Congratulations! You now have this certificate that you have more sense than about 70% of programmers currently employed.
As always, the beer is for crying in.
1318 posts • joined 23 Jan 2015
I was completely with you until your called jujitsu the "thug's version" of judo. There are certainly thugs in both, but my first sensi in jujitsu bounce the one that showed up in a hurry. Yes, most forms of jujitsu are not sports. On the street, the rule that matters more than any other is that I survive. The next one is that I cause the minimum damage to the other person necessary to ensure my survival. That means that I am responsible to avoid even having a confrontation at all. Failing that, I am to avoid even embarrassing the guy. It also means that (in my form) unless I'm a third degree or higher black belt, I treat a knife attack like a mortal threat, and respond in kind.
If that makes me a "thug" in your book, then I don't want to get to know you.
Then you weren't paying attention.
I heard about them in the early 2000's. "Oh, some bored folks beating up skinheads at concerts--whatever." But, you know--"everyone hates the Illinois Nazis"--let's drive a car through a bunch of idiots!
November of 2016, Antifa showed up in force with significant brownshirt tactics.
They've been popping up whenever there was a riot to be had ever since.
You hear what you want. If those words came to your mind, that's on you. I downvoted the post, but not for the fact that he called out the sanctification of the name of an apparent career criminal. And he specifically stated that his history in no way justified his treatment.
First, they are not. Second, any KKK or neo-Nazis in Seattle are truly hard to come by. I live just north of Seattle. There have been fliers out offering money to people to cause trouble. So rent-a-mob is accurate. Also, their communications are not secured, so word tends to get out a few hours before the start. So when they tried to hit Snohomish, the locals showed up prepared and in force. A friend of mine said he hadn't seen so many guns since the Gulf War. Antifa freaked out and ran when they saw what was waiting for them. No violence. Nothing.
And yeah, that cop better get the death penalty.
My problem is not with DRM per se. My problem is that DRM slices and dices my rights until nothing at all is left. In particular, it is not possible to purchase books in the traditional sense. It has become impossible for me to use one of these systems (which I have NEVER done) without being tracked for everything I do. And oh, if Amazon (or whomever) decides, I lose any or all books I have paid to access permanently and without recourse.
Not to mention I cannot move the work to a different device without permission or a different format at all.
If I read trash novels, I might consider using DRM. But for a work that I actually want to study, no. Just entirely no.
You obviously don't know how to think like an attacker.
The bad guys are real. NO fortress is impenetrable. NO cypher is indefinitely secure. It is much, much safer to autoexpire a cert than to ensure that the secrets it protects have a short enough lifespan that it is actually useful.
The world being full of lazy idiots means that cert expiration screwups are going to be a thing. As another has said, the best solution is to make the periods short enough that updating become routine.
Except, the better idiot will figure out how to screw that up as well.
The fact that snap creates ~/snap by itself tells me that the developers are at best extremely arrogant. You do NOT get to claim subdirectories in MY homedir unless they start with a '.'. This has been true since.... Well, since I got onto a Unice in the early 90's, at least.
Now, I find out that this is being driven by Canonical? Again? I moved to Mint to get away from some of their garbage in the first place.
Hey, Mint, team! Switch your upstream to Devuan. Because every week, I'm thinking about switching directly there myself...
1) Spectre-class bugs CANNOT be mitigated in current hardware.
2) The entire point of caches is to speed process execution. Therefore any process with fine-grained access to the clock is going to be able to derive information about the addresses of data held in the cache. With Spectre-class attacks, one can derive information about the contents of the data.
The only way around this is to ensure that all code running inside the same cache has the same security context.
So, for Amazon, you are sharing your data with everyone else on the box. Dedicated boxes are required for anything handling PII.
Bug-free software exists, for the same reason that mathematical proofs exit. Of course, if you can produce mathematical proofs, they tend to "give" you a PhD. And in my experience, bug-free code is harder than most theorems. (I was accepted into the PhD program in mathematics, and work as a programmer.)
But they are not cheap. That's the real problem. No one wants to pay for bug-free software.
I had a (conservative) lawyer friend of my explain that a crime involves a criminal act and a criminal mind. So the state of mind of the defended at the time of the alleged crime really does matter.
Consider, for instance, that many statutes include phrases like "willing and knowingly..." In the case of murder, we distinguish premeditated from heat-of-the-moment from accidental killings
A corporation is a group of people united by contract and recognized by the State as a separate entity. This entity can engage in further contracts, and we want those contracts to be enforced by the courts. In American jurisprudence, that means that they are "persons" under the law, as only legal persons appear before the courts. (If a dog attacks you and you get hurt, you cannot sue the dog, only the owner.)
There has been some back and forth as to which rights of the individual can survive incorporation. We has a strange situation for several decades where some corporations (labor unions, political parties) could incorporate the right of advocating politically, but not others. (This statute was created by a miffed politician after he faced more money in a campaign than he had expected.)
The Citizen's United case affirmed that political advocacy was a generally incorporatable right.
It's really more complicated than that.
We need the police to hunt down murders & the like.
The police can only be effective in doing so if they have the faith and trust of the public.
The human brain being what it is, every public case of police corruption lowers the faith and trust of the public.
Therefore, during times of low trust, there is a strong motivation to only publicize the worst cases of corruption.
And what do we have? In the States, Antifa & BLM are large, explicitly anti-police organizations. (Antifa of course is anti-police among other things, while BLM is specifically targeting the police) Antifa is violent to the point of being considered a domestic terrorist group by some definitions. And while BLM might not be violent per se, their chants of "oink oink bang bang" are certainly advocating violence.
Which means that these movements are expected to increase the covering up of police abuses.
You're missing the point of the attack. The resolver at badguy.com is "misconfigured" on purpose--that is the attack.
The issue is that a recursive resolve typically resolves all of the name servers listed in a response in preparation for load balancing. The fix is to only resolve one per query.
I'm sorry, but no.
Certainly, it is easier (today) to grab of 2^48 or so addresses and not worry about proper address management. But sloppiness is what has gotten us into this mess.
Subdomain mismanagement is a major problem with Microsoft. Now we see that they are "industry leaders" instead of outliers.
If you properly manage things like DNS records, it's going to take a significant amount of effort.
If you don't properly manage things like DNS records, you are going to have a bad time.
IPv6 might (might) allow you to get by with pretending that you can orphan IP addresses for a while. But the pain you will be in when it all falls apart (and it will), will be orders of magnitude more severe than when you are stuck with 32 bits for the entire world to play with.
I had my walk/bike everywhere days. Even at the age of 19, they generally sucked. There is a real limit on how much you can carry on a bike. I learned hands-free biking just to be able to carry more.
And...I was 19. Not everyone lives your urban paradise. Necessary stores are often miles away, with serious hills between. People age.
If you can walk/bike it, by all means do. But don't demand that everyone does.
Heck, I don't use a rideshare every quarter. That doesn't mean I condemn those who do.
Software can only do what it is programmed to do. Before Captain Skully, would YOU have programmed your system to recognize a river as a viable emergency landing point?
You give a man the rest of his life to figure out a solution to a problem where he is an expert in the field, and you will be amazed at what he comes up with.
How do you program that?
In another thread, there was some b******* & moaning about worrying about "rouge users" inside an organization.
It's not the user, it's the user's device that matters.
Certainly, a user might try to do naughty things. But absolutely, if the user's device is compromised, naughty things have already occurred.
So, unless you can scan every website for every bit (heh) of malware that ever has or ever will exist, if you allow some access to the internet, than you must consider that machine, and every access coming off of it, compromised.
Biting the hand that feeds IT © 1998–2020