* Posts by bombastic bob

5552 posts • joined 1 May 2015

Ubuntu wants to slurp PCs' vital statistics – even location – with new desktop installs

bombastic bob Silver badge
Meh

Re: Being serious about this...

"they should have known from the Amazon debacle"

I think they do. They're being transparent with respect to what info they collect, when they do it, and what they use it for, and that it's 'anonymized'. Assuming they're being honest, I wouldn't mind _that_.

bombastic bob Silver badge
Devil

"I'm guessing the thumb down was from someone that didn't spot the joke"

what, you're concerned about downvotes? I get those ALL the time. It's just my fan club. And the howler monkeys.

bombastic bob Silver badge
Devil

Re: How it should have been handled

"betrayed the spirit of the FSF"

Seriously, what "spirit of the FSF" are you referring to? If it's a bunch of hippy anti-capitalist dope-smoking FM types deciding that corporations are evil, software ownership is evil, earning money with open source is evil, etc. and "that" is their "spirit" then I'd have to completely disagree with you.

The FSF is about enforcing GPL as far as I can tell, as well as promoting open source in general, and if someone produces a Linux OS where you can download the source for everything you installed, it's fine as far as they're concerned. Not sure what "spirit" would be betrayed here. [I asked Cthulhu but he just mumbled something about going on a date with the spaghetti monster]

I actually asked the FSF for legal advice a while back, regarding an open source bootloader, with respect to bootloader flashing and device-bricking by end-users, a warranty, and things like that. They were helpful.

bombastic bob Silver badge
Meh

"Would that be the same Mint that pings Ubuntus servers with your current IP address daily to ask for security update"

you can turn that off, you know.

bombastic bob Silver badge
Meh

Re: User needs

"How about a small amount of privacy and not needing to slurp everything I do or see?"

It _sounds_ like they're NOT doing that. But keep a skeptical/watchful eye on it, yeah.

Oh sh-itcoin! Crypto-dosh swap-shop Coinbase empties punters' bank accounts

bombastic bob Silver badge
Devil

Re: Cryptocurrency

it might be better to point out that for every 'get rich quick' scheme there's one person at the top who takes money from everyone underneath, then walks away with it leaving "that kind of a mess" behind.

I suspect that the crypto-currency investment was sold as a 'get rich quick' scheme, which it might be for someone who's extremely lucky enough to get in at the right time, then get OUT at the right time.

But for the rest, it's like a zero-sum game. For every winner there's a loser. Or maybe more than one loser. That's not really 'investment'. That's more like a ponzi scheme.

https://en.wikipedia.org/wiki/Ponzi_scheme

In this case, a handful of investors carefully manipulate the value until it starts going up, and then sell the idea of investing to a whole pile of people, and it continues to increase in value, until it hits a peak. Then the original investors sell a bunch of their investment, and the price drops. Then it drops more as more people do the "oh crap panic" and sell off THEIR investments, leaving a whole lot of people who bought in late with a big bag of nothing.

This is not new. Old George Soros has been making ZILLIONS this way for DECADES. [at least, that's how _I_ see it]

bombastic bob Silver badge
Devil

Re: Cryptocurrency

"finding the right balance to maximize freedom while protecting society from miscreants"

that pretty much sums it up.

https://en.wikipedia.org/wiki/Libertarian_conservatism

Crypto-gurus: Which idiots told the FBI that Feds-only backdoors in encryption are possible?

bombastic bob Silver badge
Devil

Re: Wyden seems like a pretty straight guy.

"All that said, I don't think the fight against backdoored encryption will be successful for very much longer."

That war has already been lost.

a) PGP

b) IDEA

c) OpenSSL

etc.

The genii is out of the bottle, Pandora's box is open and you're NOT going to stuff ANY of this back in. Anybody who's decent at math could invent a new encryption method, some stronger and some weaker than others, and the concept of a block cipher or stream cipher is pretty well known. [I even invented one myself, and published in prose how to make it work, as a protest against U.S. encryption export laws back in the 90's, until the laws were changed, but I never took the page down - it's still there].

