re: I think music studios can get royalties from legit. videos on every play
For a given miniscule value of "royalties".....
Posts by sabroni
4138 publicly visible posts • joined 11 May 2007
Page:
RIAA DMCAs GitHub into nuking popular YouTube video download tool, says it's used to slurp music
OnePlus 8T: Solid performance and a great screen make this 5G sub-flagship a delight
JavaScript-based address bar spoofing vulns patched in Safari, Yandex, Opera
Ubuntu 20.10 goes full Raspberry Pi, from desktop to micro clouds: Full fat desktop on a Pi is usable
Run Windows on a Chromebook: All the details. Not so fast, home user...
Love Minecraft: Java? You'll have to learn to love your Microsoft account as well – it will be required next year
Iran sent threatening pro-Trump emails to American Democrats, Russia close behind, says US intelligence
Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patch them ASAP, says NSA
What does everyone make of today's Google antitrust action? Only the stock market is happy with the status quo
When you tell Chrome to wipe private data about you, it spares two websites from the purge: Google.com, YouTube
Tuesday 20th October 2020 08:13 GMT 
Re: What's "site data"?
A cookie belongs to a domain and is always sent when a browser sends a request to that domain.
localStorage belongs to a domain but isn't sent when the browser sends a request. It is available to code served from the domain so gives a site a way of accumulating state without bulking up the http requests.
Linux 5.10 to make Year 2038 problem the Year 2486 problem
When you gaze long enough into the bork, the bork will gaze back into you
It's that time of the year when Apple convinces you last year's iPhones weren't quite magical enough, so buy this new 5G iPhone 12 instead
Morgan Stanley hit with $60m penalty for failing to properly decommission old kit hosting 'wealth management' data
Mark Zuckerberg, 36, decides that having people on his website deny the deaths of six million Jews is a bad thing
AWS cooks up Extensions API for Lambda serverless platform: Useful for monitoring, alerting
Tuesday 13th October 2020 07:22 GMT
Re: that in a few years cloud services could be using about 6% of global electricity production
You're comparing oranges with nothing.
If computing uses 10% of global electricity resources when everyone has their own racks and 6% when we all share cloud resources then cloud is more efficient. Without that comparison your point is pointless.
The seven deadly sins letting hackers hijack America's govt networks: These unpatched bugs leave systems open
Google contractor HCL America accused of retaliating against unionized techies by shifting US jobs to Poland
EFF off: Privacy Badger disables by default anti-tracking safeguard that can be abused to track you online
Friday 9th October 2020 13:18 GMT
Re: NoScript stops trackers dead.
Not really. It stops them running code in your browser to track you but it doesn't block all http requests so tracking is still a distinct possibility. Browser sniffing and other fingerprinting techniques allow servers to single out user agents without running scripts.
NoScript is awesome but I suggest adding UBlock origin or something similar to stop your browser connecting to those endpoints in the first place.
Git your ass to the cloud! Gitpod hooks up with GitLab to take on GitHub Codespaces
Teracube whips out cheap, fixable phone with removable battery and four-year warranty
GitLab scans its customers' source code, finds it's as fragile as you'd expect
Wednesday 7th October 2020 11:13 GMT 
But still not as bad as the way most websites run
I can put together a node app using npm and I have to depend on other people's code. Like I do when I work in any language. I have a tool that pulls the dependencies in and reports known vulnerabilites to me. It's my problem, I control the payload that's delivered to the customer and can audit as I see fit.
When I visit theregister.com, for example, it tries to pull in scripts from theregister.com, doublick.net, google-analytics.com and jwplayer.com. (I have a sneaky suspicion that if I allowed those I'd get some more domains listed but the site works fine without them so they don't get run on my machine.)
How does a site developer take responsibility for the scripts delivered by other domains? I can audit the code I pulled from npm but I have no control over what a third party domain serves. How could I?
So the much more fundamental issue with modern JS development isn't that we build using code from lots of people we can't trust, it's that we build services that pull code from domains we don't control. In that situation we can never audit the code and be confident it is secure.
Microsoft: After we said we'll try to promote more Black people, the US govt accused us of discrimination
TalkTalk marches OneTel users into a brave new email world
If the Samsung Galaxy S20 Fan Edition doesn't make you a fan, we don't know what will
Microsoft says bug, sorry, 'a latent defect' in Safe Deployment Process system downed Azure Active Directory
Ring glitch results in global ding dong ditch: Doorbell bling flings out random pings but they're not the real thing
The perils of building a career on YouTube: Guitar teacher's channel nearly deleted after music publisher complains
Not Particularly Mortifying: IEEE eggheads probe npm registry, say JavaScript libs not as insecure as feared
Monday 28th September 2020 07:34 GMT
Re: So how exactly does one check?
npm automatically checks dependent libraries for known vulnerabilities when it's installing. If it finds vulnerable packages it prompts you to examine them (with "npm audit") and suggests you try fixing them (with "npm audit fix").
The problem isn't that it's difficult to check for vulnerabilities, it's that it's easier not to.
Microsoft's OS joins macOS and Linux at the Flutter party, but guess which one performs best? Hint: It's not Windows
Microservices guru says think serverless, not Kubernetes: You don't want to manage 'a towering edifice of stuff'
We're not getting back with Galileo, UK govt tells The Reg, as question marks sprout above its BS*
Another reminder that bias, testing, diversity is needed in machine learning: Twitter's image-crop AI may favor white men, women's chests
Das Keyboard 4C TKL: Plucky mechanical contender strikes happy medium between typing feel and clackety-clack joy
Tuesday 22nd September 2020 08:32 GMT
Re: Witchcraft, if you ask me.
There's two little ridges on the f and j keys, if you put your first finger of your left hand on f and the first finger of your right hand on j then you can reach all the keys without moving your hands. It's called touch typing. It's easy to get a computer to teach you, that's how I learnt (though I learnt on a dedicated word processor with an A4 sized green screen!)
Imagine working for GitHub and writing a command-line interface for the platform, then GitHub makes an 'official' one
Tuesday 22nd September 2020 08:23 GMT
Re: but I really wish it was developed by an actual C or C++ developer.
The people responsible for ALL the buffer overflow vulnerabilites in the past decade? Oh, yes please!
None of you fuckers can do a good enough job. At least the Go programmers realise there's a problem that needs addressing.
Tuesday 22nd September 2020 08:15 GMT
Re: Microsoft GitHub
Now is the time to look around and see who is naive enough to fall for the "Microsoft are still the problem" nonsense again.
And then you know exactly who's opinion to completely disregard in future.
See? There is a good side to all this. It is an entry level "stuck in the past test".
Tuesday 22nd September 2020 08:13 GMT
Re: once you start replacing cli tools with proprietary ones
But they haven't, the old hub client is carrying on so it's behaviour doesn't change. The new one is gitHub specific so if you use github features you can interact with them from the command line.
The alternative was to change an existing, generic client into one that specifically worked with github.
But it really doesn't matter what they do, does it? You can't let it go, even while FaceBook, Twitter and Google are destroying functioning democracies around the world you have to keep carping on about MS.
Biting the hand that feeds IT
