2538 posts • joined 19 Dec 2010
Too much trust being put into certificates?
Why can't we treat HTTPS for what it is: an encrypted connection between the browser and the website, and nothing more. The audience is constantly meant to believe that HTTPS = more secure and although there is some truth in that I also think it becomes overrated when certificates are being used as some form of proof of identity.
GPG works because it gives us users the freedom to determine our own web of trust. If I have your key it's up to me to decide if I trust you enough to validate other people's keys. Effectively resulting in your signature giving only as much value as I put trust in it.
But X509 certs? Not so much. Basically we have to trust a bunch of CA's "because" (usually because they paid for the privilege) and that trust is more or less absolute. While we do have control over who we trust (though I doubt many people would rummuge around their cert storage) it's either "yes" or "no", there are no partials and you also can't demand that a key is signed by multiple CA's.
I think it's strange (but also not that strange) that this has never been changed, maybe even trying to apply GPG's web of trust design into the X509 hierarchy. Of course it's not that strange because many bigger companies earn quite a bit of money with selling certificates so obviously they want to protect their revenue. There's a higher preference for adding even more "authentication" stuff based on closed standards within the x509 hierarchy than making things more accessible.
But making things more accessible - generally speaking - also tends to increase overall security. I believe the open PGP standard is a good example of that.
Why not simply use X509 for what it is: an encrypted connection which prevents 3rd party snooping as best as possible. But it doesn't mean squat about the legitimacy of liability of a website.
Very selective actions...
Oh dear, hate speech. That's obviously an outrage so we're going to target the platform which posts them, while obviously ignoring the original source because... $effort, and who cares about those anyway? After all: Facebook is rich and you can probably squeeze 'm out a little, nice for your personal wallet. Those sources are obviously (warning: stereotyping!) unemployed and uneducated people so even if you do take the effort of finding them you won't be able to fine them.
Poor politicians, I can almost hear them thinking: "Who ever came up with that bizarre idea of free speech? It's so annoying!".
No: I do not condone hate speech and I fully agree that death wishes and all that garbage has no place on the Internet. But there's also something as: Don't shoot the messenger. This symptom fighting will only help the EU with handing out fines and generating some extra income (which is another issue of mine: what good does it do to hand out fines? who, other than the finee(?) benefits from that?).
If someone is misbehaving and breaking the law whilst doing so then hold them accountable. Yes, that won't be easy, but at least you'll actually change something (somewhat) when you do. This accounts for nothing, and only financially benefits the EU.
Let's just hope that...
The real social justice, the kind I actually respect, will run its course here. As in: people massively unsubscribing which will hopefully move this channel into the obscure regions of the Youtube community. Will probably be hard if he had to get a real job again.
Something doesn't add up for me...
"However, the report said that the main problem facing the science and technology sector is access to funds after Brexit. The UK is a major recipient of EU funding, either in grants for individual researchers or as part of larger, international groups."
But in other countries we're told that the UK leaving is bad news because the costs for those other countries will significantly rise because the UK no longer contributes to the EU anymore.
So what is it, you can't have it both ways.
"is this guy Bin Laden's brother or WHAT?!!"
No, but it's the easiest money those police officers will ever make.
More interesting, and what I'm missing from the El Reg article, is why this issue is suddenly taking place and becoming a thing.
According to another news agency Assange has been engaged in a massive discussion / dispute on Twitter with the Ecudorian president out of all people over the issue in Spain with Catelonia. Apparently Assange is heavily in favor of them becoming independent and Ecuador is against the idea. Leading up to Assange calling out the Ecudorian president on Twitter over this.
Note: I can't verify this for myself because I don't have a Twitter account nor do I want one. But I do consider my source to be reliable (for whatever that's worth).
How stupid and/or arrogant do you have to be to pull that off? I mean... He has Ecuador to thank for his limited freedom. And then he goes on to verbally attack them? I seriously fail to understand that part.
