105 posts • joined 20 Oct 2007
While i'm no fan of BigCorp's, i'm even less of morons like this and legal systems that actually support them.
Any decent place and the moron would have been sent to mental care given he espoused the belief that he could get wings by drinking red bull. Only to be released if/when he proved capable of making the distinction between reality and fairy tales. And his legal counsel would be disbared for actually taking up the case and (eventually) wasting the court's time.
Wouldn't work for me.Not how i roll and would make my life a nightmare. At my "peak" i was keeping about fifty or so moderate to long alphanumeric usernames/passwords in my head. Occasionally i'd mix a user/pass, but i'd remember them all.
All of them were generated by KeePass, but the decisive factor came after. I had to read and type them to see if they "felt right". If they didn't, i'd try to "fix" them because i could "feel" where the wrong part was. If they did, no more work needed. It is my honest belief that passwords can feel "right" or "wrong" to different people thus making them easier/harder to memorize.
While this might seem a bit esoteric, i'm pretty sure there is an underlying explanation as to why certain random sequences "feel" different..
Probably the same underlying mechanism that makes certain note/chords sequences "feel right" when listened to and others be just noise.
Nice new spin...
First off, it's nothing "outrageous". I still hold dear something i once read that i cant quote verbatim but went along the lines of "If they have physical access, you don't own the box anymore". Oh so true.....
What i thought hilarious was that the thieves seem to have a lot more foresight than the banks. They actually had what amounts to proper planning.
Limiting the withdrawal time windows to some days on some hours meant that even if someone went "rogue", they couldn't hit everywhere and blow the cover. Also made the problem look more like a system glitch. Also lets the malware sleep lot more, thus laying low under the radar.
But the icing on the cake was the "phone you boss" feature. I mean, it's...priceless. The malware wants ThePowersThatBe to confirm it's clear to go. Now, wouldn't it be nice if the ATM BIOS/OS was as concerned? A nice lill message as in "I detected something new, please enter confirmation code or i brick the ATM".
Ah well, as someone pointed, banks won't care much. Their overall profit margin is good enough to cover these "glitches". Would cost more to do a proper job than to write off the loss.
Re: Proprietary software vendors - what do they do?
Non free *nix ditros - what do they do?
- Build a system using other people's work or more likely outdated versions of other people's work. Or sometimes cutting edge that don't really work all that well or have been extensively tested.
- Take customers' money
- Take whatever time it takes and push updates as you feel like. Answer phone if the sucker, i mean customer, actually has a support contract.
That's adding value right there too.
That said, Slack fan and will die one, but i see no difference between Proprietary and Enterprise *nix. Same poopoo different smell. And source availability is only meaningful if you have the in house expertise to fix/apply it yourself, whether the FOSS people like to admit it or not.
The Holy Church of Sound.... again...
Religion and this early in the morning... needed extra coffee...
Why are we still banging this old drum, and why hasn't it been settled one way or the other by the most simple means? Which is.... SAMPLE THE OUTPUT.
Hook up the relevant measuring devices, play the CDD/FLAC/ALAC/MP3 and compare it. Are there differences? Yes, yes but not relevant? Repeat all along the signal chain to the end, ie, where you'd plug in the speakers. Now measure what was supposed to have come out vs what actually came out. At each step once more.
Willing to bet that you'll end up figuring that the differences as you moved down the chain became much bigger than they originally were. And that's not "quality difference", just different artifacts produced...
p.s. anyone claiming their signal chain isn't changing any little bit of the input is per definition an "audiophile". Delusional with deep pockets.
Re: Too much ado about almost nothing...
Now you have two, but you get the benefit of an explanation. This is NOT a problem with the exposure method, be it CGI or whatever. It's a problem with Bash not properly parsing vars. Trying the "it's not supposed to be used for" defense is just about as good as Job's "you're holding it wrong" stunt... A spade is a spade and a vulnerability a vulnerability.
And your comment only proves that Open Source has long moved from a "philosophy" to a religion, shock full of dogmas and unwilling/unable to face (even substantiated) criticism. and like a "good" religion, you obviously must be "right" thus can do no wrong. And along comes the usual "it's not important/relevant/substantial" excuses zealots, especially the devs, are so fond of.
Grow up, a turd is a turd, and if you call it an OpenTurd it still won't smell like roses :)
Re: I may be being stupid here
Not so much but then again yes.
