95% of them will never be patched........thanks for all the fragmentation.....

EXCEPT 5.0 Lollipop, because Lollipop uses a different media framework. Which I'm sure has its own issues, but thankfully, even a year after release, its marketshare is tiny enough that it doesn't matter.

Even worse, it's a bug inside the OS itself, so it's not like Google can actually fix the problem like they have using Google Services Framework.

It can only be fixed by a rooted device or a software update to replace the broken library.

It's kind of amusing to read a complaint about poor use of English that contains a typo.

There must be some law that any correspondence (comment, letter, post, whatever) about some issue about the use of English, be it spelling, or grammar, will contain that very issue in it. So if someone is complaining about a typo, inevitably, there will be a typo in it. Ditto grammar.

I don't know why that defaults to enabled. I'm watching some video, maybe just listening to it from another tab, and the assumption is that I want to auto-play some randomly-similar video after that. No I don't, why assume I do? Being logged in keeps that thing off like it should be.

Because ads. Once the tab you're listening to is over, it's going to autoplay the next tab, playing and ad.

The goal is to open a tab in YouTube, and then have the ad play

Yeah... because you can't just hit Print Screen and take a screenshot of your screen - including the picture on the site...

Even easier - Firefox has shift-right-click which doesn't send the right-click event to the javascript. It's handled directly by Firefox and gives you all the regular options. (I use for the Nuke Anything extension which lets you selectively remove stuff from the DOM. Great for those websites that plaster crap over the content - remove that and read it at will).

And there are many DOM-attribute modifying scripts out there - I have one that removes the password saving attribute from web pages with passwords. Very handy with those sites that prevent saving passwords that you don't care about.

Their extension can't affect the recipient's end of things if the recipient isn't also running that extension. In that case nothing Dmail can do can prevent the recipient from saving the message, forwarding it or doing anything else with it. Dmail can play tricks with HTML e-mail by replacing the body of the e-mail with a dummy wrapper that fetches the message via HTTP from a Dmail server and they can use some Javascript tricks to try and block "Save as", but those are going to run into problems with anything that blocks remote content or disables Javascript in e-mail. Even if the recipient's using Gmail in Chrome that's going to be an issue considering how that sort of blocking's basic to blocking malware. And of course if the recipient's running a non-browser client using IMAP4, Dmail's completely out of luck.

If you read the article, you'll see it's really just a private messaging service. The plugin just interfaces that service to Gmail.

If you have the plugin, then it'll retrieve the message for you. If you don't, e.g., use Firefox, what happens you get an email with a link that basically says "XXX has sent a message to you. Click here to see it".

Well, probably not so spammy-looking, but there you go.

It's nothing special - the only reason messages can be "erased" is the link expires.

"Not have a life" I never understood this, two hours on Saturday and two hours on Sunday isn't taking anything away from peoples lives especially if you really enjoy what you're doing. If coding feels like an inconvenience to you, perhaps a different hobby would suit you better.

And here we see the problem with community based software development. The thing is, for developers shiny and new features are fun, maintenance is not. So yeah, spending 2 hours a week coding up some new scenario? Fun! Spending 4 weeks fixing up your existing scenario? Not fun. Spending 4 weeks fixing it up because of some change that doesn't feel necessary other than to have some shiny? Even more Not Fun.

And since you're not getting paid for it, you're going to do the Fun stuff over the Not Fun stuff. Because Not Fun is really a job or a chore. The former at least has money as the motivator.

Now, in a lot of projects, you come across the rare few who don't mind working on the maintenance, to which you really need to give respect to because it really is thankless. Add some new shiny feature? Users thank you. Fixing some bug? Probably not even noticed.

Some projects, like Linux do continual maintenance because you can roll in new features that other developers appreciate - reworking some terrible API into an easier to use one? Wow.

There's no more point in banning drones than there is in banning butter-knives. Both are useful and very safe ways to perform a task -- however, both can be MISUSED when in the hands of idiots. Far better that we simply make sure that any idiot who misuses *any* technology is dealt with appropriately. The only alternative to ensuring public safety is to have us all fitted with straightjackets and locked into our own private padded rooms -- for our safety.

The easy way is licensing.

Right now the regulations are a bit cumbersome, but they're there - they're aircraft, and to fly an aircraft, you need a license. Or rather, you need a license, a medical, and a radio license. (It's important to note that the whenever any civil aviation authority wants to ground a pilot, they don't actually take away their license. Since the three documents are required to legally fly, they take away the medical certificate. (And the medical is often temporarily suspended - either by the pilot or a doctor on other occasions, so it's not a big deal and incurs minimal to no paperwork on either party's side)).

Since there's no current syllabus for drone pilots, they're lumped in with every other pilot as well.

That's the most likely end result - and I'm sure the FAA and others are looking to see what the trend is. And I'm sure the RC groups are going to have their say as well because they're also seeing the same news reports, and they know if it keeps up, even their hobby can be regulated. They may actually champion an industry-standard form of self licensing - better they do it than the government).

It can be. Don't generalize to use cases you don't know, especially when people with no real programming skills are concerned. I honestly don't know any other software that is both as flexible and accessible as spreadsheets when it comes to doing computations on heaps of (mostly irregular) data.

Even for people WITH programming skill, a spreadsheet is often faster when you need stuff done.

When working with hardware, there are often pesky register settings that need to be configured just right - a spreadsheet that lets you convert from common every day units that you see in datasheets to the register settings is a godsend for many devices. Even stuff like taking the GPIO configuration of a SoC and picking them from a list on a spreadsheet then having it dump those settings out is pure magic and removes a lot of the tedium of bringing up a new chip.