I know that sometimes you uphold ideals and/or morales, and sometimes you stick behind them no matter what. But openly and verbally attacking the main person who is gracious (and gutsy!) enough to help you by granting you asylum and letting you stay on their ground even at the risk of a diplomatic hiatus? And that's how you thank them?
Sorry... I still think that Wikileaks is/was just the thing we need(ed) (everyone hear of "Don't shoot the messenger?") and it also upsets me that a lot of people are more angry at Assange for exposing all the mishaps instead of getting angry over the idiots who performed all those mishaps in the first place.
But having said that: I expected better than this.
Innovation is what's needed...
"Old school model, pay $50 and that's it."
Which is also how it should be. I'm pretty much of an audio freak and have purchased several professional DAW's and same thing: you pay a lot of money (around E 700,- or such for Ableton Live Suite edition) but that's it. The version gets supported for many years until a new version comes out, then I can upgrade (but with a huge discount because I'm already a customer) or chose not to. When the version after that comes out: same deal. I can upgrade, with a discount.
The problem though is that software vendors should be more innovative. There comes a time when you don't have much extra to sell your audience, after which some customers can become stingy if you try to sell them stuff which - to them - isn't worth the upgrade costs.
There are some software vendors who I really admire, and who I've stuck with over the years. Especially: Ableton, Propellerhead, Visual Paradigm, Daz Studio and Cycling '74 (now part of Ableton). Oh, and AOMEI tech: their partitioning software is brilliant in my opinion. Even the free version does good stuff, but it's well worth buying into as well.
So what would be the main thing which "ties" all these companies together? Their "old school" and honest sales model: you pay for an item, you download the item and it's yours to work with. No subscription nonsense, no "new version = new full payment" nonsense (they actually value their customers!) and most of all: I seriously enjoy working with the software.
Microsoft? I actually paid for Windows 7 (bought the Professional version) and what did I get? They tried to force me into Windows 10. Not even the pro version! So much for reliability. I'm staying on 7 for as long as it's supported and after that we'll see what's next. I wouldn't even be surprised if I'd move onto FreeBSD (with a Win7 VM for my regular work) or maybe even make a switch to Apple. I don't particularly like Apple (in some cases I think it's overpriced) but to my knowledge they don't try to force you into stuff you don't want. And all my professional software runs on both platforms, so....
I had a My Book (500Gb) for quite a long time and later on bought myself a My WorldBook (1Tb). It was fun while it lasted: after a while the MyBook didn't work for some reason; even copying a 1Mb file would take minutes (just for context: my computer and the MyBook were hooked up onto the same switch, and other network related functions worked without any issues).
Eventually I opened it up, took out the HD, learned about the Linux OS and ext2 (or ext3, don't remember) filesystems and then copied all my data from it. Right now this same HD sits inside my FreeBSD server, now UFS formatted, and it works just fine. So much for reliability.
I still have the WorldBook but I don't dare to copy any data onto it because I fear for the worst. So it's read-only for now. I'll probably end up opening it up and taking out the HD as well, that will be the end of my My Book endeavors.
So a far more important issue...
What is the current snack policy? We bring our own beer or... ? ;)
Well said, but you forgot one (sort off, because mine is from the employee's pov):
"If you feel to get underpaid then don't agree with the job offering in the first place".
They make it sound as if salary differences are all based on gender, but in most companies a difference in salary even occurs amongst men as well as amongst women. That's the part which is carefully left out of the equation here.
But does it need to break to create a risk?
"the risk posed was far less alarming than both the union and the Department for Transport had claimed. Instead of penetrating cockpit windows, rigorous tests of drones launched against"
I'm not so sure I'd support that theory. Because even if the windows only get cracked instead of broken there's still plenty of damage being done. Not necessarily physical damage (as demonstrated in the study) but the pilot(s) are still at risk for getting exposed to some severe distraction.
