Link to Original Source
Slashdot videos: Now with more Slashdot!
Link to Original Source
Link to Original Source
Explicit language might modify what would otherwise be there only by an implicit doctrine.
In general, a licensor can modify their own terms. So, if you are using the GPL on software to which you hold the copyright, and you add some sort of exception, it applies. You can't do it to other people's software.
If it is so easy to do this, why haven't the Russian internet criminals rolled anything out on this scale? It seems to me that a platform like this would be all kinds of ideal for criminal purposes.
They have. That is exactly what I just said - Zeus is also a modular, plugin based malware platform that is developed by Russian/east European fraud gangs. It bears a lot of similarities to the NSA/GCHQ malware platforms in terms of how it gets onto people's systems, general design, etc.
because of the work they do and the requirements that work puts on their infrastructure they were probably into the whole "big data" mindset several years before mainstream commercial, civilian IT companies got there
It's not the case. For instance the NSA scalable data store (Accumulo) is basically a reimplementation of Google's BigTable, and they don't try to hide it. They adopted tech from the civilian space for their own requirements but it wasn't invented there.
With respect to your other points, I never said they don't know what they're doing, only that what they're doing is not particularly interesting and I don't think it will keep the best people interested for more than a few years before they find it becomes humdrum routine. And by "product" you knew perfectly well what I meant - not some crappy in house web app used by a few hundred people who have no other choice, I mean a product that's available in the marketplace which competes for end users, probably consumers or professionals. Something where quality matters.
I don't think so.
1) You don't see ads on Facebook.com if you aren't logged in, and DATR isn't sent for social plugins around the web.
2) They have already said they don't do that.
So we have both their own statements and technical evidence.
OK, so we have an article claiming Facebook is tracking everyone for evil advertising purposes, even when logged out. Facebook denies it and says it's garbage.
Let's go do 30 seconds of digging and see who is right, shall we?
- Open an incognito window. Open Chrome developer tools.
- Load a Facebook "page" (i.e. a product page for some third party product or service)
- Be amused by the giant "STOP!" warning printed to the console, apparently people are being tricked into copy/pasting stuff into the developer console to get their accounts hacked.
- Observe the cookies that are set.
There are three cookies set. Two of them appear to simply encode the loaded URL and have no ids or other interesting info. The last is the "DATR" cookie. What does DATR do? Well, we know what it does because last time this garbage blew up in the press Facebook explained what it does:
We set the ‘datr’ cookie when a web browser accesses facebook.com (except social plugin iframes), and the cookie helps us identify suspicious login activity and keep users safe. For instance, we use it to flag questionable activity like failed login attempts and attempts to create multiple spam accounts.
So it's an anti abuse and security feature. Nothing to do with advertising. Also, guess what - such cookies are common across many websites. They are quite useful for detecting spammers. Presumably Facebook tried to explain this to the Belgian regulator in question, but it's just so much better politically for said regulator to pretend they caught some evil company in their terrible advertising habits red handed, than learn how large websites work.
The problem is the more time the media and government regulators cry wolf over this stuff, the more inclined I am to believe they're all harmful idiots who want to break the web.
Yes The Equation Group [arstechnica.com] really seemed "2nd rate" and they sure didn't "make" anything.
TAO is what you would expect to see given a sufficiently large budget spent exclusively on hacking everything possible. The hacks are impressive in the sense that they take a lot of resources and time to develop and it wasn't previously obvious to what extent governments were committing resources to infrastructure subversion. They are not especially impressive from a technical perspective: it's basically a more professional and larger scale version of the types of malware produced by Russian banking fraudsters. Working from that down into BIOS hacks and the like is the inevitable result of spending billions on hackers year after year - they need to keep finding new things to exploit. Interesting, but only because it reinforces the idea that everything seems to be hackable.
But, what kind of people find this work interesting? I can imagine it would be interesting for a few years, especially if you're young and trapped inside a heavily propaganda controlled environment where you're told daily you're the Forces of Good in an epochal struggle against the Axis of Evil. But the amount of technical design work involved is minimal. The level of new technology is minimal. The "research" is simply finding ordinary bugs and flaws in other people's code. People oooh and aaah about the fact that these state malware platforms use a plugin architecture, whilst simultaneously finding the same thing in Photoshop entirely mundane.
Even the data analytics stuff is essentially just an A-B-C application of big data tech originally developed elsewhere, like at Google.
And the advanced maths the NSA is supposed to be famous for hardly shows up in the Snowden documents. It's pretty clear that their success against even crappy crypto is fragile at best (RC4), probably non-existent at worst (AES/strong RSA or anything past it). Their botched attempt to back door Dual-EC DRBG smells of desperation. They wouldn't build huge infrastructures for storing and obtaining stolen private keys if they had the mathematical tools to undo modern ciphers. So I suspect there are a lot of mathematicians at the NSA feeling kind of obsolete these days and wondering what they can contribute.