Even bitcoin is a form of encryption with the block chain. Imagine invalidating all crypto-currencies because they now require a back-doorable block chain. Is _THAT_ part of "their" agenda?

And like it is with guns: make them illegal, and ONLY criminals will have them. So it would also be with non-back-doored encryption. Make it illegal, and ONLY criminals will use it!

Also, ask S. Korea how well it worked to require a specific type of encryption for ALL online banking transactions (aka SEED)...

https://www.theregister.co.uk/2015/04/02/south_korea_to_deport_microsoft_activex/

bombastic bob Silver badge
Devil

"a Politician seems to be listening to actual experts"

On the surface, this is how things appear. Since the politician is a Democrat, I have to wonder what that agenda is. If it's civil liberties, I'll give him a slow clap for being right. If it's some further agenda down the road, I'll keep my eyes wide open...

"He's most likely playing his own games here"

ack

bombastic bob Silver badge
Mushroom

Re: And so it goes....

This will keep going until one of several things happens indefinitely

(fixed it for ya)

politicians see an opportunity with every disaster, like 'let no disaster go unexploited"

article: "those in favor of backdoors are just treading water until something happens that causes a shift in public opinion"

pretty much what I said, I think. You see it with GUN CONTROL all of the time. Let some wack-job criminal psychopath go off and shoot up a high school, and the GUN CONTROL arguments start within 15 minutes.

Similarly, you'll see the SAME THING with back doors on ALL encryption.

What's next, EVERY LOCK must have a MASTER KEY that ONLY the gummint can use? Ha ha ha ha, that's so funny [but it's the SAME DAMN THING that "they" want for encryption].

And it's not about the money, so much as the POWER and CONTROL. When "they" have the power, and "they" have the control, the money just shows up. Yeah, right about now, ALL of this is SO! BLATANTLY! OBVIOUS! to *ANYONE* watching current events...

what THEY want:

a) permanent power/influence to control OUR lives

b) take money from one group so they can favor another

c) buy influence with money given to them by lobyists and friends

d) engage in nepotism and favoritism of various kinds

e) "It's good to be the king"

f) scare people into giving them even MORE power, whenever possible.

In the Star Wars saga, Jar Jar Binks was manipulated into recommending that temporary powers be given to the chancellor to win the Clone War. With this extra power, he later became EMPEROR [and ultimately revealed his TRUE agenda by dissolving the senate, becoming an evil dictator].

Thsi is SO much like real life, isn't it? THIS is what those elitist politicians want, for themselves and their friends. Yeah, "drain the swamp".

Waddawewant? Free video codecs! When do we... oh, look, the last MPEG-2 patent expired!

bombastic bob Silver badge
Meh

Re: Still widely used

" anyone wanting to create them on Linux is happier there are no patent restrictions now. "

I just use the open source encoders/decoders anyway. On occasion I've de-CSS'd a DVD so that I could write it to a different DVD [let's say it has region 2 encoding it and I only have region 1 players]. The fact that guilt doesn't motivate people into "following the regulation" suggests that some of these regulations are just plain ridiculous.

not saying that they're wrong for getting royalties for DVD players with hardware decoders. It's just that applying that SAME patent standard to SOFTWARE that's runnable on non-dedicated hardware is pretty stupid. The main reason: it's unenforcable! [and I doubt it hurt their bottom line, either]

Zuckerborg, Microsoft, Amazon letting the side down for green energy among hyperscalers

bombastic bob Silver badge
Devil

"When farcebook stops working at night when it isn't windy I will believe they run on renewable energy."

exactly. you need dead dinos, carbonized prehistoric plants, hydro plants [ok, "renewable" but very limited as to where you can put them], and nuclear power stations to make electricity at night and when there's no wind.

last I checked, non-windy summer days and hot summer nights are PRIME load conditions for air conditioning usage, especially in places that are too humid for swamp coolers.

"Real Cost" per KWH of "renewable" energy STILL exceeds fossil fuel generated energy, unless taxes and subsidies artificially invert that [or in some cases, location makes that choice for you].

