Pottering doesn't work for MSFT, he works for the 3 letter agencies. Considering that MSFT would probably be a step up on the trust scale. Where does Pottering get his money? Red Hat...okay so where does RH get THEIR money? NSA,DoD, FBI,CIA, DoJ, something like 85% of their income is from
The trouble is Android's permission model is crap. If an app has a feature that requires a permission the app may need at any point in the future, it has to be approved by the user at install time, and the app cannot control how the permissions are described or even explain to the user why it needs that permission. And lots of innocuous permissions are bundled up together non-granularly with scary dangerous (or dangerous-sounding) ones, so the app only needs EraseBunnyDrawing permissions but to get that it has to request KillFamily permissions, which doesn't actually mean kill *your* family, it means kill a process family, but all the user sees is "Permission to kill family members without warning" and OH GOD WHY DOES AN APP ABOUT DRAWING FLUFFY BUNNIES REQUIRE MY FAMILY TO DIE?! THIS APP SUCKS!!!!!!1111!!!!!oneoneonetyone1!!!
And then the story hits TechCrunch, where it's summarized so that it sounds like there have been actual deaths of family members, and then the mainstream press and the Today show start calling the app developer asking "Why are you a horrible person whose app killed little Stacey's favorite uncle??
And all because Google can't get security UI right.
Read Google service configuration.
Modify system settings.
Full network access.
I've bolded the last three because there's no reason for them.
Sure there is. If Uber is doing anything that can't (or for some reason they they don't want to) be handled over HTTP, the app will need full network access. (I don't know what the Uber app uses it for, but apparently WhatsApp uses it for IM communications with other app users.) "Modify system settings" is apparently (per the linked explanation from WhatsApp) the only way to get permission to read system settings. "Read Google service configuration" (again, per previous link) is used for interacting with Google services like Maps, which you can easily imagine why Uber's app would want to do.
The researcher found Uber was SENDING ALL OF THIS BACK TO UBER'S SERVERS.
Sorry for yelling, but it's an important point.
NO HE DID NOT.
Sorry for yelling, but it's an important point.
Go back and read the original GironSec blog post where he even acknowledges explicitly what he (inexcusably, IMHO) failed to do -- that others did after him and surprise! found nothing especially amiss -- before he wrote an inflammatory blog post based on supposition, conjecture and ignorance of context.
> Gregory Perry
> Chief Executive Officer
> GoVirtual Education
> "VMware Training Products & Services"
So I'm seeing a chain of thought like this:
"I'm a bit player in the VMware training market. I need to get my name out there somehow if I want to expand. Maybe if I can make somebody big like Scott Lowe look like an idiot... Hmmm, he's been pushing OpenBSD lately, and I bet Theo still remembers me. Maybe if I concoct a story that Lowe is complicit in some kind of subversion of OpenBSD, Theo will want to get to the bottom of it so he'll tell people about it -- and then no matter what, people will just remember that Lowe was rumored to be doing something shady."
Also, as another poster noted, government NDAs regarding something like this (which would be considered classified info) never "expire" (until the info is declassified, and then only to that extent). So this guy is either lying, or violating federal law, by making this claim. He doesn't even know that EOUSA is a parallel division of Justice, not "the parent of the FBI", so my bet is on "lying".
The IRS could have built their own website 15 years ago if they wanted, but one feels that they've gotten so cozy with HR Block, Turbotax, Legions of CPAs, etc... that they didn't want to rock the boat.
Actually, back inthe day, the IRS wanted to do exactly that, but the entire tax industry screamed "unfair competition" and threatened to sue. Ultimately the IRS agreed to not do its own tax software, but only if the industry collectively would provide free online filing to a certain increasing percentage of Americans each year.
Perhaps we should have hired the Israelis.
One of the subcontractors was Kollsman AG, a subsidiary of Israeli firm Elbit, that makes their border cameras.
...but did they have to pick the worst possible shades of purple for the wallpaper? It's not a "light" pastel wallpaper, it's not a bright, energetic wallpaper or a deeply-, richly-colored wallpaper. It'a wallpaper that looks like it's sat in a corner fading in the sun for a year or two, at least on my screen.
One of the things I like about Windows 7/Vista is the more aesthetically-pleasing colors in the default theme compared to XP. Hell, half the reason I first installed compiz + emerald years ago was because the themes I saw in screenshots looked bright and inviting as opposed to the themes included with Ubuntu. (OK, and because the desktop cube and wobbly windows are AWESOME SQUARED.)
I have suffered similar frustrations to tux0r, most recently in trying to tweak the parameters of my xorg.conf so I could make my CRT look nicer (timings and such make a huge difference as to whether something like 1400x1050 looks good or like crap on a 17" monitor). So, xorg.conf exists, but it's barebones -- so unlike every "hard-to-use" Linux distribution I've used previously, I have to go through the extra step of generating the xorg.conf file and then editing it. How hard would it be for Ubuntu to auto-detect the hardware and then SAVE that config where it's actually tweakable?
I get the sudo thing, but there is still software out there that assumes the root account exists and has a password (I forget what it was but just recently I was installing something that made that asumption).
And finally, tux0r's point wasn't that it took hours and hours to find out about generating xorg.conf. It was that it took hours and hours to find the answers to many problems that he should not have had to deal with.
Ubuntu is very good at getting you to "good enough to use", but very bad (and getting worse) at allowing you to go past that to "works as well as it possibly can". Some of this is probably GNOME's fault, but the Ubuntu devs often seem to be of the same mindset as the GNOME team, which may be why the Kubuntu folks are starting to chafe -- I've tried Kubuntu more than once (most recently after the gdm "the old themer is dead, the new themer is yet to come" fiasco) and it does often seem to be an afterthought to Canonical.
When you pay property tax, it isn't yours anymore. You rent it.
Ridiculous. Somebody has to pay for the services that maintain your rights as a property owner -- things like police, fire, courts, etc. Property ownership does not exist in a vacuum, and somebody has to pay for those most basic social services. Thus, property tax.
Your argument is as ludicrous as suggesting that you don't own your car because you have to pay to put gas in it.
Power corrupts. And atomic power corrupts atomically.