Sure, that doesn't have to immediately result in a major crash, but it's still a risk factor which I think should not be taken too casually, as seems to be done here.
Of course I still think a general drone registration seems a bit off and only diverts the attention away from the real problem. I mean... Do you really think that a regular drone used somewhere in-land (say 100km away from the nearest airfield) could pose a risk for any airplanes? I somewhat doubt that.
Instead of requiring people to register, why don't they uphold better security measures around airfields and actually enforce those? So: if you spot someone operating a drone near an airfield then you fine him for endangering air safety. Surely it should be doable with todays technical standards to pick up any signals which are used to operate a drone and then take according action?
"You may think because it’s a free world, open source, and not Microsoft that LibreOffice is the perfect digital independence option, but it is just as constrained as every other offering."
Except of course that it's not.
First off LibreOffice fully supports the MS Office file format thanks to the power of open standards (see this link. So there's no limitation there, you could even use both products side by side if you wanted to.
Another issue is that you can continue to use a supported version of LibreOffice no matter what, no extra costs involved. With Microsoft this means that you'll have to pay a considerable amount of money on an annual basis. I say considerable because you're basically buying into the product over and over again where a lot of other software vendors opt into other methods... Either you buy the software and then get free updates until the next version, which you can buy at a discount. Or you buy the software and then are entitled to an x amount of support, and after that period you'll have to renew your support period. However, also at a fraction of the costs of the original product. It's Microsoft which wants to have it all.
It's not Libre but MS which is constraining here.
"I mean ... jeeez ... couldn't get *email* to work? On Linux? Did they even try?"
Rumor has it that if you don't appease the systemd gods then "bad things" will happen. Can't we just blame this whole thing on systemd and start a riot to get it removed?
"for the police to investigate when terrorists get dobbed in by the neighbours"
Bad idea. I mean: why are we paying taxes for? Isn't that exactly to get jobs like this done from the government in the first place?
Also... remember the last suicide bomber in London? No? Good, because that's the best way to punish them: forgetting about the people who did it and only remember the incident itself.
But anyway: several people from his surroundings, including people from the mosque he visited, had warned the authorities several times. And the police did little more than putting the person on a list.
If that's how our government responds to reported terrorist threats, then I think that money is the least of their issues.
Quotes from the movie?
I can think of one now when you're shopping with your kids (who want Star Wars toys): "Come on kids, those aren't the toys we're looking for!".
It's one thing to make a law...
But enforcing it is a whole different ballgame.
For a moment I thought that it can't get any worse, are our politicians this stupid? Then today I learned that the modern generation of todays time, at least in Holland, can hardly write. And no: with writing I don't mean jamming on a keyboard, I mean with pen and paper: actually write. You know: the thing you can do even when the power runs out? Not being dependent on...
So then I read this article again and suddenly it made more sense: as time passes by people tend to get more stupid every cycle.
So what did the police say?
I see a lot of talk about what the woman thought and such, but I'm missing out on the results of her report to the police. Did the police do anything? Was a rapekit used? Did they find proof of sexual intercourse? If the police didn't do anything then I don't see what Microsoft could have done here. After all: in the end this all resulted in a "she said, he said" kind of scenario, and in our democracy you're innocent until proven guilty. Also noteworthy is that the whole thing didn't happened on the Microsoft workfloor but at her (shared) home.
Even the article says that she was asleep and "thinks to have remembered that she was being raped". Is that enough to ruin someones career? "I think he did it, but I'm not sure"? And once again: I'm seriously missing out on what the police investigation (if any) resulted in.
This isn't about a sexual assault on the workfloor, but instead about sexual related issues at home where both involved individuals also happened to be working for the same company. So unless the police actually got involved then I don't think there's much the company could do here.
People need to go, yet the flawed system remains...
You see this happening so many times and the reason for it can easily be traced back to the hierarchy of power which many involved secretly lung for, even if they don't admit to that or appear to be really in for fair play and democratic behavior.
