The UI was just fine. It did the job. No overhaul or redesign was needed.

I recently switched, on two of my three machines. Haven't switched on the third just because it will be retired soon, and so I've prevented FF from updating on it. I see Mozilla engineers are eager to support my decision to abandon Firefox.

I've used Firefox as long as it's existed. Before that I used Netscape, though I also used IE, Opera, and HotJava on various systems, for purposes of comparison, and I've on occasion tested things with Chrome and Safari. Before Netscape I used Mosaic; before that I used Lync and CERN www. (And of course to this day I occasionally use wget and the like, or just nc for simple GETs.)

Modern Firefox, in my opinion, is horrible. It started becoming horrible with Australis, but at least it was possible to undo that damage. With Quantum, it's not worth trying to use it. A quarter-century legacy thrown away.

They're not selling certificates. The CAs are selling the certificates, which are public documents once they're created.

The "hackers" are selling the private keys that correspond to the certificates.

This is a perfectly sensible, if unethical, business model. The incentive to keep the key private is to avoid diluting (usually to nothing) the value of certificate as a proof of provenance. Someone who obtains a code-signing certificate with the intent of selling the key doesn't have that incentive.

And the headline's emphasis is wrong. As summary and TFA mention, the key finding is that these resold keys are displacing stolen keys for signing malware. And "legitimate" is imprecise, since (according to the research) while the certificates were obtained directly from CAs, that was under false pretense, with stolen credentials. So if the researchers are correct, this is more a shift from stealing signing keys to stealing credentials used to obtain certificates for keys generated by the attacker. That's not new; it's just more common than was popularly thought.

I don't know about Comcast - thank god they're not the provider here - but we have Wow, which is consistently rated at or near the top in US cable-company satisfaction surveys (faint praise, etc). And we pay around $250/month.

That's for a bundle that includes Internet, basic and extended cable, a DVR (which we could get rid of, but doesn't add that much), and some premium channels. No sports packages, as neither of us ever watch the stuff. No phone, which I wouldn't use anyway.

We talked to Wow about getting rid of the premium channels, and the savings was miniscule. The bundle prices nearly eliminate the difference with reduced packages.

We'll probably drop the premium channels soon anyway; we almost never watch them, and have or can get streaming access if we want it. But it won't cut the bill by much.

Now, we have gotten something for it - when Wow took over from the (bankrupt) former provider, they made a ton of infrastructure upgrades. Their service is much better than the old provider's, too. They've made some channel lineup changes I'm not fond of, but frankly as streaming grows that becomes less important, and I don't watch much television anyway. (If it were just me here, I wouldn't have anything but the Internet service.)

But the simple fact is that in many parts of the US cable service is very expensive. If you're lucky, you get a provider that's not run by complete assholes (i.e. not Comcast or its ilk), but that's about it.

Yeah, you can't trust Proof of Stale. There are some decent Proof of Fresh schemes, though.

Personally I prefer Proof of Steak, but it has to be a decent cut. I'm not buyin' into any damn flank.

I'm not sure, but apparently in the future hunters will use one.

Agreed, but it should be noted that they don't have the freedom to set those reasonable prices. Really US postal rates should be significantly higher, unless and until Congress stops stealing from the USPS (via those "pension funding" payments).

No, we already know what the best possible time is for Cancer.

Well, when you start with a bizarre set of axioms...

According to what I read - and I've made no attempt to verify this - the 911 (emergency services call) system was not involved. Barriss called a conventional phone line, a hotline at city hall, and spoke to someone there who relayed his message to the police.

It appears he didn't have an easy way to spoof a 911 call at the proper location, so that aspect of the system appears to have worked in this case. The problem was that it's too easy to socially-engineer an alternative - but that's a difficult problem to solve. You can't have random employees attempt to vet emergency calls, and telling a caller in distress to hang up and dial 911 isn't ideal either.

The police should certainly exercise much more caution when the call comes from a suspect source like this - but then they should exercise a hell of a lot more caution in general.

There's plenty of extant work showing how an irrational radix works, though I wouldn't say most of it is terribly serious. Probably the most often cited example is phinary.

Admittedly, phinary does have the advantage that non-negative integers all have a terminating exact representation in it, which base-pi does not. But this thread isn't about suitability; it's about possibility. And base-pi is certainly possible.

This statement is wrong in more than one way. First, representation does not determine whether a number is irrational. Presumably what you mean is "no integers have terminating representations [in base pi]".

But that statement is trivially incorrect. In base-pi, zero is "0". Zero is an integer.

More interestingly, pi**0 is one, so in base-pi, one is "1". And since pi < 3, two is "2" and three is "3". So all the integers in [-3,3] in fact have terminating base-pi representations.

In base pi, the string "120.3" means (in decimal) pi**2 + 2pi + 0 + 3pi**-1, or about 17.11 decimal. It works just like any other radix. So you have that 1's digit, which you use for integers greater than 0 and less than the radix.

[Why doesn't Slashdot support decent HTML markup like , and entities such as &pi;? Or LaTeX math, or KaTeX, or MathML, or something? What a pile of crap.]

You could load it in your Maglite and have a nuclear incandescent flashlight. Take that, you LED-flashlight bastards!

Clearly this is the best possible use for a reactor in this form factor.

Still too expensive.

You're unfairly maligning oily cardboard. Domino's wishes they could hit the oily-cardboard bar.

Perhaps Domino's "pizza" will be delivered by autonomous cars in five years. My pizza certainly won't be.

Certainly the concept of "open source" has been around for many decades; at the very latest it emerged as the complement to IBM's shift to proprietary, binary-only software offerings in the "unbundling" phase after the Consent Decree. As I recall, when I was working at IBM in Cambridge, MA, not long after RMS formed the FSF and began promoting his version of "free as in the way I think it should be" software, there was much discussion of other provided-as-source-with-liberal-license models for software. (Obviously there was a ton of open-source software available at the time, distributed through various means such as UUCP, FTP, and Usenet posts.)

A quick Google Ngram search shows the phrase "open source" (often hyphenated) was definitely in use prior to 1997, though mostly in the intelligence community to refer to sources of information.

GN is less clear on the phrase "open source software", partly because GN does not handle serial publications well.

In any case, while the participants in the 1998 Netscape Summit made much noise about their supposed coinage of "open source" (see e.g. ESR's page about it on catb.org), we already had a number of terms for the phenomenon, even if they were not always accurate ("public domain software") or disputed ("free software"); and the term "open" was widely in use in the industry for specifications and the like - for example with X/Open (formerly Open Group) and Open Software Foundation, both of which originated in the 1980s.

Claiming that some sea change happened in 1997/1998 with The Cathedral and the Bazzar, the Netscape Summit, the formation of the OSI, etc is typical Matt Asay historiography: "Hey, the stuff I care about is automatically important!". Those events did serve a rhetorical function, providing a nucleus around which the growing commercial interest in FOSS could organize itself. It's easier to persuade the management when there's a consistent vocabulary and they're hearing the same arguments from several sources. But it wasn't any sort of fundamental change - certainly not as important as, say, IBM's unbundling, or AT&T's or BSD's UNIX releases, or the FSF/GPL, or Linux.

Personally, I've long felt Matt Asay is one of those people who knows a hell of a lot less than he seems to think he does. When he was writing columns for the Register they were rife with error, inaccuracy, myth, and dubious opinion.