The problem is not that you know you have to sanitize input so much as having to know WHAT to sanitize it against. Or to make it more clear, to avoid passing inputx, you first have to know inputx was bad news. And unless you can convince me that you are aggressively (re)parsing and conforming your input, which i doubt anyone is, guess what, you're doing the basic checks just like everyone else, and this will go though.
Can't resist the temptation to bash the zealots (pardon the pun). So, again, there goes the many eyes theory down the drain... The reverse on the contrary is quite true. Once you get many "bad eyes" looking at you, the nasty water starts popping out of the sewer lid.
Oxygen consuming parasites
The EC by any other name. Just another fine example of why we need to get rid of those resource consuming scumbags.
If i ran a search engine, it would be MY call what is relevant or not. MY metrics, MY decision. And if the users "promoted" me to be the de facto standard, then i guess it would be proven ipsis facto that i had gotten it right and the competition hadn't.
If i decided to use one part of my business to promote another, where is the wrongdoing? It's like saying a car manufacturer can't make and promote it's brand of tires should it wish to do so. Stupid at best.
Once more the EC shows it's cluelessness and willingness to pander to the lobbies of the "unfit" that feel the need to claw back by legislation what they lost in the "open market of free choice".
In truth, if i was Google, i'd just pack up and go. Close shop in the EU, take my business elsewhere and give them the finger. It's not like that would stop people using it and the EC would have trouble justifying to former employees why they'd been sacked and to governments why they'd lost revenue from G's European ops.
All it takes is for that nice guy (cough) Mr. Putin to go along. You wouldn't open that can of worms during the worst part of Cold War nevermind right now.
And all it takes if for him to even think that what Snowden has to say could throw a wrench into the EU/Nato "unified potential plans" about Ukraine.
Heck, if what he has to say can even muddy the waters some, it's a great deal. Even when the whole EU agrees about something, it takes months to do anything. Throw a small dissent at it and it turns into "takes forever".
That's how he got it. Granted, it might kick (some) digital watches, and maybe makers, into the gutter, but it won't make even the cheappo mechanical's sweat.
Because, and i'm sure that's something Apple hates, wearing a mechanical clock is in and by itself a statement. That you're not on the MEETOO bandwagon and couldn't give less a donkeys ass what the current trend of groupthink is.
Ah well, he was probably just trying to make the fanboys fell warm and fuzzy inside anyway...
Re: Another 'could be' law?
You know, i thought just that too. If the cops can't tell if it's against the law or not, wtf are we paying them for?
I for one would expect someone from their legal team to have advised them, before you know, they doing something they can't and ending themselves in court....
Your own post reflects the truth. "he deprived him of money that could have been made".
There's a huge difference between could and would. A bit of common sense will tell you that most of the people that would consider a cam, or would consider a buck for a cam WOULD NOT pay a full price ticket. Or a full price DVD.
Also, unlike what other poster seems to think, whether or not you would buy is not related to whether or not you could do so. Many people that could still would not, because that's how they go about. It's either free or they go without, despite the fact they can afford it.
True revenue loss is when someone that COULD afford it and WOULD buy it doesn't because he got it "free". Which is what? 0.005% of the cam watching freetards? Less?
Just goes to show how far law and justice drifted apart...
In a fair world, anyone would have agreed that while his actions were against the law, they warranted no jail time, which in his case will probably do more harm than good. 5y "forced" community service? Sounds lot better, certainly lot more useful and would save taxpayers money twofold.
As for revenue loss, joke all around. Anyone willing to watch a cam version, free or not, is precisely the kind of people that WON'T pay for a movie ticket, a DVD or anything at all.
Not saying this is the case, but poor Heartbleed seems to be supporting a really heavy load on it's shoulders. Data breach? Heartbleed. Security fuckup? Heartbleed. etc etc etc...
Maybe we should have a HB every month so that no f***wit that should be sacked on sight ever looses his job again.
Not that it happens a lot mind you, since "the system" seems to be tolerant towards negligent dimwits. Maybe because negligent dimwits are running "the system", go figure...
Software that takes outside data is open to attacks. Software that uses other software in it's operations extends it's own attack surface. Repeat that cause that's what a plugin is. Anything non trivial?