See: the problem I often have with stories such as these is that every single time when you read about someone abusing their power or their position within a hierarchy then this news is often leaked. 9 out of 10 times people surrounding the culprit leak information hoping that the press catches on and that the wheels of justice (?) start spinning.
When there's enough foul play going then people get relieved from their positions or also not uncommon: they get transferred to another position and/or job so that they can basically continue doing what they do best but at a position where this is less taxing. Everyone happy, all is well again right?
Well, no. Because has it never occurred to anyone that no one ever seems to bother about the system, the very hierarchy, which led to this abuse of power in the first place? Sometimes it's not just the people which need to go, but the very system itself which allowed for the power abuse to occur in the first place also needs to be addressed and improved. Yet that's something you hardly see happening.
Which makes it really hard for me to take any of this too seriously. For me it's all the same: a pissing contest, with the major difference that we all get to suffer from this because obviously all of this is paid for from the taxpayers money.
I'll even go one step further: at least the African dictators don't make a secret about it where their main priorities lie: themselves. In Europe dozens of people within the political hierarchy easily claim to serve the democratic process but reality shows something quite different. And there's nothing you or I can do because failsaves are something most politicians never heard off.
And even if they did it would be something which is usually undesirable. After all: some day it might be you who gets into that position of power, and you certainly don't want to take actions which could "negatively" affects that, do you?
Meh, time for the beer icon :P
The means have become the goal
I'm a pretty big advocate for modeling languages and certain software development / project management methodologies and/or frameworks. Agile can be a part of that, but the emphasis for me lies on UML / SysML and BPMN.
If there's one thing I've learned over the years its that the means to reach a certain goal have become the main goal in itself for some people and companies and that's also exactly where your problem lies I think: people who fail to grasp the basic concept of the whole methodology. Which is that the process (modeling, project management, etc.) should help you make things easier on you. As soon as it interferes with that then you're doing something horribly wrong.
And that interference can manifest itself in multiple ways. From smaller issues (like a data analyst being more worried about having applied the correct standards than the validity of his research material) to bigger issues (managing a team with Agile and ending up with most of your team members who would prefer to see the whole thing get canned so that they can get back to work).
Or to make this easier to understand: it shouldn't be about "doing something Agile", it should be about "doing something efficiently". If Agile can help with that, awesome! But that doesn't mean you'd have to follow the process to the letter to make that work.
I can understand people watching "lets plays"
To me someone watching a "lets play" video on Youtube (= someone playing a video game) isn't that much different from someone watching sports on TV.
Because in the end you're more or less watching the same thing: someone competing in order to try and gain a result. Either competing against others or competing against the system (the game). It's that competitive element which attracts and entertains certain people. Really nothing special there.
"A shame really, I'd have liked to have seen what happens when the viewcount goes over 2,147,483,647 views on a 32bit counting system."
Simple: when properly programmed: absolutely nothing. You can easily try this for yourself by firing up Excel 2010 (32bit), entering this number and then adding =A1+1 into B1, and the result shown will be 2147483648. On a 32bit environment, how amazing (not) :P
Send them the bill
I think that's the best way to get the message across that stunts like these are not appreciated. Send them a bill to roughly cover for time and effort wasted over something they clearly brought upon themselves. Maybe that way they'll actually stop to think a moment before trying out the next "cool idea" which pops up.
"Say anything negative about Tesla (even with justification) on a related forum and watch the hate come out."
That I can definitely agree with. However, that's something you'll see happening everywhere. In a way you could even argue that on behalf of Tesla ;)
But I do agree on some points that there's a lot of hype surrounding some of the things with Musk does. Up to such height that no one bothers about details anymore, even if they are pretty important.
Take the Hyperloop. Has no one spotted the massive amounts of rust which you can see forming on the inside of the currently build test track? Every time a reporter films and gives you a shot of the inside then you can see it for yourself. That's not an example of good engineering and it can cause many problems in the future, but it seems no one cares. Each to their own but if you know what rust actually is, what it does and what effect it can have then yeah...
