Satellite internet's a'comin
Since Musk, Amazon, and others are planning on peppering global LEO with internet satellites, I don't care. I'm still free; you can't take the sky from me.
12 posts • joined 12 Feb 2018
> Bug bounty platforms also give clear criteria over the work product that they will pay for – which can be taken as directing work. And they pay people for their time and skills, as well as repeatedly refer to the “work” that the people that sign up to their platforms perform.
From my understanding as someone who has used HackerOne to receive bug reports on behalf of a company, it's the company whose products are being tested that sets the critera over what work will be paid for, and which decides and makes the payments (bounties) to hackers. AFAICT the platform merely facilitates the communications and transactions.
That said, HackerOne do offer paid managed accounts to companies, so it's possible this could affect their business relationship with those they contract directly to manage and triage those accounts, but they're not the ones doing the pen testing.
> Uhh, no. If you play with the GPL, why aren't you forced to make available the modifications that you distribute in a timely fashion? Seems that the SFC are a little too cozy with Tesla.
They're damned if they do, and damned if they don't.
Bring a lawsuit (even after years of negotiations) and you get criticized for scaring companies away. Take time trying to convince them to open up voluntarily, and you get criticized for letting them get away with it for so long.
> Maybe the only difference is that women put up with less shit.
This is somewhat borne out in studies of quitting rates (women are apparently 2x more likely to quit a job than men), but even this does not necessarily correlate to leaving STEM entirely.
The only stats quoted in the article compared STEM women to non-STEM women. I would be interested to see comparable stats for STEM non-women and non-STEM non-women before I'd make a claim that an issue is worse for any particular subgroup.
> “Why bother?” seems apt given the good range of secure messaging tools on offer these days.
If security were all Tor cared about, then the Tor browser project would have been shut down when HTTPS became mainstream.
No, the goal of the Tor project is to provide anonymity for the user. This is a much harder problem than just implementing end-to-end encryption on top of a centralised service. It requires not sharing, or leaking, any metadata to any party not directly involved a communication.
> Where do you get the idea that your work should be "protected" against copying by other people?
Perhaps because of the amount of creative thought necessary to craft an intuitive, consistent, thorough, and future-proof interface to a system or application?
> An API, as a collection of names and definitions, is really just an emergent property of a software program. Even if you don't sit down in advance and plan an API in detail, one will spring into existence all by itself anyway, as a direct consequence of the existence of the program.
That's the kind of thinking that gives us unplanned, undesigned, agglomerated nightmares like PHP, or anything from Microsoft.
If that's your attitude to API design, then I can see why you'd think they can't be copyrighted, and perhaps some APIs shouldn't be. But I certainly hope to never again have to develop against such a thoughtlessly assembled API.
> But if they've slurped data on INCOMING texts and calls and used that to build up data graphs on the phone numbers who made the calls and texts (who may well have not installed FB's app and therefore not given permission) then their goose is truly cooked according to some European countries' privacy laws.
I wonder if this kind of slurping doesn't also run afoul of California wiretapping law, which requires consent from all parties involved. IIRC, a 2015 ruling affirmed that collecting metadata without all-party consent can also count as a breach of wiretapping laws.
> Doctor Syntax: What do you suggest?
All that's required, at minimum, is for the code-hosting sites to create a project-overview page, which allows the user to see the current status of all forks of a codebase. Importance of forks (eg. which comes top of the list) should be determined either democratically (eg. stars) or algorithmically based on metrics such as commit quantity; frequency; recency, bug reports, pull activity, etc.
> AC: I disagree that, on the balance of things, they are doing a disservice.
I disagree that you disagree!
I do indeed believe that GitHub & co. have been a net positive to development and collaboration in the free/open-source software community. I was only meaning that this particular issue of developer primacy was sub-optimal, and possibly harmful to sustained development.
Biting the hand that feeds IT © 1998–2019