Wow, you mean commercial products designed to connect to the internet have absolutely crap security?

Well, color me fucking surprised and shocked.

No, wait, the other one .. where I point out these companies are either incompetent or indifferent to security, have no penalties or liability, and have products rushed out the door by asshole CEOs and marketing people who don't give a damn about security.

This is precisely why I look at pretty much every damned product which wants to connect to the internet, or has an app for your smartphone and think "oh hell no".

Trusting this shit is idiotic, and quite frankly, I'm beyond the point of sympathy for people who buy this shit. It's insecure so that it can be convenient. Pretty much at least weekly we see an entire class of products has pretty much zero security. And we're a long way away from being able to trust them.

Just stop buying this crap.

It has the advantage of once having been worth something. People have a fondness for it. It might tempt back some of the old users. Social networks have an advantage in that they're worth more when more people are there, and that history might just barely let them leverage that.

The main value of the site, at least to me, was always its user base. I didn't RTFA because the commenters would often be able to give me a better summary of what was really going on. Especially when TFA was clickbait; I could see why it was clickbait without having to read it myself. Or for sciencey stuff that's out of my domain, Slashdot often had people who could explain it at my level. (That is, more than the average layman, but less than a grad student in that field.)

I'm not gonna get my hopes up, but I'll note that I'm still here, though mostly lurking. There may be others waiting for an improvement to the site's management to contribute more.

No, I'm saying companies are cheap and don't tend to make a lot of variations on models because it costs them more, unless they think it's worth it.

If they figure only 5-10% of the market would buy a phone with a physical keyboard, they might not be willing to chase that because it's not worth it. And if it poses a risk to make something until they know how many would be sold, they just might not do it.

Just because you want a feature doesn't mean the company making it gives a damn. If they did, they'd probably make it.

I had trouble with my social development as a child. Some of it's clearly genetic. My father isn't completely socially incapable (although he did benefit from 1950's parenting methods and two older sisters who were not socially handicapped in any way), but he shows signs of high-functioning autism. But it isn't just that. My father shows signs of having at least mild narcissistic disorder, and my mother is unmistakably borderline. (Not sure what my father's excuse is, but my mother was the victim of child abuse, and her parents were much worse than mine.) So my parents didn't do a good job of teaching me social skills. Mostly, I just got into trouble for things I just didn't understand. Even after I developed empathy in around the 8th grade, I didn't know how to use it, and there was nobody I could talk to who was insightful enough to help me figure it out.

But then when I was in my 20's, away from my parents, and perhaps having outgrown some of the innate problems, I encountered co-workers who had the patience to explain to me my social mistakes without all the "what the fuck is the matter with you" kind of reaction. Instead, they explained to me clearly and calmly (albeit with concern in their mannerisms) what I did, what it meant, and how people perceived it. I was receptive, and they were willing to help, and this lead to a rapid growth in my social ability through my 20's.

What I've learned to do is PAY ATTENTION. I know that I have a disconnect, so I have developed a conscious habit of opening my eyes and just listening to and watching what's going on and associating people's emotional reactions (which I can read) with the social circumstances that lead to them. I'm also a bit of a goofball, which I have learned to leverage. So I smile, make jokes, and get people to talk about themselves, and people now find me to be rather charming.

It's been a long road getting from there to here. :)

Read: he should point out our faults then just let us take whatever revenge we feel like.

Or more likely, hide what he has to say, tell him he'll go to prison for the rest of his life if he tells, and then do absolutely nothing differently.

So, he had the choice, be silenced and live in fear in the US ... or not be silenced and live in fear somewhere else.

But there is no way in hell if he'd brought these concerns though "proper channels" a damned thing would changed.

They just got embarrassed when the truth came out. They only really care about the fact that people found out, not what they did.

There is no way he could have achieved a damned thing by doing anything other than release this stuff.

She is a total moron. How do such people ever get such responsible jobs?

The scary thing is there's lots of people willing to be fascists because they think it's OK. The justification is "I can do anything as long as I say I'm doing it to defend my country", even if they're undermining everything worth defending about their country.

The sad thing is, apparently a lot of Americans would agree, and believe security at any cost is an OK thing.

Oh, don't misunderstand me ... I know people do need this stuff when it's fresh and steaming, and have no choice.

I'm saying that, in general, as a change management strategy, taking the first day release of a fix has been demonstrated to be a terrible idea. Over and over and over by pretty much every software vendor.

Many of us support production machines and mission critical things, which means there's no way in hell we'd apply these on the day they get released.

What really annoys me is Microsoft's increasing push to force people to take those updates on day one, and be stuck with the consequences of that.

So, imagine a world in which some poor schmuck is running the version of Windows 10 which doesn't let you defer updates. When Microsoft pushes this crap out, suddenly a huge amount of people have broken systems. Microsoft isn't going to pay to fix that. Microsoft isn't going to have to deal with the consequences of the outage.

So, the general advice of "if you don't absolutely need this on the day of release, wait" is the best strategy if you can't be on the bleeding edge every day Microsoft has a new fix.