Things like that often surprise me.
But.. one way to find out.
Well, at least they're honest :)
.. about some things.
Wait... darn, I suppose beer doesn't cut it. Vodka is probably much more appropriate here. Could we get a vodka icon to please Mother Russia? :) Darn, now I need to use the joke icon too. Could we get the option to use 2 icons to please us drunk writers? :P
ok, I'll stop now ;)
Can't blame 'm for trying but...
I would seriously wonder about anyone who would let their kids go to school there willingly. Of course.. If you live in the area and this school is closest by and the most convenient then sure, I can understand why. But otherwise...
"Sorry Jimmy, but you got a D on your homework assignment. While using PostgreSQL as a backend database server isn't wrong, the correct answer to the question was MySQL".
"What question? all you told us was to make an interactive website using PHP...".
"For a Tarantino movie to work, it would have to have Jackson in it (and perhaps an infestation of some kind of poisonous space snake)."
Don't forget the non-linear timeframes. It needs to jump back and forth so many times that eventually you'll stop paying attention to the movie and more so to figuring out when the stuff you're watching happened.
I first saw this in Kill Bill and I thought it was different. Then I saw Sin City and well, it got boring ;)
One small concern
"No more scanning bar codes and typing in codes, or connecting your phone to its WiFi signal, typing in your WiFi password and then returning back to it via an app. Just wave the parts close together and you're done.
People will appreciate that until the moment the system gets compromised by 3rd parties. And considering the lack of required human interaction I can't help question the security aspects of this thing, especially considering all the comments in the article about "buggy software".
I'll bet they had nothing to hide...
I'm starting to sound like a broken record because I've posted something like this quite a few times now but yah, they keep providing us with good examples.
See title: I'm pretty sure their customers had nothing to hide, but as always that's not the primary concern when it comes to privacy and such. The real concern is how the other party is going to (ab)use all the collected data.
And here we are, once again an excellent example. Let the identity theft games begin!
Ironic isn't it: if you want to store information related to credit cards you'll have to go through a ton of hoops (PCI compliancy for example) before they'll let you off the hook. And the credit card companies themselves? Well, they seem to have no problems with just dumping all their data onto a public storage facility.
If an individual does this there'd be massive fines to pay, but I'm sure that's all "different" for these guys.
My gf told me...
"Modern feminism is the root of all evil". And I believe her.
Who would want a Tesla anyway?
There are some youtubers who are actually enjoying their Tesla's and sharing their experiences, but if you see what they have to endure then I sincerely wonder who in their right mind would buy this crap. Someone mentioned that his front window has been replaced 3 times because the window for some reason heavily changed the focus within random sections of the window. One moment you see it clear, the next moment you see things distorted. The heck?
Then he shows us the side. There's a plastic strip going from front to back, but as soon as you reach the backseat doors the strip suddenly shifts by a few centimeters.
You can easily find this on youtube yourself. The worst part: the guy actually likes the car and he's not even negative about Tesla (I would be!) but right now hopes that his problems will get fixed.
I've had a few cars myself, but I have never had my frontview window replaced 3 times in a row.
Do you really get what you pay for?
Expanding single point of failure much?
Now, the idea by itself isn't too bad. Having several programs being able to interact with each other has existed for a long time already, tools like OLE (Object Linking & Embedding) for example. In Microsoft Office they even took this one step further by providing us with VBA (Visual Basic for Applications) which in its turn has access to an API which provides access to all Office components and a whole lot more.
I know not everyone enjoys VBA but I personally quite like it and believe it still has huge potential.
The problems though start when one program begins to negatively affect the other. If that happens then you don't want to be fully dependent on a shared link between those but you'll want to be able and work with them individually. This is also why Windows eventually adapted a model in which programs were treated more individually, because in the beginning one malfunctioning program could easily take down the whole system (mostly talking about Windows 3.11 / 95 here).
