Forgot your password?
typodupeerror

Comment: Re:To what end? (Score 1) 101

by Arker (#47427281) Attached to: After NSA Spying Flap, Germany Asks CIA Station Chief to Depart
"My impression, also from German newspapers etc., is that most germans including politicians are truely mad and are seriously considering to cool down relations with the USA."

As they should be, frankly the reaction seems inexplicably mild.

Can you imagine the reaction if the shoe was on the other foot? If this was a BD spy caught infiltrating the CIA?

A 'cool down' in relations would be a serious understatement.

Comment: Re: haven't we learned from the last 25 exploits? (Score 1) 68

by Arker (#47426261) Attached to: 'Rosetta Flash' Attack Leverages JSONP Callbacks To Steal Credentials
"Over the years, I've done a lot of work with games and simulations for training."

OK. That really doesnt have anything to do with the web, however. Sure, the web can be used to deliver the project - that doesnt mean it has to actually run inside the browser. There is a HUGE difference.

"We could not have produced this educational game with just HTML."

I get where you are coming from but I still think it's far off the mark. The web is not a game platform, that is not it's purpose, so 'we could not do games this way' is not a very telling criticism.

You can use better tools to make the games, and use the web merely to deliver the game. Where is the problem with that?

It would NOT be slower, clunkier, or more prone to error. It could be done using exactly the same technologies in virtually exactly the same way - the only difference would be very slightly less easy to get it started, and in return for that, your browser is no longer a malware vector.

Or, it could be done using technologies better suited for the purpose, in which case I would expect the results to be less clunky, faster, and more stable - but the development process would be more expensive as well.

I get why you would want to use RAD to lower costs, just not why you see the tiny convenience of running in the browser automatically as worth the cost of turning the web into a malware distribution network.

Comment: Re:haven't we learned from the last 25 exploits? (Score 1) 68

by Arker (#47420705) Attached to: 'Rosetta Flash' Attack Leverages JSONP Callbacks To Steal Credentials
"An HTML-only web is great for relatively static content, but not so great for anything much beyond that. "

This sounds like nonsense to me, but I will give you the benefit of the doubt and ask you for *concrete* examples of what you are talking about. I have yet to be cited a single good example here - very often what is being done would work just fine in HTML, with less overhead, but the 'designers' just do not understand HTML, or have any desire to learn it, so they do things this way instead.

Certainly javascript can produce a slicker appearance and make certain things a bit smoother - but to do so it sacrifices device-independence and browser agnosticism - critical advantages that underlie the success of the web and whose loss can only undermine it.

Now if you build a proper web page, and then *enhance* it with javascript sanely, preserving graceful fallbacks, that would be fine. You can have your slick interface without sacrificing the web. And I can choose to avoid your slick interface so as not to sacrifice my security.

The 'designers' that cant be bothered to do that, and the suits that keep them employed, are the reason we cant have nice things. In this case, javascript.

"Is it so difficult to grok why you might want content to change on the client?"

Not difficult to understand why it was desired.

The point is it's harmful and been proven harmful, and far too harmful for the small advantages it brings to outweigh that.

Comment: Re:haven't we learned from the last 25 exploits? (Score 1) 68

by Arker (#47414205) Attached to: 'Rosetta Flash' Attack Leverages JSONP Callbacks To Steal Credentials
"If you want the web to be useful, you should be pushing for only the most minimal use of Javascript."

When this crap first started getting pushed, a lot of us saw the potential problems coming and objected. We were assured it was only to be used to 'spice up' webpages, not to replace them.

Such assurances are obviously shit. If it's allowed to use it, then the lowest common denominator of self-proclaimed 'designers' can, will, and must overuse it. This overuse expands steadily and predictably until and unless there is effective pushback. Today we have reached the point where the typical corporate 'website' (and I use scare quotes because these things are NOT websites, at all) consists of hundreds of executable files, fetched from dozens of different servers, all of which the browser is expected to suck in and execute without so much as giving you a warning.

And contrary to the hilarious suggestion I see at the top of many many webpages today ("Enable Javascript for a better user experience") this does not bring with it any substantial improvements for the user. Quite the contrary, it results in a worse immediate experience (no, I didnt want a dozen popups, autoplaying video presentations, and a huge advertisement that floats over the text so I cannot see it!) and also in the longer term (like a week later when you discover that some random ad server sent your browser a rootkit and it happily executed it, oops!.)