This is especially true because of things like FRACKING, the presence of which has greatly reduced the price of oil, worldwide. From this we ALL benefit. But when you increase the overall cost of energy, consumer prices increase to compensate.

Are you all SURE you want to raise prices on your customers because of the 'politics of green'? Or are you going to lower wages to compensate, instead? SOMETHING will have to 'give' and 'politics of green' mean it's NOT the energy market.

There are limits to where you can construct wind power and solar power (and of course hydro power), and the costs of power transmission from these places must be factored in to any analysis. On the other hand, a small natural gas plant (gas turbine) can be built within a building in the middle of a city, and won't have the losses that you get transferring power over long distances.

In many places, natural gas is SO cheap that it easily beats 'renewables'. And you don't need so much new infrastructure to make it work. And it works at night. And it works on hot non-windy days. And it works during times of drought. And the cost of construction of new (or expanded) power sources is comparatively small.

There's no harm in having all of those 'renewable' sources. Just don't prop 'em up with taxes on TRADITIONAL (fossil fuel) sources. Let them compete on their OWN merit.

bombastic bob Silver badge
FAIL

Re: Since 'green' is a political concept...

"how can I ensure that my data centres DON'T use any 'green' energy"

Caterpillar diesel, running natural gas, set up as a co-generation system [so you get heating and air conditioning out of it, too]. That tech dates back to the 80's.

From the article: "renewable energy costs less, receives tax subsidies and customers like the idea, according to a report by analysts at IHS Markit."

The only reason it WOULD cost less is if fossil fuels are TAXED, and those taxes SUBSIDIZE the "renewables". So it's artificial, caused by GUMMINTS (aka politics) picking the 'winners' and 'losers'.

Only FAIL can come from THAT. Hence, icon.

Microsoft's Windows 10 Workstation adds killer feature: No Candy Crush

bombastic bob Silver badge
Meh

Re: A thought.

"But, googling around it looks like it is definitely physical processors than cores that are limited."

that's not as bad, then. still not good.

bombastic bob Silver badge
WTF?

Re: A thought.

"with up to four CPUs – somewhat short of the thousands supported by Linux "

Not my area, but I'm guessing that only a few businesses running open source use 1,000-CPU desktops.

there are some 8-core AMD processors out there, last I looked. we'd get MORE of that at lower prices if Micro-shaft would stop it with the CPU core limits in the OS. Those limits are from the 90's - NT4 had a 4 core limit (server OS also) in the base OS. Then I think you had to pay a license for additional cores. not sure how that worked internally, though.

bombastic bob Silver badge
Linux

"Is this Satya Nadella I'm talking to?"

no, just us, the choir. *crickets* from Micro-shaft and Mr. Nadella

Back in 2015, Micro-shaft swallowed their own koolaid and is now Win-10-nic bound in thought and deed, full speed ahead over the cliff like good little lemmings. You will NEVER convince them otherwise.

The only thing that will fix it is a serious loss in the revenue stream, and a board of directors that's LIVID about it.

And for this, customers need to have a PROPER CHOICE.

hint: see icon

Hate to ruin your day, but... Boffins cook up fresh Meltdown, Spectre CPU design flaw exploits

bombastic bob Silver badge
Thumb Down

Re: Just kill ALL code in a browser.

No, I think the lesson is "don't try to get clever for the sake of performance".

there is NO virtue in mediocrity. BOOOOoooo...!

<sarcasm>

yes, the clever ones - chain them up, drug them into complacency and mediocrity with Ritalin, and start when they're really small, because kids that are smarter than their teachers will turn into brilliant spark engineers, and we can't have THAT, now can we? No, we must have GROUP think and MEDIOCRITY, where NOBODY is better than anyone else, and "the masses" are carefully managed by "the elite" for their own good...

</sarcasm>

bombastic bob Silver badge
Unhappy

Re: Not so great for anyone usign Intel CPUs or those who violate security command structure

"The spectre thread was linked with the meltdown just to muddy the waters, that is."