And that brings me to my concern: although the idea to have all your work grouped together in one 'Set' might sound like a good one, I can't help wonder what's going to happen if - for whatever reason - your Set suddenly crashes and stops working. And don't tell me that won't happen: every Windows user has experienced a crash and loss of work at some point in time.
If you have one program which crashes then the risk of data loss is somewhat reduced. But now if all the stuff you're working on crashes at the same time then I think you might be in for some pretty unpleasant moments.
Go Microsoft! :P
And this is why I use Opera
Opera is a browser build upon the Chromium engine and has a lot of its own specific features and quirks. I tried it and immediately took a liking to it. You can clearly notice all the things it provides because of the Chromium engine but even though it may share some resemblances it's definitely not Chrome, and hat shows.
A lot of things are done in much different ways, and some features (like a build-in VPN) are simply Opera-only features.
So maybe now could be a good time to look around for "Chromium based browsers" as an alternative for Chrome itself.
Have to disagree with you on that one.
Although you're absolutely right that Chrome can easily take the blame for something it didn't initiate itself, it was still Chrome's API model which allowed for it to happen. Surely it should be doable to set up an API which can ensure that if a plugin goes bonkers then it won't take down the rest of the system with it?
I can't help wonder if this is simply caused by not adding a good API structure and now paying the price for it. And instead of fixing things they'd rather take the easy way out by removing the thing alltogether.
"I love how they make it seem like the company really really wants to pay them more, but golly gee, that darn contract is getting in the way."
You raise a valid concern but sometimes this can actually be true, depending on the kind of government and the rules they apply. For example: over here in Holland employers have to pay 50% worth of taxes if they want to give their staff a little bonus on the payroll. So say a company has 4 employees and wants to give them half their salary as a bonus then they'd actually be looking at an effective cost of twice the salary costs. Even though the employees only get to see half of it.
I'm not implying that this is also happening here, but it most certainly wouldn't surprise me if you had to put the blame on the government instead of the contract.
Commit the crime, then do the time...
Sure, the guy now suddenly has all kinds of health issues and what else, but he should have thought about all that before commuting any actual felonies. Think before acting and all that.
However, I also oppose the whole deportation request and hope that he'll be tried in the UK. For the simple reason that I don't think the US is looking for justice here but merely trying to play out their own personal agenda.
Even so, the morale of this story is still the very simple aspect of not committing a crime if you're not ready to deal with the consequences.
A government actually caring (or at least looking after) the interests of its citizens? Impressive.
So it uses the camera to check in real time what's going on behind you. Dare I ask what else Google is planning to do with all the new data this will gain them?
Because although I agree that this might be useful for some people one also has to wonder at what prize Google will present this. Because if there's one thing we should know by now it's that nothing is free.
All this does is make it even more appealing for a company to keep quiet about any possible data breaches. And that's just the thing you don't want, because transparency can actually help others from protecting themselves.
Another problem I have with this is that Mozilla is basically placing the 'blame' on the website owner. But sometimes that simply isn't the case. Then what?
How does this work when an ISP had a databreach and you're visiting a website from a user of said ISP (so: they're also hosting the site with that ISP)?
Sometimes you can't have it both ways...
Although I see his point I also think that he may have set his expectations a little (too?) high. In an ideal world this may work, but sometimes it just doesn't work this way..
Sure, if there is an error then that needs to be fixed asap. No arguments there. But what about the time in which the bug got discovered and the moment of implementing the actual fix? That's the moment when a system will be vulnerable, and a security hardening might be capable of preventing further damage from taking place if an attack were to occur.
Of course this can break stuff. I think a good example would be the "kern.securelevel" setting on FreeBSD. This is a setting which has a default value of -1 and administrators can only increase the value, by doing so this will harden the system some more.