I'd say the only genuinely technically interesting work the FVEY guys are doing is the way they've been combining passive intercept with active, automated exploitation. QUANTUM is a pretty interesting thing and I'm not aware of anyone discussing anything like it before Snowden's leaks. However, it's also now a done deal. Beyond incremental improvements, there don't seem to be any obvious further directions for that project.
So as a programmer, developing hacks and malware can be entertaining for some years, but eventually I think most skilled people will want to flex their muscles in other ways. They will want to build something instead of break something. The best people will have a broad span of interests. In an organisation like Google or Facebook that's OK - you can work security for a few years, do some exploit research, then go on and transfer to some other project. Or leave but keep your work on your resume. At the NSA? There it's more limited. You can't easily leave the classified world because your work experience is a gaping void. They don't do product development. You will never make something that your family uses. You will never even develop the skills needed to do that.
Stories like this give me some hope that despite it's apparently bottomless budget, the NSA can still be beaten technically. They discard most of the qualified people because they aren't US citizens and the ones that are left would be well advised to take a career at a Silicon Valley firm where they can do very similar sorts of work, but for things that are unquestionably useful. If you go do big data analytics or security work in order to fight spam on Gmail (like I did), you don't have to worry about the moral impact of your work - spammers and hackers are unquestionably bad, so booting them off the platform is unquestionably good. If you go do the same work at the NSA you have to worry that the "terrorists" might just be random unlucky guys in Pakistan who were in the wrong place at the wrong time, or that the targets are simply foreign politicians or CEOs
I am still having a little trouble with "we don't need our spies to spy". Maybe we do.
I am also having trouble believing that the kind of encryption we use on the Internet actually stops the U.S. Government from finding out whatever it wishes although IETF and sysadmins might be kidding themselves that it can. Government can get to the end systems. They can subborn your staff. Etc.
MS language is potentially worse than the default. And there is room for litigation to surprise us.
If you're a true geek, you already know about Star Trek Continues and Star Trek: Phase II
(If you're a true geek and you don't know, run — do not walk run — to watch "Lolani". Your brain and — and more importantly, your heart — will love you for the rest of your life.)
But there's more to it than that. A lot more.
How about the years'-long wait for Act IV of Starship Exeter : "The Tressaurian Intersection"?
Or Yorktown: "A Time to Heal" — an attempt to resurrect an aborted fan film from 1978 starring George Takei?
For fans of old-school Star Trek (the ones who pre-date "Trekker" and wear "Trekkie" as a badge of honor) only since 1969 has there been a better time to watch Star Trek: The Original Series.
(Oh, and there's plenty content out there for you "Trekkers" and NextGen-era fans. It all varies in quality, but it doesn't take much effort to find them. This is truly a Golden Age. It'll have a place in the history books, alongside the Golden Age of Hollywood and the Golden Age of Television. Recognize it and enjoy it while it lasts.)"
Yes. The last stuff I wrote that I couldn't compile today was in "Promal" or "Paradox". My C and C++ code from 1980 still builds and runs.
All of my web development is on Ruby on Rails. That environment has had a lot of development and I've had to port to new versions. So old code for RoR would not quite run out of the box, but it's close.
Popular computing languages do not in general have only one Open Source implementation, and do not get abandoned.
Clearly I don't understand capitalism.
Clearly. Geoblocking is at least partially about market segmentation. The EU is so large that it has extremely major disparities in wealth between its member nations. Consider the difference between Sweden and Romania. If you have a movie and charge a single price to stream it across the entire EU then:
a) Some people will find it incredibly cheap and others will find it still too expensive, just pushing them back towards piracy.
b) You end up having to deal with the tax systems of every single EU country anyway due to the retarded VAT changes they introduced this year, so it doesn't help simplify your business at all, and you theoretically aren't allowed to opt out of serving particular regions due to their horrible paperwork requirements, so being able to geoblock unprofitably complicated regions whilst claiming you have some other reason is quite attractive.
Development with a proprietary language is ultimately harmful to your own interests, whether you make proprietary software for a profit or Free software.
The one thing every business needs is control. When you make it possible for another company to block your business, you lose control. Your options become limited. Solving business problems potentially becomes very costly, involving a complete rewrite.
The one thing that should be abundantly clear to everyone by now is that making your business dependent on Microsoft anything is ultimately a losing proposition. They have a long history of deprecating their own products after customers have built products upon them.
All Open Source licenses come with an implicit patent grant, it's an exhaustion doctrine in equitable law.
The problem is not patent holders who contribute to the code, you're protected from them. It's trolls who make no contribution and then sue.
Of course these same trolls sue regarding proprietary code as well.