I will never ever use a debit or credit card again, thanks to what I have found out today.
Smart move. Nevermind this attack will never hurt you when you are using your card, but only when you loose it. If you know where your card is and report it to your bank as soon as it's stolen your fine.
How about all the other things that can be found in one's browser history, such as Google searches, or, say, one's own name on some websites, such as Facebook when viewing one's own profile?
I think you don't get it. The same-origin principle, enforced by all contemporary browsers, prevents sites from just querying the history. Thus, an arbitrary site is by no means able to just view the user's Google searches or Facebook profile from the browser's history, contrary to what you seem to suggest.
The problem is that it's very, very hard to truly enforce 100% of the same-origin principle. Some limited information might leak due to side channels. For example, an attacker can try to find out if the victim visited site X by attempting to retrieve X, timing how long it takes, and concluding whether or not X was retrieved from the browser's cache based on the response time; see, e.g., "timing attacks on web privacy" (which was BTW published 10 years ago). There are lots of other tricks unrelated to timing that an attacker can employ.
As far as I understand, the contribution of TFA is noticing that group membership information is nearly unique, per user, and (based on the aforesaid methods) suggesting practical ways to trick the browser into revealing this information.
Is this worthless?
and observe how, unfortunately, XP consistently outperforms Linux
I went through the first 10 entries which support both OS's and found 8 were exactly the same and two were longer under Windows XP. Is that what you call "Consistently outperforming"?
I take you know what they say about half truths. But just in case you're interested in the whole truth, then here it is:
Out of the 28 machines that are listed in http://event.asus.com/eeepc/comparison/eeepc_comparison.htm, there are exactly 22 that have both a Linux and XP configuration; the remaining 6 machines are either exclusively Linux, or exclusively XP, which means their battery life under the two OSes can't be compared.
From within the 22 machines that can be compared, 11 (=50%) have longer battery life under XP, and 11 have exactly the same battery life under both OSes.
So yes. This is what I call consistently outperforming.
In the short run, the Google Book Search settlement will unquestionably bring about greater access to books collected by major research libraries over the years. But it is very worrisome that this agreement, which was negotiated in secret by Google and a few lawyers working for the Authors Guild and AAP (who will, by the way, get up to $45.5 million in fees for their work on the settlement--more than all of the authors combined!), will create two complementary monopolies with exclusive rights over a research corpus of this magnitude. Monopolies are prone to engage in many abuses.
The Book Search agreement is not really a settlement of a dispute over whether scanning books to index them is fair use. It is a major restructuring of the book industry's future without meaningful government oversight. The market for digitized orphan books could be competitive, but will not be if this settlement is approved as is.
It's disallowed by MS specifically for Office-like applications. (nothing else) I have always assumed that clause was added to gain a usability edge over OpenOffice. So this could be interesting. *grabs popcorn*
Here's what Wikipedia has to say about this "patent":
Mike Gunderloy, a former Microsoft developer left the company partially over his disagreement with the company's "sweeping land grab" including its attempt to patent the Ribbon interface. He refused to "contribut[e] to the eventual death of programming."[10] He states: "Microsoft itself represents a grave threat to the future of software development through its increasing inclination to stifle competition through legal shenanigans."[11] KDE developer Jarosaw Staniek[12] has expressed beliefs that the patent cannot be acquired due to the ambiguity of prior art.[12] As no patent has been acquired yet[update], they assert that anyone who has not signed the license can legally implement the concept in their applications without having to conform to Microsoft's requirements.[13] Microsoft will grant free licensing for all to implement the ribbon interface except for products competing directly with Microsoft Office programs.[14] If the design guidelines contain legal loopholes that give Microsoft a basis for future lawsuits against products exploiting this concept, those disenfranchised would not be able to inform others due to the non-disclosure agreement.[8]
KDE developer Jarosaw Staniek notes that the ribbon concept has historically appeared extensively as "tabbed toolbars" in applications such as Macromedia HomeSite, Dreamweaver and Borland Delphi.[12]
CyberTwin virtual staff offer the quality of live human support, at a fraction of the cost."
After conversing with some clones, Chess concludes that while all of the above
"sounds pretty revolutionary, there's one problem, sadly, and that is that they are lying. And I don't mean "exaggerating a bit in the way that press releases and website often do", I mean "giving false information intentionally; conveying a false image or impression", to paraphrase Wiktionary."
serious Cubs fans know the first night game at Wrigley Field was played on 8/8/88 — which just happens to be four sideways infinity symbols.
I imagine you can make any day "special" like this if you try hard enough."
Work without a vision is slavery, Vision without work is a pipe dream, But vision with work is the hope of the world.