Microsoft seems bent on taking that away. And that, in my opinion, is idiotic and dangerous.

If you need to be on the cutting edge, you should probably be taking your own steps to recover from that. Mine is let everyone else test first. ;-)

Well, honestly, given that people make bluetooth keyboard cases this is fairly trivially solved if you care enough.

Maybe phone companies figure the accessories market can solve this problem?

I'm willing to bet it's a smaller amount of people who want a physical keyboard than those who don't. In which case, you're not a profitable enough segment for the companies who make phones, but an excellent niche market for people who make accessories.

It's not like you can't have what you want now, you just won't get it from the main companies selling phones.

There's a massive difference between knowing there are likely bugs in your software and believing that the day a fix or patch comes out it doesn't introduce new issues.

Microsoft, and pretty much every other software vendor I've ever seen have demonstrated time and time again that they're incapable of releasing updates without breaking something else.

So, we let the reckless and the silly be the beta testers, and wait until the dust settles. And, that's fine, because we can simply choose to wait to apply the fix for a while.

Microsoft wants to go to a "break first and fix it later" approach, and that's just asinine. Because it isn't their computers which will be broken in the meantime.

Sometimes you just have to ship the product.

Sure you do. But don't be surprised that your users refuse to be your beta testers and wait for more people to do that. Your QA is your problem, and I have no intention of making it mine.

The people who go "oh, boy, a brand new update" provide the valuable service to the rest of us of being test subjects. And they can live with the consequences.

The rest of us, well, after the first bunch of times we've learned our lesson.

So, be my guest. Run through the fresh steaming shit with reckless abandon. But I won't. Because I've seen Microsoft updates be broken upon release quite a few times, as I have from pretty much every other vendor.

Depending on language, "Hello World" may inherit bugs from the compiler used to produce its binary. Otherwise, it gets its bugs from the interpreter or VM.

Even "hello, world" itself has many bugs in many implementations.

I mean, do you check to see that stdout is actually connected before you blindly output? Or do you just output and hope for the best? ("hello, world" that doesn't print "hello, world" would be considered a failure).

Do you check all return values? Do you even know that printf() in C has a return value?

Did you check that the output buffer has sufficient space for your characters, or are you assuming your program won't hang because the output buffer is full?

Does your language startup/shutdown routines properly handle your return type? I mean, if you're doing the "void main(void)" thing, is your startup code making an assumption that you're returning an int? Sure it might do the right thing most times, but perhaps it suddenly blows up and instead of returning 0, it returns -238 or something.

Etc. Etc. etc. It's a good way to test how good someone is at QA testing - give them a standard version of "hello, world" and have them figure out all the bugs that can be lurking in it.

I did scraping before (and note that we aren't talking about screenscraping here, but rather website scraping) - I once wrote a scraper that presented an entire online forum as a newsgroup. Based on my experience with that, and on the layout of the RCW website, scraping this particular thing is absolutely trivial.

I agree that we shouldn't have to do that. I'm just saying that I find it doubtful that they do it to extract money from people, because I just don't see that working well when it's so easily scraped. If someone were to hire me to do that, it'd probably take me something like a few hours, and I wouldn't ask more than $200 for such a job.

The way the laws are laid out on that website, it would be trivial to scrape them into a single document. Even the URLs there are very predictable, making it particularly easy. For $615/year, I'm sure someone would do it.

Basically, hardware companies are, on the whole totally mental. For some reason, they have all their expertise in hardware and produce hardware for a living and then throw a total shitfit over the software and believe that their super special awful crashy piece of shit software is really the important thing and wrap it up in all sorts of proprietary licensing "solutions" designed to make life as hard for the paying customer as possible, when what the customer really wants to do is make some cool shit with the hardware, and maybe sell a bunch of stuff based on it.

OTOH, perhaps Lattice is currently licensing their POS toolchain, so something like this would mean they have no longer have to license and pay $$$ for the stuff.

Few hardware companies get it - they can produce good hardware, but they invest practically nothing in software - thinking it comes for free or something like it.

Considering Lattice isn't one of the big guys in the whole FPGA business, I'm sure they have to pay Synopsys or Cadence for a lot of the tools. Or provide support to them so customers buy those tools to use their chips.

A project like this would mean they could "own" their own toolchain and be able to provide a low-cost software solution for people to use their chips. And the only reason hardware guys do software is to sell more chips.

You know, if Microsoft changes the library in place and breaks it ... I don't blame professional developers at all.

I blame whatever idiot at Microsoft was responsible for not fucking breaking existing stuff.

This is just lousy QA.

I feel bad for anybody who is going to be the victim of Micrtosoft's idiotic policy of deciding it's their computer and they'll update it as they see fit. Because it is a certainty Microsoft will break a large amount of computers and leave that to be the problem of the people who own it.

And, I'm sorry, but if Microsoft is going to force updates and break machines, they should be charged under the computer fraud and abuse act, or whatever it is.

Because this is pretty much damaging other people's property, and shouldn't be legal just because some asshole at Microsoft updated an EULA which says they're allowed to do this.