Comment Re:I am shocked, SHOCKED I tell you! (Score 1) 85
They have been doing it for years: http://lifehacker.com/5849589/...
They have been doing it for years: http://lifehacker.com/5849589/...
Not sure about behavior, but as a 501c3, Mozilla is not allowed to donate to candidates and has limits on lobbying. But I do not know what exactly the limits are.
https://en.wikisource.org/wiki...
Something in there...
The lobbying ceiling amount for any organization for any taxable year is 150 percent of the lobbying nontaxable amount for such organization for such taxable year, determined under section 4911.
Hopefully someone has a greater interest in deciphering that.^ It does not seem related to anything decided in Citizens v United as far as I can tell.
That's kinda the idea behind Aereo (except they do live TV)
I wonder, though. When you buy a new Android phone and sign in to Play, it downloads (or at least offers to) all the apps you had on your old phone. Does the same thing happen there
No, this particular exploit requires the malicious app be on a phone prior to an OS update. Additionally these apps would never* make it on the Play store as they have detectable characteristics (such as trying to use the same "Shared UID" of another app). In order to upload an app with the same Shared UID, you would need the same keystore to sign your app. Basically the way this bug works is exploiting the reverse of how the package manager grants precedence. The package manager give precedence to what is on the device first. So anything "updated" from the Play store, even if they spoofed the Shared UID and signature, would fail to install. The bug is that an app can "steal" the ability to control the permission completely, AND install itself or block the install of the legit version of an app.
So TL;DR: This definitely is a rather nasty privilege escalation bug in the package manager (if the paper is correct and I am reading it correctly), but one would likely need to side-load (or use a different app store) the malicious app prior to an OS update to get caught by it.
Agreed about permissions in general though. Personally I try not to give out contacts to any app unless they happen to be a type of "contact manager/replacement". Most apps can request a user use the default "contact picker" to add a contact, or share, or the like. No permission is required for this. The only reason apps request this is to prefill those "share with a friend" fields and to spam. This is similar to READ_PHONE_STATE, there are few legit reasons for an app to need this anymore. Apps can launch the dialer and prefill the number sans the permission, just not complete the call. They also have other ways to generate a UUID for the device without the IMEI, or the other info provided by READ_PHONE_STATE.
The USB storage permissions are antiquated, but not as sensitive. Apps do have private storage but this used to be quite limited in the earlier days of Android. The Nexus S was one of the first to come with a single, large internal storage (although even that was still partitioned). Prior to that you had a limited protected storage and an SD card. Nowadays they are adding better "Read" file permissions.
Finally, I think much of this stuff could be requested at time-of-use, rather than install. But they have to balance the "Are you sure you want to allow X?" disaster that was Windows UAC vs. sensible permissions. It is not as easy as it looks.
* (Well maybe not never, but very close to never...)
This was actually an episode on Star Trek DS9. O'Brien was punished by some alien culture and served a ~20 year sentence in a matter of ~hours (iirc). They claimed it was more humane and economical than prison. However I think the moral of the episode is that it really scarred him mentally (and he was innocent, again iirc).
Could there be a humane way to use something like this? Personally I highly doubt it, but I can't completely rule it out as just barely plausible (Kinda like Star Trek in general). I just can't imagine how this would be used without causing mental instability.
But what does it do? What is it encoding/decoding?
"Be sure to drink your Ovaltine"
And if they do a good job, they will push competition. This seems like a common theme with Apple. They come into a fractured mess of a product sector and make a good show of it. This is good news, car infotainment is terrible.
Plus maybe cars will be able to launch actual angry birds at each other to express road rage.
Not sure if trolling but that's not really what trivial means in this context.
adjective: trivial
1. of little value or importance.
synonyms: unimportant, banal, trite, commonplace, insignificant, inconsequential,
Think "the average airspeed of an unladen swallow". "The atomic weight of cobalt"
ISPs are not peers though, they are endpoints. The "equal data" argument only works between two backbone/transit providers. ISPs are requesting that data be sent to them. they don't get to request the data be sent to them and request that they also be paid to receive it.
Also what makes you think you only pay for upload? That makes no sense. Though I agree in that bandwidth caps are bad -- though mostly because they are generally misleading advertising.
We are each entitled to our own opinion, but no one is entitled to his own facts. -- Patrick Moynihan