But the point is history has proven this is a bad code drives out good situation. If it's allowed, it will take over, just like a weed.

Turn off javascript. See the web as it really is. And support the web that still exists, before it's too late.

Comment: Re:say wha? (Score 4, Insightful) 68

by Arker (#47412415) Attached to: 'Rosetta Flash' Attack Leverages JSONP Callbacks To Steal Credentials
"English translation: as usual, Flash is useless except as a vector for malware, viruses, trojans and keyloggers. Remove Flash from your system."

That's actually not quite true. Flash is a great way to develop simple games quickly and cheaply.

The problem isnt Flash itself (which is on the whole a fine product, used correctly) but the idea of using Flash as a substitute for a webpage, the installation of it as a browser plugin, and the auto-execution of it by the browser. None of that should be tolerated.

It's still possible to get a standalone flash interpreter and only feed it local, vetted files, which is really fine (or as close to fine as lots of other things you do every day, at least.)  But Adobe seems to be trying their best to discourage that and force everyone to use it as an auto-enabled browser component instead. The one way to use the program that causes major problems is also the one way they want you to use it.

Everyone who has been infected as a result of this should really get together and sue these arseholes, because money is the only language they understand.

Comment: Re:haven't we learned from the last 25 exploits? (Score 5, Insightful) 68

by Arker (#47412367) Attached to: 'Rosetta Flash' Attack Leverages JSONP Callbacks To Steal Credentials
Excellent advice.

Expect to be flamed into oblivion by all the 'web devs' that cant be bothered to learn how HTML works and rely on this crap instead, though.

The web - the real web, the HTML web, appears to be shrinking at the moment. New content is often hidden behind some kind of opaque app crap for no apparent reason and with no actual webpage for fallback (thanks google!) and old content occasionally gets removed as well. Each time this happens, it makes it even harder and less likely to revive the healthy web we once built with such love and care.

And naturally the people that are making a profit on this crap will just keep right on cranking it out as long as that is true.

The real victims here are future generations, who should inherit that world-wide web, but are set to inherit something entirely different - and inferior in every way (when judged from the users perspective - from the perspective of big Advertising of course the story will be different, but we built this web for humans, not for marketing.)

Comment: Re:I doubt the dna stuff will come true (Score 1) 345

by Arker (#47410185) Attached to: Here Comes the Panopticon: Insurance Companies
"The real problem we are having is not the loss of privacy per se, it's the abuse of private information. Most people are fine letting Onstar know their current location. We are not fine with Onstar telling anyone that information - not the police, not our wife, not our boss. "

It sounds more like the real problem is that people are so stupid they do not realize that you cannot have your cake and eat it too. If Onstar has the information, others will be able to obtain it, whether by hook or crook.

If you want your privacy you must defend it consistently, not only when it is convenient and inexpensive to do so.

Comment: Re:Got To Be A Ritual (Score 1) 63

by Arker (#47406753) Attached to: IBM Tries To Forecast and Control Beijing's Air Pollution
"You're a bit too literal."

And you are a bit too soft-headed, at least on this issue.

"Noise pollution," "heat pollution," and "light pollution" also involve an excess of something that naturally occurs in the environment.

And all three are BS terms. Marketing terms, where they verbally associate item X with item Y even though it does not belong, simply because they believe it will provoke the emotional response they want. THIS is real pollution - of the language. This fits in the same bucket with the 'wars' on 'drugs' and 'terror'- it's language being used to prevent, not to facilitate, accurate thinking and accurate communication.

This is where effective manipulation of the population starts, and this is where it needs to be rejected.

Excessive noise, excessive heat, and excessive light are perfectly accurate terms. The 'pollution' variants are inaccurate, marketing terms, chosen to provoke an emotional response in a desired direction. Lies, to speak plainly.

"So it's a bit naïve to claim that just because something naturally occurs in the environment, an excess won't be bad for society (and shouldn't be controlled)."

It would be, except I made no such claim. Go back, re-read my post, as many times as you want. It simply does not say that.