Like cyclamates and saccharine (in the USA anyway)... as in, how the sugar lobby made quality artificial sweeteners illegal, and only "let" us have the mediocre ones. [more on cyclamates wikipedia page]

basically, use bad press, "you too", and FUD to keep your competitor from being able to leverage the situation.

bombastic bob Silver badge
Devil

Re: Not so great for anyone usign Intel CPUs or those who violate security command structure

"by punishing all who use Windoze OSs"

nice paranoia-rant. and the punishment for 'Windoze' OSs is more self-inflicted these days.

I think it's simpler: Intel engineers didn't consider the possibility of side-channel attacks in their design. Oops.

Bloke sues Microsoft: Give me $600m – or my copy of Windows 7 back

bombastic bob Silver badge
WTF?

how long ago was this?

last I recall, M-shaft said they weren't enabling GWX a year after Win-10-nic released, and that's been at least another year or so that (allegedly) this "upgrade" wouldn't happen.

So W.T.F. ?

As much as I wanna see Micro-shaft eat some crow over GWX and Win-10-nic, this ain't it.

Roses are red, Facebook is blue. Think private means private? More fool you

bombastic bob Silver badge
Unhappy

"Do people really think that anything they post to social media is private"

"social media" is to "think" as {no possible comparison}

It's not private. It effectively belongs to the entity that owns the hard drive it's stored on. So if FB gets a subpoena shoved at it, guess what they'll do? At least Micro-shaft made an effort at looking like they'd protect user privacy. Apple went a step further. FB just bends over and caves, no apparent opposition.

https://www.facebook.com/safety/groups/law/guidelines/

(found it)

basically if it's a warrant or subpoena, if they have no legit reason to object, they'll do it. AFAIK

bombastic bob Silver badge
Coat

Re: possible words

I was thinking 'Feel'

(/me escapes, with coat)

From tomorrow, Google Chrome will block crud ads. Here's how it'll work

bombastic bob Silver badge
Thumb Up

Re: Static ads good, javascript baaaad

(topic)

my sentiments exactly.

Ads can be displayed via an ad server with some kind of non-persistent method of determining what ad you're viewing and where to send you when you click on it. No scripting, no persistent cookies nor offline data.

bombastic bob Silver badge
Devil

"Google don't have a global browser monopoly"

No, they have a browser. And they're going to block ads from competitors, it would seem.

Skipping the possibly pedantic explanation using a grocery store analogy.

Anyway, I expect courts to be deciding this at any time in the very near future.

bombastic bob Silver badge
Megaphone

Re: Well behaved ads on the Reg

Please, ONLY 'well behaved' ads on the Reg. set an example, prove it works.

(see my earlier post)

bombastic bob Silver badge
Devil

Re: Not half-way good enough.

I run noscript, even for El Reg. I do it for security reasons. Even for El Reg. Reason: things _like_ Meltdown, Spectre, for one. And HOW many articles have been written about rogue ad script being injected by some unknown party into the ad-space of a well known (and well respected) web site? How can you stop it EXCEPT to block the script? Exactly! You block the script.

El Reg: if you want me to see ads, just don't include script with them. I don't mind, really. I might even click on them.

'Flashy' ads - would that be ads that have NON-STATIC content in them? They're irritating. That includes streaming ad content, moving GIF files, or any other video, WITH OR WITHOUT sound. Just say NO. And that's on a desktop OR mobile. It's "evil everywhere"

Here's a thought (for El Reg): Just test the effectiveness of static ads, placed at non-irritating places on the screen, that don't have script on the client side, don't do cookie or invisible graphic style tracking, and simply click through a server that sends you to the appropriate place and logs that you clicked on it. it can capture your IP address, the date/time, a session ID [if you're logged in], or even who's logged in, as well as a browser identification string (like USER-AGENT). that should be good enough for metrics.

Anyway, looking forward to seeing those UN-SCRIPTED ads when I read El Reg.

Roses are red, Kaspersky is blue: 'That ban's unconstitutional!' Boo hoo hoo

bombastic bob Silver badge
Devil

Re: No just Kaspersky

"I might believe the FBI, CIA and NSA a bit more if they hadn't spent quite so much time and effort doing precisely what they're accusing the Chinese government of doing"

keep in mind, there's a whole lot of "shake-up" going on at the top of those 3 organizations right now.