No cookies to El Reg to have failed to notice "can only happen if you use uncommonly huge buffer sizes where you have to decompress more than 16 MiB (> 2^24 bytes) untrusted compressed bytes within a single function call" which kinda makes it obvious why a video app was chosen as target.
And some apps/distros didn't update in 11 days against a problem that might likely affect 0.00000001% of their users. How sloppy.
From reading up on it, seems "someone" got pissed that they got dismissed on the grounds of "not life or death" so decided to get his 15m by showcasing the potential while omitting the likelihood.
Re: "Encrypted" PSTN calls?
Quite right. Only can be given serious thought when the encrypt/decrypt part is made at the mobile/handset.
Quite an opportunity for any kit maker that decides to do cheap gear that fills that void... How hard can it be for them to do it...
Re: Today's Pro Tip
Not cold, just a sad side effect of keeping the activities she engaged in a criminal act. In (more civilized) countries that decriminalized both, she might have called for help and the poor sod might be alive.
As is, she just had to weight potential manslaughter + more vs certain conviction on prostitution and drug charges. Loss-loss anyway you look at it so taking uncertain vs certain becomes the rational choice when this version of fight-flight takes place.
Pretty much illustrates that, once more, the "war on x" only hurts people and helps no one. Well, might help the guys making billions out of dealing drugs, and maybe that's why it keeps being illegal...
One would think we'd remember how Prohibition only helped THE MOB and how the end of the world didn't come to pass when it was repealed...
This stops if it's made into law that if given software A wants to install a given software B on which software A is not directly dependent, the opt out option is made to be the default one and the maker of software A is directly responsible for any damages caused by software B installation/usage.
1000000:1 as no developer will take on those hot potatoes anymore.
I'll get flammed for this, but Google is seriously dumb for not jumping on this opportunity. They'd need so little work to add this to their revenue stream it's dumbfounding how they never managed to get it going (properly)... Alas, our great advertising overlords are not as omni as we make them out to be...
Was a mess waiting to happen from the go. No matter how it gets painted, it's censorship. Courts should deciding on whether something is factual/true or not (defamation). Relevancy is in the eye of the beholder, thus, let people themselves decide if it is or not.
On a side note, if i was Google, i'd fork out some $$$, setup a small "competing" search engine and link to their results. Being a "minor" search engine said operation wouldn't fall under these orwellian rulings and could thus link to whatever they wanted. Then i'd make sure Google's search algo was biased enough to make sure those links to links (not content) always came on top of searches. Give or take a few thousand "Streisand Effects" and people would give up trying to be forgotten on sheer fear of actually getting to be remembered.
They (owners of No-IP) should think of getting a class action suit started on behalf of all their affected customers (paying and otherwise).
I'd suck up if the judge had ordered said subdomains taken down and accounts blocked, but handing over the whole shebang to M$? Ludicrous at best, abuse at worst.
So, extra 22C and nearly double the power consumption for less than 25% overclock. I'm so not impressed... Quite betting no benchmark results were in cause they'd be less than impressive too.
Really, why don't we just nail this for what it is? That You Tube isn't really a "non profit" thing anymore and thus should NOT be under "loose" safe harbor provisions? After all, wasn't that always the crux of music IP violation suits? That not only they were doing it, but profiting from it? Google selling ads on top of blatant IP violations should make this a hook>line>sinker case.
And cut the bollocks. If Google wanted, they could just setup a department where artists/labels could send their works (ie music) along with the proper legal docs that proved who owned copyright of said works. Their content ID system would then automagically kick out blatant infringements and flag "dubious" ones for "human decision required". After that, was just a matter of filtering/flagging new content coming in via content/keyword matching. And artists/labels would just need an email like "video xyz violates our submited material abc### so please remove it" in case anything slipped by.
So, it's not really a tech issue, or even an operations issue, it's just that they have nothing at all to profit from cleaning up their act and got something to loose by doing so. This is (sadly) when you need policy makers to actually go kick ass because someone downright refuses to do the RightThingTM voluntarily.
Earlier on i learned to split The Powers That Be into two groups, A and B. A wants the job done FOR REAL. B wants something that sort of works so they can also show some work done. A is great to work with because though they want the real deal, they're willing to cut you some slack so you can get it done proper. B is great to make money from because they only want some half baked solutions that eventually needs more fixing and maintaining than it ever needed implementing :) Brownie points if you can sell them some "holy grail" features that can't be realistically achieved but will keep you working until it's scrapped as "can't be done".
p.s. There's a really small fringe C group that actually would like the real deal but are under time/budget constraints that won't allow for it. Very sad to work with those cause the poor sods actually know what they want/need but also know they can't get it and are stuck with "as good as possible".
