Forgot your password?
typodupeerror

Comment: Words alone are no crime (Score 1) 650

by brundlefly (#44388963) Attached to: US Lawmakers Want Sanctions On Any Country Taking In Snowden

Edward Snowden has been charged with no crime. He is _alleged_ to have committed crimes, but evidence of due process is so lacking as to be non-existent.

Show me a criminal indictment, and I will happily serve as juror.

Until then, any power seeking unlawfully to curtail the human rights of a person based solely upon their uttered words is a power whose charter I reject. Even if that power is itself the U.S.A.

Comment: Re:We Want to (Score 5, Interesting) 731

by brundlefly (#32195434) Attached to: Adobe Calls Out Apple With Ads In NY Times, WSJ

I never used to harp on security either. Then one day I got a virus while using Firefox and browsing www.theatlantic.com web site. Some loser in the Yahoo! ad network decided to build a Flash ad that allowed scripting access from domain:*. My browser... screwed.

Thanks, Adobe. Thanks for giving every idiot web dev alive an automatic weapon with no safety training.

Comment: Re:Getting JS out of the browser is a *great* idea (Score 1) 531

by brundlefly (#30287946) Attached to: Trying To Bust JavaScript Out of the Browser

I do understand the example. They want document.all for *only* two reasons. 1) So old code can check "if (document.all)" and proceed accordingly, as a form of poor man's browser sniffing, and 2) So old code written against document.all can still run.

Neither one of those reasons is violated by my posting, which in essence says that there's nothing wrong with the spirit of document.all, just the implementation(s).

Cheers....

Comment: Re:Getting JS out of the browser is a *great* idea (Score 2, Informative) 531

by brundlefly (#30285214) Attached to: Trying To Bust JavaScript Out of the Browser

>> The willful violation of the javascript object model for document.all in HTML5 (see bottom of page) is one particularly nasty example...

Not really nasty to implement at all:

get document all() {
return document.getElementById.apply(document, arguments);
}

That's interpreted code, of course, not native code. But if you're in the business of writing parsers and compilers, rolling that into native code is about a 10-minute operation.

Now... I might agree with you that it's misleading to newbies to design a language such that a potentially ubiquitous and expensive call to an external technology (the DOM) is hidden behind a seemingly innocent property lookup. But there again, expensiveness of such a call is an artifact of how browsers are coded, not a deficiency in design.

In principle, there's nothing wrong with providing a associative-array-like API to an action which performs a flat lookup within a namespace of unique keys [albeit admittedly unenforced in this case]. Python, Ruby, JavaScript and most other functional languages offer this functionality as standard fare.

Pick a different example....

Image

Jetman Attempts Intercontinental Flight 140

Posted by samzenpus
from the a-jetwing-and-a-prayer dept.
Last year we ran the story of Yves Rossy and his DIY jetwings. Yves spent $190,000 and countless hours building a set of jet-powered wings which he used to cross the English Channel. Rossy's next goal is to cross the Strait of Gibraltar, from Tangier in Morocco and Tarifa on the southwestern tip of Spain. From the article: "Using a four-cylinder jet pack and carbon fibre wings spanning over 8ft, he will jump out of a plane at 6,500 ft and cruise at 130 mph until he reaches the Spanish coast, when he will parachute to earth." Update 18:57 GMT: mytrip writes: "Yves Rossy took off from Tangiers but five minutes into an expected 15-minute flight he was obliged to ditch into the wind-swept waters."

Comment: chmod + plaintext + obscurity (Score 1) 1007

by brundlefly (#30056096) Attached to: Best Tool For Remembering Passwords?

On some server you control, in your "projects" directory (or however you organize your hacker life), do an svn checkout of a small branch of some codebase you care nothing about. Add somewhere a README which is chown root, chmod 600. Maintain your stuff there.

With 99.999% probability your machine isn't going to be stolen by a person who can find the interest to read this, or recursively seek for recently modified files blah blah, much less boot into single-user mode to read it. If you need it remotely, you use ssh of course.

(And if you're on Windows, don't store your passwords there at all. Not trolling -- I have several Windows clients I use daily -- but they're just not the same beast.)

Mozilla

+ - whyisfirefoxblocked.com cracked-> 2

Submitted by Merk
Merk (25521) writes "On Friday there was an article about someone starting a campaign to block Firefox users. Their justification was that Firefox users were more likely to block ads, and that by blocking ads, they were thieves, stealing from website developers.

Well, sometime over the weekend the site was altered, presumably by someone cracking in. The text on the page now gives a Firefox fan's reasoning why someone might want to ban the browser. (Image of page, first seen on Digg)"

Link to Original Source

Thus spake the master programmer: "When a program is being tested, it is too late to make design changes." -- Geoffrey James, "The Tao of Programming"

Working...