Also worth pointing out: The former head of the CIA (under Obaka) voted COMMUNIST back in the 70's...

https://en.wikipedia.org/wiki/John_O._Brennan

(OK he says it was a protest vote - but it's funny to mention it anyway)

Once these organizations get some forced re-organization, maybe some of the hypcritical nonsense will stop? That might include not using Windows, either. BSD is home-grown and open source, use that!

Otherwise, it's been my observation that unscrupulous people tend to LOUDLY accuse others of doing the SAME things THEY do, and that goes MEGA-TUPLE for POLITICS.

bombastic bob Silver badge
Trollface

"just got annoyed at the umpteenth roses are red thing"

/me points out the article date - 2/14

repetition - sometimes its funnier that way

bombastic bob Silver badge
Devil

Re: Good Luck

"The government will trot out the usual "National Security" line"

counting on it.

consider this: a foreign company sues your government over NOT buying its product

that pretty much sums it up.

Roses are red, revenge is so sweet. Microsoft extracts a few quid from Corel Office Suite

bombastic bob Silver badge
Facepalm

Re: Still unclear on the Ribbon hatred

Why I hate the ribbon:

a) it tries to substitute itself for a menu, and re-arranges the functionality in an unfamiliar way.

b) I like the old way better [and it seemed to have more options]

c) some programs seem to have no alternative to it (see MS Paint)

d) I don't need that much screen real estate devoted to fat-finger buttons when I have a mouse

e) the entire idea that the UI needed re-inventing so that MS could patent it

f) the entire idea that people PREFER this when they clearly do NOT

g) it was invented by the SAME PERSON that (essentially) invented 'the Metro' look

h) hiding it doesn't really MAKE IT GO AWAY (like a hamburger button)

bombastic bob Silver badge
Trollface

shhh... don't point out the hypocrisy

"Didn't Excel have a 'Lotus 1-2-3' mode?"

Didn't Micro-shaft rip off Apple's Mac UI with overlapping windows, which was a ripoff of Xerox? And didn't Apple and Micro-shaft SUE ONE ANOTHER [which ran on for several years] over this VERY SAME THING?

(from the article) Suing over how they draw the slider - that's kinda disturbing, though

Roses are red, Windows error screens are blue. It's 2018, and an email can still pwn you

bombastic bob Silver badge
WTF?

Re: How many errors are C++ related?

"I suspect that most of these error are C++ related"

What? The? FORNICATE???

(are you advocating C-POUND as a solution? I hope not!)

FYI - a properly written C++ program with well-designed objects will manage itself very well. If it was designed by an idiot [and I've been tasked to clean THAT kind of stuff up, before] then you might consider re-writing it. But NEVER with C-POUND. That would be WORSE...

I would re-phrase that as "lack of programmer discipline/competence". Bad code is bad code, in ANY coding lingo.

bombastic bob Silver badge
Devil

Re: Preview pane?

"why would you want to automatically open an email before checking it"

an intelligently designed mail reader will allow you to 'preview' a mail rather than open it, and you'll see all of the TEXT content without activating any HTML-related things, embedded content, external content, nor any kind of SCRIPT.

An unintelligently designed (in need of some real world natural selection) mail reader will display (in the preview) all attached and "rich" content, via the program assigned to EDIT it if it's external to the mail program. You know, like Outlook. This would include things known to have had major problems and vulnerabilities in the past, like MS Office documents, PDF files, Flash, and even certain kinds of images and media (other than flash).

In Thunderbird, use 'View' 'Message body as' 'plain text' to BLOCK that crap. It's not the default setting. But it SHOULD be.

other mail readers, YMMV but preview as plain text ONLY to avoid problems. And no inline images in the preview. And no downloaded content in the preview.