While i agree that the workplace is not the place and time to crack jokes, you're making too much out of very little. Think like this, if you make a joke about snakes, guess what, you're discriminating the poor reptiles. Pretty soon you can't joke about anything because let's face it, if it's a joke, you're gonna end up making fun of something or someone.
But, if you're on a roll, gives your thoughts on reverse discrimination and quotas.
Re: voluntarily ???
Friend of mine used to send bits and pieces of leftover sheet metal, iron or lead, wrapped in "promotional" junkmail. Once was usually enough.
Re: yay. Overtime.
"Security through public reviewing" can be worse than "security through obscurity" depending on the scenario at hand.
If a given "package A" attracts more "many eyes" from miscreants than from white hats then you're in deep shit. Given that white hats will usually do it "on good will" and miscreants will usually do it "for the money", who do you think is more motivated?
And while closed source will force miscreants to try "what if" scenarios before landing a successful attack, with open source you can just point and say "look, there it is". No trial and error because the source itself will confirm it.
Now, that doesn't mean open source is necessarily worse, but does mean you have to do your best to make it airtight from the go, especially regarding security related software, because you can't, or shouldn't, depend on the first person to spot a bug being "a good guy".
p.s. on a side note, that might be the RightWayTM for M$ to kill XP for good. Release the source. Would we be running for the hills... Heck, even so much as release only source to things that they've already changed. Should pretty much bring in a steady stream of 0-days with world+dog searching for bugs and M$ not releasing fixes. But maybe it's so bad they're too embarrassed to show it.
Re: ...without the bagage of C
That's a simplistic view. Does it work? Certainly. Does it lend itself to pushing out applications real fast? Speedbump...
Apples thinking seems to be, and quite reasonably, that this day and age, what you REALLY need is a decent glue. The heavy lifting is going to be done by the OS/Middleware, be it 3rd party or even your own. Thus, what you need is a better glue that brings all those bits and pieces together to provide the fastest (and easiest) path to go from prototype to application.
And let's face it, that's precisely where most "conventional" languages don't really shine.
To be fair though, he shouldn't have pinpointed C "baggage", but "baggage" in general.
Re: smoke and mirrors
"it’s clear that no security-conscious users are going to feel comfortable trusting the software after this debacle"
No, your position is not naive, it's the opposite of the stupidity in the previous quote driven by the "stupid herd" and "cover thy but" mindsets.
Let's look at it logically. Either 7.1a (and previous) was safe or it wasn't. To believe either way needs "faith" as the first audit is still in the making. If you assume that it was safe, then it was safe before this and will be safe after this. If it isn't safe, it was unsafe before this and will be unsafe after this.
So, by sticking to your chosen horse, be it using TC or not, you are now no better or worse than before. Because you have no idea where you actually stand until the audit comes through.
And it goes on and on. Bruce Schneier is gonna switch to PGPDisk? Nice, and who's gonna say "that one isn't tainted"? Bitlocker? Diskcryptor? Pick your poison, you'll always be "on faith". Because... you didn't write it. And this holds true for any software. If you didn't write it (and that includes the compiler/assembler/toolchain) you have NO IDEA if it's safe. You ASSUME it is. FWIW, i'm going with you on this. Until it's proven unsafe, i'll keep assuming it's safe.
@Chris155 : Using TrueCrypt requires you to take a leap of faith that you can trust those anonymous individuals to be creating a quality product."
As opposed to trusting a (almost always) US based vendor to protect you instead of cooperating with 3 letter agencies. Yep, i see the logic in that line of thinking... wait... no i don't.
p.s. for the truly paranoid, think boxes inside boxes inside boxes. The more the more chances you have one will be secure, and "normal" data is usually quite small so the performance hit isn't that bad.
Let's just hope this isn't just Apple backsliding into it's old ways and how headless chicken tat sellers go about when no smart person is at the helm... As pointed, 3b would go a long long way into them setting it up themselves and far better.