This is how bad you (and it's not to pick on you personally, this is a general pattern today) have had your own head loused up at this point with marketing-inspired BS that you automatically read that claim into what I said, and responded to it, even though I did NOT say it and did not even imply it in any way.

I simply pointed out that CO2 is not a pollutant. And then moved on to my main point. And both the replies I get ignore the main point entirely and respond, not to what I actually wrote, but to some sort of pre-programmed straw-man image of what I *must* believe, no matter that it is completely inaccurate.

Comment: Re:Good idea, but terrible implementation (Score -1) 110

by Arker (#47404379) Attached to: YouTube Issuing "Report Cards" On Carriers' Streaming Speeds
"First, what gives with the goofy webpages that try to scroll like pages of a book?"

It's not really a webpage. 'Designers' have never liked the web and love to break it - this is the result. 884 lines of idiocy, full of 'favicons' and malicious attempts to direct my browser to Facebook! of all things, but no actual webpage, not even a fallback apology when viewed with a sane browser, nothing but a title and a blank page.

But to answer your question, what gives? Cranial rectosis. It's an epidemic, and obviously it's hitting google pretty hard right now too.

Comment: Re:Got To Be A Ritual (Score 1) 63

by Arker (#47403463) Attached to: IBM Tries To Forecast and Control Beijing's Air Pollution
"Oxygen isn't a pollutant either, unless you breath too much of it. Similarly for nitrogen."

How much you breath has absolutely nothing to do with it. Oxygen, Nitrogen, and CO2 are the natural components of the atmosphere, not pollutants.

"Here's a clue, have a sense of proportion. Pump enough CO2 into the atmosphere, big surprise, the atmosphere heats up. Don't want to believe it is problem? Please, don't. However, you cannot ignore the CO2 acidifying the oceans and taking out coral reefs and shell fish. Don't think that's a problem? The ocean is the base of the food chain. Surely, you care about that, eh? Nah? Okay, please go back to sleep."

This does not appear to be relevant to anything I posted, indeed, you appear to behaving quite the conversation with an imaginary friend there.

Comment: Re:Got To Be A Ritual (Score 2) 63

by Arker (#47402641) Attached to: IBM Tries To Forecast and Control Beijing's Air Pollution
Carbon dioxide is NOT a pollutant.

It's a natural component of the atmosphere, produced every time an animal breaths or respirates in any manner (fish do it too.)

Now, focus on the real pollution for a moment and realize that there are still very real and enormous costs to your proposed policy of 'If it pollutes simply end it.'

So what are you going to use for power, Solar? Do you have any idea how much pollution you have to create BEFORE you get a PV cell ready to START producing a miniscule trickle of electricity? Hydro-electric damages the riverine ecology and there is still plenty of pollution attributable to its construction and maintenance on top of it. The latter goes for wind as well. *You cannot even construct* your "clean" power plant without polluting to do it, so electricity is out the window, welcome to the new dark ages.

Unless that is really what you want, you will have to adjust your expectations. Some level of pollution being unavoidable, the question becomes how to keep it within safe bounds.

Comment: Re:TSA = the USA's Gestapo (Score 2) 674

by Arker (#47399559) Attached to: TSA Prohibits Taking Discharged Electronic Devices Onto Planes
"Hahahaha, Nazis? Unless you're taking a direct flight to a concentration camp, gtfo."

The iconic image of the Nazis I was raised on was the Gestapo agent demanding papers. The US is supposed to be better than that. No internal passports, a free man (or woman) has the right to go about their business in peace, does anyone still remember those days?

Comment: Re:What's worse? (Score 1) 201

You misunderstand the function of law enforcement.

It is not, directly, to help the victim. In many cases the victim is, after all, beyond help.

Rather, it is to prevent future victims. First by putting the victimizer out of business - and if that doesnt help the existing victim, in fact even if hurts the victim, it still has to be done, for the sake of the potential future victims. This is why we ask rape victims to testify even though they may find that as traumatic as the original crime. Not to fix the damage that's been done (that's the function of civil law, not criminal law) but to prevent future damage.

One of the most overlooked advantages to computers is... If they do foul up, there's no law against whacking them around a little. -- Joe Martin

Working...