somehow $399 becomes €499
At least according to winfuture.de .
http://winfuture.mobi/news/104047
And then you still need to buy the keyboard, so you end up spending €600 for a laptop with a pathetic CPU and 64GB eMCC. Not my idea of a bargain.
472 publicly visible posts • joined 25 Sep 2014
Fundamentally, this scheme needs to assume that the local Chrome install and the extension are untampered-with. But I don't see how it can guarantee that.
Let's say I am a black hat. I'll observe the extension under a debugger, track which system calls are made to do the checks it does. Then patch the binary to just always return a good answer. Presto, compromised extension, which I will bundle with my malware to replace the existing extension.
"Would it not be simply better to devise a translation table to trap and refuse to register names in Cyrillic that "look like" anything in Latin?"
The Unicode consortium maintains tables of characters which are "confusable", and an algorithm to check if two strings are confusable.
https://unicode.org/cldr/utility/confusables.jsp
Arguably, the way URLs work could be changed to declare that two URLs which are "confusable" are actually the same. This could be done by normalizing to a single representation under the hood (Unicode calls this the "skeleton").
Current proposed solutions are all about somehow fixing this in the client by some heuristics which should make the browser complain in certain cases. Frankly I don't think that scales.
I seriously wonder why Microsoft still bothers with Edge. It doesn't bring in any revenue and has negligible marketshare.
They could just as well strike a deal with Mozilla to have a MS-branded Firefox in Windows (defaulting to Bring), and save some $$$.
(I presume a similar deal with Google would be a bridge too far.)
At a guess, tens of scripts were written with #!/bin/sh and bash-isms, then the whole thing blew up on a distro where sh != bash.
This was the easy fix. Of course, if they only had have some tool which could automatically search& replace across a large number of files...
"The EU later joined Galileo and changed the participation requirements so only EU members can have access to high precision positioning. Why did lawyers representing the original participants accept this?"
May I suggest the UK fire a nuke at the nefarious country which was responsible for this change? It would only require a very short-range rocket.
Yes, it's possible to get Debian to work without systemd. That is not the point. The point is that if you do that, and some package breaks, is that considered a bug in the package? For Debian, the answer is currently "no" and for Devuan it is "yes".
The point of "init freedom" is that Devuan has *multiple* supported init's, and packages are supposed to work with all of them, and if they don't, that is considered a bug and not a WONTFIX,.
This has been discussed so many times, it's a FAQ.
https://devuan.org/os/issues
"Since libsystemd0 is totally innocuous if systemd is not installed and running, existing dependencies on libsystemd0 are not consider a major issue in Devuan Jessie.Hence, please avoid filing a bug report for every package that depends on libsystemd0: we already know the full list, and any such bug report will be closed without further processing. However, we would really appreciate your help in repackaging existing software to remove this silly and useless dependency."
"meet the real world of personal data scattered in Excel spreadsheets, Word documents, pdfs and for all I know coded into C# objects."
If that is how a company handles personal data, they will soon meet the real world of massive GDPR fines.
That why the more forward-looking organizations have spent the last two years changing from the "real world" you sketched to a world in which GDPR compliance is actually possible.
Needs only one (decimal) digit for an IP address, statically allocated as follows.
1 - The Register
2 - Facebook
3 - Netflix
4 - Google
5 - Microsoft (just block this one to stop Win10 from slurping)
6 - AliExpress
For intranets:
7 - You printer (replacing 192.168.X.X)
8 - Your boss (replacing 10.X.X.X)
For you:
9 - yourself (for return packages. Carrier-grade NAT is used in case somebody else wants to use the Internet at the same time)
0 - localhost
Nice small routing tables.
IANAL, but it seems Google haven't done their homework and/or are (ab)using app developers to test the waters on GDPR rulings.
If "Non-personalised ads" sends out no personal information, then that is sufficient, there should be no need to have an "Ad free" option.
If, on the other hand, "Non-personalised ads" still sends out personal information (such as a unique device number) and "Ad free" comes at a cost, then that is a clear GDPR violation.
Moreover, if "Non-personalised ads" does not communicate very clearly to the user that still some personal information is being sent, that is yet another GDPR violation.
When the sh*t hits the fan, app developers are probably legally responsible even though they used the Google-provided API, you may want to read Google's disclaimers most carefully.
Especially since this whole "pop ss" hack is a throwback to the 16-bit segmented DOS days.
The expectation being that the next thing you do is adjust the sp register and thereby restore the entire segmented ss:sp stack pointer to some previous location. If an interrupt handler would run inbetween it would smash some arbitrary memory at new-ss:old-sp.
So no sane application program has been using this for >20 years but of course the complexity-induced insecurity remains with us.
"Can you do that on any other type of Linux install? Didn't think so."
I do this (invoking Windows programs) all the time from msys2 bash. Virtualbox also has guest extensions to allow a guest to invoke pograms on the host. (Disabled by default, of course.)
I would say that a much more annoying issue with Notepad is that it insists on marking a UTF-8 file with a BOM ("byte-order marker"). Many text-processing tools choke on this BOM. In contrast, most Unix tools handle CRLF transparently.
Wish that Microsoft had done what Apple does and just included Vim in the base system.
But merely mentioning a trademarked name is in itself not a problem. The problem is in *naming* some product after the trademark.
Somebody at Oracle's law firm did a grep over an easily-available list of software products, thereby satisfying some minimal level of "policing" effort so as not to lose the trademark.
O, the browser vendors *are* along for the ride. They have all implemented the Encrypted Media Extensions, the DRM mechanism standardized by the W3C. Hand-wringing of individual WHATWG members notwithstanding.
Note that EME is formally not part of HTML proper (it's an "extension"), so out of scope for the WHATWG.
From a practical point of view, if you are writing web pages, the only relevant standard is WHATWG. Browsers implement WHATWG, not whatever the W3C dreams up.
As mentioned in the article, neither standards body is exactly a representative of the "little guy". WHATWG is dominated by $BIGCORPS and so is W3C. The difference is that the $BIGCORPS in WHATWG are the ones who actually control the browsers, the $BIGCORPS in W3C just wish they did.
At least the fact that the actual browser makers co-operate in WHATWG means that it becomes possible to write cross-browser webpages.
* Being sued by Microfocus (current owners of original Unix source code) for using the Unix API in Solaris and Oracle Linux.
* Being sued by IBM for using the SQL syntax.
* Being sued by UC Berkeley for copying the RISC II ISA in SPARC.
Unless somebody can explain to me how these things would then somehow not be copyrightable?
"If Microsoft were to roll out decent ssh client and server integration for its products that would be a big win for its customers,"
Windows 10 now contains a build-in ssh server. I learned this because it got in a fight with my openssh install for port 22.
"although the devil would, as always, be in the details."
Ah yes.
@tfb
"But in fact what it should really be possible to do is to send a bunch of stuff to the browser which says 'if ambient light is in range x do y; if it is in z do q ...'"
You can do exactly that already using the light-level media query in CSS, it lets you say: use this style if light level is low, use this style if light level is high. No need for Javascript.
Unfortunately it can still be used to glean information, e.g. by having a 1x1 pixel image which is shown in dark conditions and another one which is shown in light conditions, and then tracking on the server which is requested.