On the sound quality discussion, to each it's own. Might sound devastating to audiophiles but it's not really about what sound sounds like but about what YOU like sound to sound like. Music is pointless if you hate the sound of it (pardon the pun) when you listen to it. And this isn't even limited to listening devices. That live band you loved yesterday might sound like crap today just because they changed venues, thus acoustics. And maybe today they are closer to their "true sound", but to YOU it now sounds crappy and yesterday's "distortion" sounded a lot better.
Sad if true
And there's another quite dark avenue. If TC really has/had no backdoors, at maximum strength it would make spooks job if not outright impossible, at the very least immensely resource consuming.
Now, if i was the spooks, and kinda found myself between the rock and the hard place with nowhere to turn, would i be tempted to take the easy way out and turn the FUD dial up to eleven?
Leaning hard on someone to get the signing keys, lill site hijack, "bombastic news", and suddenly the "tabloid news" worshiping masses are running away from what we don't want them to use. Sounds like a decent plan with low resource usage...
Anyway, kinda non-event. After all, no tinfoil hat brigade member would ever take a TC volume after usage and NOT use another encryption layer on it, would they.
So, Microsoft is on a marketing exercise to try and determine how much crap they can throw at the users before their tablet market share not only hits rock bottom but actually starts digging...
Great idea methinks... If they can figure every reason their offer is failing or might fail, maybe they can come up with something that actually sells by the time W9 is ready.
I'd say it's not just money but generally saving of "resources". Money being just a "general resource" that can be easily traded for other resources. In the western world you're perpetually chasing the latest shinny instead of getting just what you actually need.
Reminds me of the cybercafe scene around here a decade or so ago. Anything that was "western owned" would open up in the best premises and best gear (borrowed) money could buy at the given time. The "non western owned", mostly Pakistani for some reason, would open in less than stellar premises with (mostly) 2nd hand gear that "nobody wanted anymore". So, while the former were struggling to cut back on their debt, the later were soon into making a profit. Unsurprisingly, when the scene went bust because of widespread cheap internet access, the former were mostly still paying back that debt or at best making pitiful earning while the later had been cashing in for a long time. Guess who is still in business today, even if the revenue stream has diminished tenfold.
The western world at large seems to have lost it's grip on the concept of sustainable and wholeheartedly embraced a "riches or bust" model. Which works only for casinos since they are the ones that get rich while everyone else goes bust. Or "web 2.0" ventures that get acquired for ludicrous amounts of money...
Re: Bring on the crypto-anarchy
"The only small snag with that is the people you do want to monitor are now protected too"
I'm pretty sure said "people" will have a far better grasp on the need to secure their comms than your Avg Joe does. Which would mean many are ALREADY doing it. Which would mean a said agency is getting even less out of them than before.
10000000:1 the spooks have more info on those politicians than they'd ever tell you, and said class being said class, probably far more than enough to coerce them into NOT doing anything that might change the status quo.
"Censorship is the suppression of speech or other public communication which may be considered objectionable, harmful, sensitive, politically incorrect or inconvenient as determined by a government, media outlet or other controlling body."
Emphasis on "inconvenient" for this case. By all means, contend all you want, but it IS censorship. Whether it's done by some dictators "blue pencil" office or by a court makes no difference. Note that, as in the ruling, the information being true/fact or not isn't a consideration. All that matters is that "someone" found it "bad" for some subjective reason.
And now it's not only republishing, linking to that which is already published also lands you in hot water it seems.
What's next? I link to some data and i get told to remove the link? I'm sure M$ would love all those links to the DoJ affair removed. Those past practices are so "irrelevant" these days. How about the NSA? All those links to their evil doing were "irrelevant and inconvenient" even before they existed.
Keep downplaying the importance of your freedom of speech and expression and you'll eventually find yourselves short of both...
"and that request will (usually) be decided in a court who will balance the right of the individual against other rights"
I'm hoping you do understand that this kind of selective "cherry picking" based not on truth/fact but on some arbitrary quantity by a select body is PRECISELY the definition of censorship...
Re: Actually I'm quite impressed
People all have a past, a present and a future. You can't change what you did, but you can change what you're doing and will do. Your kids chances won't be ruined by what they did, but by what they kept on doing, are still doing and will do.
"Those who cannot remember the past are condemned to repeat it." It's the fact that you do have a past that drives you to change in bad cases. If you can sweep it under the rug, you have no drive for improvement at all. It also drives you to have an interest in keeping one you're proud of, lest it comes back to bite you in the proverbial.
