Ha! You mean like Twitter?
I think I'm one of the two who bought from Amazon. I don't care if you put it up for free. If it really bugs you that much, take the two bucks and give it to the next homeless person you see, or in the tip jar somewhere, or whatever. (Actually, I thought I said before that you could do that
And Cmdr Taco
moot is now free to join Sherrod DeHippo in obscurity.
How many unauthenticated remote exploits in a HTTP stack does it take to lose a customer?
Not many, I should imagine, but your comment is irrelevant because there were no such bugs fixed in this Java update. The way Oracle describes these bugs is horribly confusing. Normally we expect "remotely exploitable without authentication" to mean you can send a packet across the network and pwn the box. If you actually check the CVEs you will see that there's only one bug like that, and it's an SSL downgrade attack - doesn't give you access to the box. All the others are sandbox escapes. If you aren't trying to sandbox malicious code then they don't affect you.
Java doesn't have security holes like C or C++
.... or so I was told.
Then again, I haven't seen too many security patches for gcc or libstdc++ or glibc
You're comparing apples and oranges. The "remotely exploitable bugs" in this Java update, like all the others, are assuming you download and run malicious code in the sandbox. GCC and glibc don't have protecting you from malicious code as a goal, in fact Linux typically requires all software to be installed as root no matter what. Obviously if you never even try, you cannot fail.
The interesting story here is not so much that sandboxes have holes (look at the Chrome release notes to see how many security holes are fixed in every update), but rather than the sandbox makers seem to be currently outrunning the sandbox breakers. In 2014 Java had security holes, but no zero days at all - all the exploits were found by whitehat auditors. Same thing for Chrome, people found bugs but they were found by the good guys.
I'm not sure if this means the industry is finally turning a corner on sandboxing of mobile code or not, but it's an interesting trend.
The 5th Amendment protects against self-incrimination, which means providing evidence in a proceeding against oneself. This is effectively what you would be doing by handing over your password.
In my state, they have to post a surety bond or have a certain amount of liquid assets or something along those lines in order to offer their services.
Humble Bundle per-platform stats would disagree. Linux users tend to pay the most, followed by OSX users, with Windows users in the rear.
I bet starving people would pay more for a meal than a fatted American like myself.
You're saying that these intense, but short, broadcasts are examples of interstellar speed metal; a-la Napalm Death's sub-second song "You Suffer"
then say so!
They are having layout issues right now. I've seen this before. They fix it eventually. As long as the archives remain untainted, intact, and accessible, it's all good.
You forgot the scare quotes around the word "fix".
good luck finding a geological marker for any of those things you mention.
the geological timescale cares very little for your opinions on culture or our ability to insert tab A into slot B enough times to create an airplane.
no, the dawn of the HUMAN age is the topic. the nuclear bomb just happens to be a nice easy geological marker for that.
note that the epoch is called the anthropocene epoch. anthopo, meaning human.
we aren't calling it the nuclear epoch.