The spreadsheet is basically used as a graphical front end to what is effectively a calculator (a very specialized one).. Could they have written it as a proper application? Probably, but a spreadsheet is a heck of a lot more flexible, especially when the next generation chip comes out, and you can take the spreadsheet and modify it to support the new chip in a day.

(Plus with spreadsheets able to debug for you (you can work backwards from the result to the starting values, it really makes it easy to trace data flow through it)

And heck, if something goes wrong, a spreadsheet is probably easier to debug since you're not having to go through oodles of boilerplate code to handle stuff like a GUI, data saving/retrieval and other things. You can get right to the meat of the thing.

I've even made use of stuff like conditional formatting to make things even more easy to ues - if something is out of range, you can make a cell be a "traffic light" showing if everything is good, or if there's a problem, use it to highlight the problem cells. How many a time you debug a register setting, go back to the spreadsheet and there it s in red showing you the problem.

Which is why this is pretty stupid. H.264 is "good enough" for most things. Particularly as bandwidth continues to grow. A more efficient encoding scheme would be nice, but it isn't necessary. We can already do 1080p60 video over most net connections with reasonable quality.

So H.265 will have to be appealing not only in terms of bandwidth saved, but in terms of cost. Companies won't move to use it if they have to pay a bunch extra for the privilege. They'll just keep using H.264 and more bandwidth.

I can understand why the patent holders are upset with the MPEG-LA - because the MPEG-LA mandated that patent licensees will be paid for every use up to a cap (approx $6.5M/year), streaming is free (as long as viewers can watch the stream for free), and all sorts of other things. So companies like Apple, Cisco, Netflix, etc., they pay the $6.5M license fee and go about their merry way (incidentally, Cisco's fee also pays for Firefox's license).

Which is why h.264 is the predominant codec in use today - it's relatively cheap to use, sites like YouTube and Vimeo pay $0 to host videos that anyone can watch for free (they will have to pay for those subscriber/paid videos, though, since those cannot be viewed for free) - yes, "for free" means you the viewer pays $0 to watch, not that you don't pay some other way (e.g., watching ads).

MPEG-LA, to ensure adoption of HEVC wants similar licensing terms - a cap, free streaming for free to view, etc., But some patent holders (including the likes of GE and others) balked - hence forming the HEVC alliance and getting rid of the "thorns" - no cap to the amount you pay, streams also cost money, etc.

There was a lot of derision about MPEG-LA's free stream policy, but they know that widespread adoption is a good thing, and there's a reason why everything's in h.264 format.

Sadly, the greed of a few is probably going to kill HEVC - at a time when HEVC is just coming out, the last thing you want is to stifle it. I'm sure the patent holders of h.264 will probably make way more money because people will stick with what works and is well established over moving over to something that requires paying a lot of money for continually. At the very least, big companies like Apple, Microsoft, Google, Netflix, Vimeo etc, who probably just pay the cap every year will stick with h.264 than be subject to huge licensing fees of an unlimited cap. Either that, or HEVC will remain a niche for paid subscribers.

But Agilent spun off Keysight Technologies, which was the real HP of way back when

Who obviously are engineers, for they have no sense of naming. Even though I was told Keysight Technologies is the new name for Agilent's test equipment, when I get an email from them, I can it because it sounds like some internet marketing firm selling SEO services.

I probably went through 6 months of this before I started realizing what was happening. And I still can them because they really do sound like a marketing firm than a company making test equipment.

Of course, they probably paid someone like $1M to come up with that name.

Okay, just answered my own question. I also had "ChallengeResponseAuthentication no" in my sshd_config. When I changed this to "yes", I was able to reproduce the bug. In the original article, I had done a /. post with a link to a redhat page explaining why they used "no" and it is because of keyboard interactive [which tracks CRA].

My original slashdot post, with additional security I use and the logging of script kiddies I've been doing for years: http://slashdot.org/comments.p...

The redhat page: https://access.redhat.com/solu...

What have threats to the POTUS to do with "Stake Out the Ugliest Corners of the Internet"?

I just tested this (I've got UsePAM yes in sshd_config) on fedora 21 and I only get three tries before disconnect. So, what's special about freebsd?

Umm... you could just not let Flash play. That's easier than using an automated method designed to avoid bad behavior in a Turing Complete language autorun natively.

That assumes you don't want said flash running anyways.

There is just as much chance it happens while running flash just like it does on HTML5.

So I'm running Flash because I want to watch a video (or play a flash game, or download a file) and one of these annoying won't-go-away ads show up (which because it's flash, has a nice tendency to bypass plugins that block ads and crap).

With flash, it's all or nothing - if a flash thing wants to show an ad and force you to see it, there's nothing you can do about it other than close the webpage. If it was done in HTML5, then just that bit can be blocked while still getting full functionality.

Keep in mind Chrome had this .... then advertisers disabled it :-(

I tried a system without adblock and it was astounding what these guys do these days. Website redirects, 15 second commercials you can't close, etc.

My fear is as flash dies HTML 5 will make blocking this harder if they can hack and disable muting

Then you switch to a browser that lets you do that. That's the cool thing with HTML5 - if one vendor refuses to make their browser work for you, you move on. Whereas if it was flash, then they all are broken in the same way.

I went across a website that did that - it did popups and alertboxes and played a sound. And the alertbox was triggered on closing, making it nigh impossible to close the window. Then I noticed a "suppress further alerts" checkbox, which made it simple to close the tab.

Do it in flash and the only way is to kill the process.