And another step on the slippery slope of (selective) censorship.
What next? Right to force newspapers to "erase" past events that you no longer consider "relevant"? Just one step removed from 1984 where the Gov would actually rewrite history...
Because that's what this is about in the end isn't it? If some info, somewhere, was libel, you already have the ways to get it removed though maybe not the money to pursue said endeavor.
The spanish guy example is a great case in point. It was a fact. No libel. The PoS just didn't find it "relevant" (read: it's inconvenient) anymore.
In the headlines tomorrow : Google erases all links to publicly available court decisions since all the people found guilty feel it's no longer relevant.
Or we might just stop being sheep, declare the EU ruling bodies as a) morons b) unfit for (any) purpose c) a waste of oxygen and be done with the sod load of them.
Foot, meet (another) bullet...
Seem to be that they are making an already strong case for preemptive (read: before cloud) data encryption even stronger.
If the world at large goes into strong encryption as default, then will the NSA and likes really be in a s**thole as there won't be enough processing power to make sense out of the digital noise, thus, then will their funding shrink back to "normal spy agency" level as throwing more funds into it would just be a case of throwing good money after bad.
So, just as XP is declared "unsafe", the first chicken that comes home to roost is a IE flaw that hits across all the OS's. Nice thing then that M$ is showing us how much safer we would be with their new supported OS rather than their old unsupported OS as they probably won't be issuing a fix for IE versions that still work on their old unsupported OS.
Then again, we could just dump IE, fixes a lot of exploits, current and future, as it goes out the door ...
Reminds me of my old boss, who is a PC repair shop owner, temporarily loosing his higher brain functions and putting his mobile number in a site that "had" a "crack" for an app he wanted. Then he confirmed the SMS.... In one fell swoop he had €20 less in the mobile and a zombified PC.
Can't see what the fuss is about. The big boys quite surely already have servers in European space, it's just a matter of them making sure no Euro<>Euro comms ever leave the Euro part. Why would Uncle NSA be so pissed about Euro data not crossing over to any place they can tap it? Oh wait...
Then again, maybe people should just start using encryption instead of believing someone's (and insert whatever you want here) good intentions.
Heck, if everyone started using proper encryption, the noise would be so bad Uncle NSA would be driven to fallback into time honored targeted spying tactics instead of just slurping ludicrous amounts of data in the hope they catch something remotely useful.
(Congress might be happier too since targeted black ops must surely cost less than running their datacenters...)
Bug in Word. Haven't used since... Check!
Bug in Internet Explorer. Haven't since even before i haven't used... Check!
Bug in Publisher. Haven't used, period. Check!
If these are the kind of "vulnerabilities" XP is gonna have from now on, man, keep'em coming.
p.s. If you have a) still use Word b) still use IE and c) allow crap like Publisher on the boxes, you had it coming didn't you?
That someone got (subtly) forced out of his job/position not for his competence or lack of, but because of what beliefs he espouses is beyond the pale...
What amazes me is that the same lobby crying intolerance and throwing stones at the man are themselves (by logic reasoning) intolerant, since they can't accept the fact that he doesn't share their view. Tolerance goes both ways not just one.
Guess it's time for the devs to say fork it (bad pun) and head off to some new place more concerned about their products than what some lobby thinks of them.
Mozilla, a place where everyone's views are welcome, unless your views are different than ours (or some lobby, or some flavour of the week PC'ness, or anything not related to web browsers).
While everybody loves hating Windows, true point is, a USB port? And the ATM is configured to boot from it as default? What could possible be wrong with that line of thought...
Even keeping the USB port, a much better idea would have been to have a custom BIOS that checked for existence of a flash drive connected to said USB port and then, if one existed, read a key from it and used it to decrypt a boot image off a hidden partition into the system partition. Right key? ATM back to a clean start state. Wrong key? Bricked ATM in need of hauling to repair shop. Assumes a tamper proof HD/SSD setup.
The cynical in me thinks this is just a setup for plausible denial. Whomever did the ATM's was probably "persuaded" (at point blank) to make them "somewhat insecure", not bad enough they'd look guilty, just clueless. Eventually loosing face is far better than immediately loosing (parts of) head...
Ye know... Imaging (and restoring said images) is pretty old hat. So why is it that M$ couldn't get it right and ended up with the PoS named System Restore? Oh right, since most users have a one disk one partition setup, you couldn't go nuclear on that and plain restore the image or you'd nuke the user data too... So instead of forcing a os+apps/data split, they "developed" a new system that only seems to work when it comes to restoring malware back into the system.