For example value 1: you can no longer turn off immutable flags on files, /dev/mem and /dev/kmem may not be directly opened for writing (read: you can no longer load or unload kernel modules) and /dev/io is fully inaccessible
Value 2: All of the above and disks can no longer be opened directly for writing (mount is excluded). So it protects the filesystem(s).
These setting will plain out break X. But it also hardens the system and can prevent plenty of possible nastiness from happening. So on a desktop this setting might not be very useful, but on a server all the more valuable (assuming it doesn't use X).
So I can't help wonder if this also doesn't apply here. In an ideal world you wouldn't need failsaves, but the world simply isn't ideal.
Aww, Linux only...
I'm using FreeBSD and was hoping that this could have been triggered by a more commonly available joke. So I set out to investigate /usr/src/usr.bin/man, only to discover that /usr/bin/man on FreeBSD is only a shell script. Oh well, can't win 'm all ;)
I suppose I could always add this functionality myself if I really wanted to, but I think I'll pass.
Shame to see them go...
I know that Github is the better choice and that the whole idea was somewhat futile because it's hard to visualize open source in combination with Microsoft and/or Microsoft environments. Even so... It does exist.
Alas, they didn't have much of an impact but I still think it's a shame to see 'm go. Because with these things more is always better. And a little competition usually brings out the best in the competitors.
This isn't about FOSS at all
The main issue is that money does strange things to people, it always has.
That someday they'll release an OS X version for the full Intel platform. I know it's not likely to happen because every piece of Apple hardware is also registered with the "homeland" which allows you to gain access to your OS updates (and the OS itself if I heard right) which would be a little more difficult to accomplish on Intel. Heck, Microsoft tried (you know: change too much hardware in your PC and you'll end up with an unregistered version) but that got so much backlash...
So I don't think it'll happen all too soon but it would be very interesting to see what might happen. Back in the days OS/2 wasn't exactly cheap (also because of its very niche market share) but even so several people still bought into it because it was actually a very solid operating system (one which I truly miss from time to time).
I'm convinced that even more people would buy into OS X if Apple were to take this route and place their flagship directly in opposition to Windows. I probably would!
"Linux is correct, all security problems are the result of bugs."
The question though remains where the bug is located.
If I write a malicious kernel module to exploit the system the physical, real, bug is located in my kernel module. But if this manages to exploit code which under normal circumstances works flawlessly.... then is the bug really just in my module or are there more?
"And this is by firms that make computer security their business"
Has the possibility ever occurred to you that those businesses could also be doing a terrible job? And then obviously blame it on something else.
The hypocrisy is astonishing...
"which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism."
An "influencing campaign" huh? Didn't I hear major outcry's a few months ago that the Soviets might have influenced the presidential elections through some posts on social media? That was obviously not done because how dare they try to influence stuff by sharing "false" information.
And here we are, the US doing exactly the same thing. Oh, sure, this time it's different because you're trying to "help the children". Well, bollocks. Everyone will have their reasons, depending on your point of view, but that doesn't change the fact that the hypocrisy is shining. When someone else does something it's foul play and actions need to be taken, but if you yourself do the exact same thing it's suddenly "different"?
I don't think so.
All of a sudden...
Remember GitLab? That "we want to be like GitHub but you'll have to pay us to keep your stuff safe"-company which utilized 6 ("six"!) different backup strategies to keep your data safe, but then never bothered to check on any of them so that in the end they ended up empty handed when they actually needed their precious backups?
I don't know about you, but all of a sudden they seem pretty harmless right now.
Because let's be honest: most of us have been there, the moment you notice that your backups are crap is when you actually need 'm.
But that really fails in comparison to what we're see happening with AWS (and now Github) as of late. Don't the "IT professionals" these days understand the difference between public and private repositories anymore? Are they really that stupid that they don't realize that private keys which are even referred to as that should be kept private?
From the 'req' OpenSSL manualpage:
outputs the public key.
this option creates a new certificate request and a new private
key. The argument takes one of several forms. rsa:nbits, where
nbits is the number of bits, generates an RSA key nbits in size. If
nbits is omitted, i.e. -newkey rsa specified, the default key size,
specified in the configuration file is used.