/me points out that a faked-up URL in a phishing e-mail will show up as the ACTUAL link (not what they WANT you to think it is) in a plain-text e-mail. So instead of seeing "yourbank.com" and being fooled into clicking on it, it's "malware.phishing.site/alphabetsoup/whatever/clone-of-your-bank" and rather obviously malicious.

bombastic bob Silver badge
Devil

Re: FOutlook is still a thing

"many people are stuck with Outlook. It's the required MUA at many corporations that bought into Exchange and aren't inclined to move on"

a good opportunity for a consulting gig: prove to them why it's costing MORE than hiring you to fix it.

I can think up a few things that might work, things that include Linux, T-bird e-mail clients, T-bird's calendar, and everything else done with an in-house web server using a simple interface. "Wow, you can share docs using links to files?" etc. (as in right-click the link to the file and get something you can paste into an e-mail)

bombastic bob Silver badge
Devil

Re: "...a total of 50 CVE-listed vulnerabilities..."

"Many of the needles have been in the haystack for years and are still like new, so they are probably made from Austenitic steel (non magnetic)."

unless you're near the ocean... Austenitic stainless steel has a high susceptibility to certain kinds of chloride pitting corrosion...

But Outlook and Edge having vulnerabilities... (in the voice of Iago the parrot, as done by Gilbert Godfried)

"THAT's a big SURPRIIIIIISE!!!"

Who wants dynamic dancing animations and code in their emails? Everyone! says Google

bombastic bob Silver badge
Coat

Re: The only AMP I have have allowed into my house recently

"not big in size, but a huge sound"

especially when turned up to 11. it's 1 more than 10!

(I've only got Peavey amps and ones I've built...)

bombastic bob Silver badge
Devil

Re: I hate AMP

"Having pages actually laid out nicely for mobile consumption is nice, but it didn't need AMP to happen."

true, some careful effort on the part of the one(s) doing the web design can make this happen. been there, did that for customer web page.

bombastic bob Silver badge
Devil

Re: Nice to be part of a community

simple/no-HTML newsreader should be a requirement.

I regularly ridicule people who insist on posting HTML content to USENET. One time I carefully constructed a USENET post [took some actual time] that had radically different content for the plain-text and HTML versions, basically ridiculing the asshat that thought HTML posts to USENET were so awesome. [this person also loves Win-10-nic, so there you go].

bombastic bob Silver badge
WTF?

Re: html was already bad enough

"I usually do not top-quote"

you meant top-POST, right? top-quoting is what I just did. top-POSTing (putting your reply BEFORE the quote) deserves scorn and ridicule.

bombastic bob Silver badge
Devil

Re: So THAT explains it!

as long as I can "sign in" with a 10minutemail.com e-mail address, it mitigates some of the problem (but not all) of a typical "sign up to view content" identity-slurping site.

[it's not like they don't already know my IP address, USER-AGENT string, and what time of day I'm hitting their web site at]

bombastic bob Silver badge
Facepalm

Re: feature request

"Outlook used to have that feature" [followed by the description of a horrible/lame exploit]

Yeah, MS Outlook aka "Virus Outbreak".

Is it any better decades later from their first release in Office '95? Probably not...

bombastic bob Silver badge
Thumb Up

Re: feature request

you deserve more upvotes, but the counter currently reads '42'

bombastic bob Silver badge
Devil

Re: how to turn that shit off @JetSetJim

"I find AMP to be such a usability nightmare that I switched to Bing"

have you tried duckduckgo.com ?

bombastic bob Silver badge
Unhappy

Re: Ends-Means

"the timer resolution making those exploits possible has been not so much reduced but rather obliterated in Palemoon specifically, and that the other browsers also did more or less the same thing already"

or so they say...

but the thing is, it doesn't eliminate the potential threat. It helps to mitigate what we currently know about the proof of concept algorithm. It is still possible, if you know enough about an OS or an application, to obtain information about it using a side-channel attack, if you repeat the operation sufficiently enough. I have personally used low resolution timers to check performance. if you test 10,000 operations with a timer that has 10msec or even 100msec accuracy, you can still determine how much time was spent doing those operations with reasonable accuracy. you won't be able to time a single operation, but you can time 10,000 of them. And THAT means an exploit will simply have to run LONGER to get a meaningful result, and target what it looks at a bit more carefully.

bombastic bob Silver badge
Black Helicopters

Re: Yet ANOTHER reason!