M$ could sometimes GetItRightTM just by not trying so hard to come up with a revolutionary non round wheel...
Re: It may not be illegal
People in need aren't Apple's primary, secondary or even tertiary market targets. So, any wonder they don't give two woots about them?
Don't be pissed that Apple does what it legally can do, be pissed that you (and mine) government(s) gave them the tools to do it. Be doubly pissed that they allow it to keep happening. And end up asking yourself WHY don't they just close the loopholes.
Same FUD again from people with a too obvious agenda, ie market drones...
If OS XYZ stops getting support at day x, it wont make it more vulnerable than it was at day x-1, just that nothing will be fixed by the manufacturer after that date. On a similar note, OS ZYX, the successor to XYZ, doesn't become more secure after day x either.
Given that both XYZ and ZYX have been through several rounds of "fixing", one might argue that neither is really more (in)secure than the other. OTOH, XYZ been around (and abused) for a while longer, and it's "pool" of (exploitable) vulnerabilities has shrunk quite a bit. While ZYX's attack surface is quite "virgin" in comparison.
Malware writers also like to hunt "big game" as profit is directly proportional to numbers. OS FREEBIE and OS FRUITY have benefited from this for ages. Now, if a significant amount of punters move from XYZ to ZYX (or FRUITY or FREEBIE or CAKEY or something), said miscreants change targets, they always do and do it real fast.
Point in case, was there any 0day for 3.1 making the headlines these last, say... 10 years? You might just get away by being with something nobody gives two tweets about anymore..
Here we go again... Who gives a tweet? How many of the W7/W8 patches will translate to a all-Winblows landscape vulnerability? It's quite likely a small number. Of that small number, how many will allow rooting the box? Quite likely an even smaller number. And of those, how many will have impossible to close attack vectors that make patches a must and not a "if available"? Think you get the idea...
This whole "XP gonna die an horrible death" hammering is just driving the point home. The point that MS f'ed up badly with every OS since then and now they're getting desperate with a userbase that just WON'T "upgrade". It's not XP's fault for being too good as it isn't, it's just better than the crap they churned out to replace it...
p.s. to the *nix crowd, give up. That you might have a (technological) edge on the OS wars is debatable. That you aren't even a runner up on the application wars is a fact. Until you loose that delusional mindset that GIMP can replace PS and app XYZ can replace it's win/osx established industry standard replacement, you're going nowhere and doing the community a disservice...
Get me a supported OS/distro that didn't get patches/fixes. Now get me one that didn't need patches/fixes by it's EOL. Failed? Of course you did...
Thus, logic implies that whether old or new it's gonna have flaws. It's not whether or not it has them that matters, it's whether or not it's a particular show stopper for your setup.
IF XP reaches EOL, i won't be any worse than i was the day before, because it either worked the day before or it didn't. EOL didn't bring anything new, just means there won't be more patches/fixes henceforth.
And me, like many others, won't go jumping through hoops just to have the "latest bling" for fashion's sake, time better spent using/maintaining our established app/hardware base.
Give me a critical/killer app that the old OS can't run and i'll start upgrading. Can't find one? Sod luck...
If this was some form of say UPX, then you'd have a small benefit on storage space saved, but your memory "energy footprint" would be the same as the executable would still take the same space once uncompressed.
But... if the exec is compressed once as it leaves storage>RAM and then dynamically uncompressed/compressed as the CPU fetches it (and maybe changes it), you'd have a smaller memory "energy footprint" than the original, assuming code would compress enough that the lower memory energy usage outweighed the energy the compression/decompression unit used.
As for blaming compilers, well, there are many a part of code a compiler simply can't take a guess at rewriting/optimizing. For example code that might never execute but that the compiler can't ignore because it might execute sometimes. A unit such as this actually works in that case because it doesn't need to make assumptions, it just packs/unpacks as needed.
- Crawling from the Wreckage Want a more fuel efficient car? Then redesign it – here's how
- Review Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
- Human spaceships dodge ALIEN BODY skimming Mars
- Downrange Are you a gun owner? Let us in OR ELSE, say Blighty's top cops
- Origins of SEXUAL INTERCOURSE fished out of SCOTTISH LAKE