How obvious do they have to relay any of this information?
Oh wait... do these guys actually read manualpages or have they become too "special" for that?
And on that subject: do you really have nothing to hide anymore? If "IT professionals" are this careless with their own data, then what do you think they'd do with data which doesn't really matter much to them. For example yours?
Stupid idea, coding isn't writing a novel!
It becomes obvious that the commercially exploited development tools have reached their current limit if companies suddenly try to sell us this kind of crap. Because who in their right mind would use anything like this?
It's already difficult to administrate a larger team project because although you expect every programmer to do their best to send in flawless code, the reality shows us that everyone can make a mistake. The larger your project grows the more important quality checking will become. And even then most project developers prefer that others (so devs. other than the coder(s) themselves) go over the code manually because humans can often spot certain hiccups better than automations.
This is also one of the reasons VCS can be so extremely invaluable because it allows you to pick out every single commit to check it out, and also apply full control over it. Something tells me that this kind of failsave won't be part of this monstrosity. At least not the first releases because... If you sell people a fully working product then what's left to sell them at a later time?
Sure; if you use this system to get someone else to go over your code to spot mishaps then I'm confident that it'll work and can become a valuable tool. But that's not pair programming, one person wouldn't be programing but merely quality checking.
But to actually program on the same thing together both participants would have to know exactly what the goal is. So: the initial programmer would first have to explain the goal, how to reach it, what to do and what not to do (for example: with Java you'd either want getters and setters or not, or you want private's because this will be stand alone or you recon that it might become part of something bigger so lets go for protected instead) and then also you'd have to divide your tasks. Who does what?
So my dilemma: wouldn't all that time spend on getting the coding strategy explained be much better spent on the actual coding?
I wonder how long before we can see this scheme used to excuse ones coding mishaps.. "Yes, the code was crappy as heck but it wasn't my fault. My coding pairing buddy made a mess, not me. So you shouldn't be criticizing me (even though I sent in the code in the first place)...".
I'll stick to vim for now :P
"Off topic, but I'm not sure why Firefox has lost so much ground to Chrome in recent years."
I do. And so do you, I mean, if you run Firefox today then it almost feels as if it was build upon Chromium. Do note that I'm not necessarily talking about this version but about 56.
But it shares so much resemblances. The command scheme (about:plugins), the speed dial screens, the right menu in the settings pages, using only 1 menu "button" vs. a regular menu, the tab style, the search engine shortcuts...
Thing is: at one point (when Chrome started to take off) they went even so far as to make the browser look and feel as if it was a Chrome copy (which was the reason why I stopped using it myself because I actually liked the regular menus and icons and buttons). If a browser starts to copy its competitors right up to a point where it shares a striking resemblance, then isn't it kind of obvious that it's bound to lose grounds? Why settle for a copy if you can have the original?
I fear it goes much, much deeper than that.
Because what does a generic programmer often use? And not just Microsoft, but also on Linux, FreeBSD and any other given platform will you see this happening? Libraries and/or API's. Sometimes up to such ridiculous points that you can get multiple versions of the same library onto the same system (now hinting at BerkeleyDB). Dozens of programmers these days don't necessarily build all their stuff themselves, but also rely on libraries to fill in some of the blanks.
Now, don't get me wrong, that by itself isn't a bad thing. But many library programmers do exactly the same thing, which can easily in the end lead to cascading effects. Because if there's an issue with a library then all the software which compiled against it will also be affected.
And things can go only worse from here. Because what would happen if there were any bugs discovered in your average compiler? Even compilers use libraries these days, and libraries which by themselves rely on others.
I believe that this is one of the reasons why we seem to live in a time where software gets an ever lasting stream of updates and patches. Sometimes it's not because of the programmer, but because of the tools and externals they chose to use.