" I'm pretty sure the OP meant one that doesn't make any kind of outbound HTTP call when viewing the message."

that's one, but there are many things that style sheets can do that pose a potential problem. there's also HTML5 content (yes I really wanted to see that streaming video when I opened an e-mail) and things like that. But style sheets can have script-like behavior, too. They can get really large, and really complicated. And, of course, loading the style sheet across 'teh intarwebs' identifies YOU as the mail recipient, even if all it does is check to see that you have the latest version with a 'HEAD' request.

a style sheet can, for example, passively determine what your screen resolution is. Content that uses a particular style can then (theoretically) use this information to "phone home" that info on you. I forget the exact details on how it works, it has something to do with being able to manage auto-sizing column widths as one possible usage. I've actually worked on customer web pages that do this. Don't ask me HOW it works, it was confusing enough fixing the existing page so it would look right on a phone in portrait mode, or on a desktop or a 'slab' in landscape mode, with their varying aspect ratios and screen sizes [yes it works perfectly now!]. And I didn't have to change the style sheet - I embedded 'style' info into the HTML.

So using this information, indirectly determined from the style sheet setup, EVEN WITH SCRIPT TURNED OFF, it should be possible to 'nuke out' what some of the hardware is that you have on your computer. That doesn't even include font embedding or other potential danger items. There have been vulnerabilities with web fonts in the past, after all.

it's like a potential side-channel attack. You know, like Meltdown and Spectre.

seriously isn't the USER-AGENT bad enough in external HTML requests? Only now, it's e-mail spam doing this (in particular, spammed malware). And THOSE are the people who will leverage it.

icon, because, paranoia (again)

bombastic bob Silver badge
Devil

Re: Yet ANOTHER reason!

"I jusat upvoted an @BB post"

Just think of me as a broken clock, being right twice a day.

bombastic bob Silver badge
Alert

Re: Ends-Means

"AMP is such a blight"

And they announce the desire to release this crap, BEFORE any proper patches for Meltdown and Spectre, knowing FULL WELL that javascript proof of concept for these exploits already exists...

bombastic bob Silver badge
Black Helicopters

Yet ANOTHER reason!

Yet ANOTHER reason to *NEVER* *VIEW* *MAIL* *AS* *HTML*.

because, scripting and style sheets are next. you KNOW it's coming! And embedded ADS in your e-mail, courtesy "whatever free e-mail service" you send/receive with.

Don't doubt me. Consider the following:

a) we can just block the web ads and still view the content

b) an operating system with ADS in it?

c) subscription-based OFFICE programs?

d) An annual fee just to use an OS?

I can see the possibility of click-through ads to view your e-mail (particularly with HTML mail viewers). Or, WORSE, click-through ads to SEND mail!

icon because paranoia

NASA budget shock: Climate studies? GTFO. We're making the Moon great again, says Trump

bombastic bob Silver badge
FAIL

Re: We don't need no education

"The US is actually the 56th highest in the world behind, well basically everywhere."

that site lists spending per %GDP, and not actual dollar figures. Apples and oranges comparison, sorry. Lies, Damn Lies, and statistics.

bombastic bob Silver badge
Boffin

Re: We don't need no education

"With access to statistics and the ability to both read and do math, you would understand why what you say here is utter tripe"

you mean, like this?

https://rossieronline.usc.edu/blog/u-s-education-versus-the-world-infographic/

Although literacy rate [being carefully trained to read socialist propaganda and poetry by Maya Angeloo, heh] is good, math and science [the things that REALLY matter] are pretty poor. Per dollar, especially.

Note I compared the money being spent to actual performance. The USA spends more money per student than any other country. Yet math+science performance are pretty BAD by comparison. I also have my doubts about the "literacy rate" comparison, not knowing how that's being scored. If you score one way, reading comprehension and composition, it would give different results than "being able to read at all" which is still a problem in a lot of places in the world.

Biting the hand that feeds IT © 1998–2019