out of business, I don't see much evidence of designer brands competing against copies on price...
Yes, JavaScript has always been able to do this, and while it might provide slightly better security to not allow a script in one window to alter another window, there are legitimate uses that would have to be worked around (and eventually you have an entirely secure system that nobody can use at all, the line has to be drawn somewhere).
Spot on, I've met lots of socially challenged but incredibly intelligent people working in development, and I've met lots of socially adept idiots in management/ownership positions - getting ahead in business is far often much more about how confident you are and how you sell yourself to others (and how good you are at making them feel important) than how brainy you are. Chances are if the average nerd comes up with a world shattering idea, he'll be lucky to get a pat on the back while his boss (or more likely his boss's boss) gets the new Ferrarri - not advocating that nerds turn to crime, but I've seen this pattern far too often for it to be a mere coincidence.
Indeed, when I'm researching something I'll often pull up ten or so sites from the first page of my search results and read Slashdot while they're loading in the background. These are sites I likely haven't visited before so they won't be whitelisted, yet often they'll be AJAX heavy as they're usually web design/development oriented. It would be incredibly onerous if I had to individually open each site and wait for it to fully finish loading before opening the next. Not to mention you'd give rise to a whole slew of other issues. Opened a connection to a web service and then tabbed away before your AJAX request completes? Should the web service listen indefinitely until you decide to tab back and finish the request or should every AJAX script on the web that communicates with a web service be rewritten to allow this kind of stop-start approach without breaking/timeout issues?
The problem is, users don't understand what is happening, they just know that every single time they switch tabs they get this annoying prompt, for every single website they visit until they tick the "always allow" action - just think for a minute how annoying the entire internet experience would be if that was the situation. Even then, at the cost of spoiling the online experience, you've solved nothing when malicious users can still inject their attacks via adverts on otherwise trusted websites, as has happened recently.
I tend to have to switch between, on average, four or five projects per day. Of those projects, each one has a local development environment, a system test, sometimes pre-production and a live production environment. If I'm viewing the differences between a single page on just two of the three or four environments, I already have ten tabs open - then there's webmail, issue tracking, online analytics and time management apps open in other tabs (and there'll usually be three or four issue tracking tabs open because, as I mentioned, usually switching between projects). I'm already at 15 - 20 tabs on an average day where I'm working on small, isolated projects (if anything I'm changing on any of those five projects has a site-wide impact, I'll of course have a bunch of windows open for that project so I can visually check nothing's screwed up, and this scenario is more usual for me than the one where what I'm changing affects only one page) - add in forums and information sites if I'm reading about particular technologies or tracking down bugs etc and on any given day it's not unusual for me to have 30-40 tabs open, it's just not worth the overhead of having to shut down, re-open and reload all those URLs as and when I need them. I already have several hundred bookmarks, so I don't want to pollute that pool even more with sites I might only need to use for a week and then never visit again.
I bank with HSBC, which is by no means a little no-name bank, and they let me log in with just typed credentials (account details and three digits of a 6-9 digit pin). I wish they'd back this up with some kind of dongle authentication, like other banks, but their answer is to have me install some rubbish plugin if I want added security, which I can't always do if I'm using different machines, working off site, etc. so I have little choice (other than the hassle of changing banks) than to accept their requirements. I have taken to using the on-screen keyboard so that I can enter with mouseclicks rather than keypresses if I'm on an untrusted machine, but other than that I can't do much else.
It seems to me that online security is being loosened rather than tightened, in the name of providing more freedom to users (in other words just not making them jump through a couple more hoops to protect their life savings) - simple text entry, banking on mobile phones, isn't all this just asking for trouble? Ten years ago I could create one-time debit/credit card accounts with a fixed maximum or that expired after X payments or that could only be charged by client Y, etc and yet I have a hard time finding any of that from the major banks today.
Facebook is just a convenient example people have heard of. There are other sites where such an attack could do a lot more damage and which the user would expect to be periodically logged out of - banking for example, although if you leave a banking session open and logged in while you're working in other tabs you're probably asking for trouble anyway, but that doesn't mean it never happens.
Except your Facebook never times out unless you log into it on another computer or you don't tick the box to stay logged in.. which I suppose some people might if they don't know how to set up multiple accounts on their computer.
More likely users on public machines who might want to have a few windows open while they're working but don't want to have to remember to sign out if they get called away for a few hours and don't have a chance to return to their session.
To create a site that people will feel compelled to leave open while they go off and do something else.. that actually sounds incredibly easy - either a porn site or a "humourous" video amalgamation feed type thing which opens the links you click on in a new tab.
Not that easy, in fact, if you could come up with a way to create sites people never wanted to close (and to repeat the success at will, because as soon as your original phishing site got blacklisted you'd have to be able to create a bew one) then you could earn very good money legitimately without needing to phish.
As far as I can tell that's exactly what the author is getting at, it's just badly summed up by saying they leave the page. What it means is, you open Facebook or something in one tab, in another tab you go to a site which has an embedded attack that reloads the Facebook tab with a phishing site that looks the same but has some "timeout, please login again" message. To the user it doesn't appear that they left the FB site at all, and likely when they "log in" the phishing site will collect their details and redirect the tab to the original page so unless the user is paying particular attention to the URLs it's completely transparent. I don't know what the feasibility of the attack is, but if it's valid you certainly wouldn't have to be stupid to fall for it.
Oops, one of those common language misunderstandings, I think from reading the other comments below this that she worked for the police rather than in medicine? The comment still probably stands (given the police are largely not well predisposed to drug users).
Yes, they should. And a 21 year veteran should have more common sense than to joke about a subject which, working in the medical field, might be seen as poor judgement. I think there's blame on both sides here (definitely more blame for the massive overreaction, but certainly people in responsible positions such as this need to think about the image they're conveying to the public who rely on them in their most vulnerable moments).
Doubtless it was an overreaction to fire her, I'm sure there were many less severe methods to handle this, but who decides where the line is drawn? What if the joke was about stealing drugs from work, or smothering patients so she can go home on time? What if she'd took out an ad in the NYT telling people she took drugs as a "joke"? If you spread information that calls your own reputation (and by extention, the reputation of your employer) into disrepute, even as an attempt at humour, you can't be entirely surprised when it comes back to bite you. Maybe the average person won't take any notice, but what if a patient who didn't realise it was a joke refuses treatment on the basis of her comments and suffers injurious consequences? My other half is a nurse so I know first hand that they are subject to incredibly strict rules around their conduct in public, so why should posting to the internet be any different?
The problem is they became a massive hit, got renewed for a few seasons, and then made up the rest as they went along.
That's only a "problem" where the people behind the show care more about the money than the story, surely? Six seasons ought to be plenty to tell this story, and many other fantastic shows ended on a high point after only two or three series, leaving the fans wanting more, certainly, but also being all the more tightly scripted and paced, and therefore better, for the shorter run.
I assume this is a reference to something in the show, otherwise it makes no sense. Isn't a hatch like a door? You wouldn't say living in a door, you'd say living behind a door maybe, therefore living behind a hatch would make sense but I suspect I'm missing something!
I am about to give up on "flash forward" for the same reason.
You're not going to have a choice as the show was canceled last week.
How did they not see that one coming?</horrible-pun>
Somehow I doubt, after not being able to give people the answers they wanted after 6 years, that they'll manage it in 20 minutes. However, since the comments seem to have been largely negative (I never watched it, was kind of waiting for this point to see if it was worth starting based on whether the ending was awesome) I guess they need some way to sell more DVDs so hinting that the answers are actually on there is maybe a last ditch effort.
But there's a difference of scale. You probably don't care if some random guy walking down the street sees your traffic. You don't expect that same guy being there all day, every day, and record everything, now do you? There's a difference between looking out the window and seeing the neighbor naked, and pointing a camera at their house. While the obvious solution is to close the shades, there's still a fucking camera pointed at your house.
Guess what Google does.
The first one? It drives down the street and takes a snapshot of one point in time. Even if it does that a million times per day it's still only taking one snapshot of you, it's in no way equivalent to sticking a camera outside your house. Even with your MAC address it can't use that information (since it will be lost when your traffic is routed via your ISP). The only way their actions would be equivalent to them permanently looking at what you're doing is if Google were your ISP, since that way they could tie up your MAC address with your physical location and the sites you're browsing, but your current ISP can do all of that already without driving past your house, so I fail to see the issue.
Might be illegal. It seems to me this would hinge on the definition of identifiable information. There's nothing being broadcast that identifies you personally, even tying it down to a house would be difficult unless you live out in the middle of nowhere. Even if you have your address/name as the SSID, it's not necessarily identifiable, as it might actually be your neighbour using your name/address as his SSID, or you might have purchased the router used from ebay and have never met or spoken to the person who's name is being used. There's simply not enough useful information being broadcast here to in any way claim this infringed upon privacy, and weighed against the simplicity of people taking mitigating action and not broadcasting that information, I find it hard to see that Google would have a case to answer.
You're not thinking like a politician. Why fit WiFi to 1,000,000 lamp posts when you can initiate a "take back the night skies" policy, reduce the number of lamp posts tenfold and easily keep your WiFi promise into the bargain.