Not to mention it just creates another place to attack civilians. All lined up, lots of luggage and other people around to trip over, tired and bored passengers who have been on their feet for awhile.

What about tacticians, logistical support personal, medical staff, etc?

I think there's a lot of jobs that war would select for that don't involve killing. Early man interested in treating wounds would study the human body and try to repair it, as one example. These valuable and intelligent humans would be promoted just like today's .mil and be more likely to procreate.

While this is true, the developer implementing this can still make a mistake. I've seen (esp. on long multiline queries that get modified over some time), a mix of prepared variables for things like userids and string concat for things like table names but the dba or the dev doesn't realize the attacker has control over the table name due to how they are handling user input on that particular endpoint. Maybe the table name is passed in on one endpoint because it's old and janky. Then it fools people because they see it's a str passed to prepared statement func and assume it's safe. I've seen this in some place in a large number of the apps I've worked on.

If you have to let the attacker control a direct substring of SQL, then use a whitelist of allowed characters – for tablenames, [a-zA-Z0-9_] is usually good enough, and then put that in quotes (as some databases reserve keywords such as "user" or "password", which is bad if you want to name columns like that).

I’ve had quite a few codebases I’ve worked on where I had to replace naive code [1], and until now, it’s always been easily possible to ensure that the entire space of possible inputs is limited enough to prevent SQL injections.

Sure, there are rare projects where you have to do such very complicated systems, but for 99%, it’s possible to get guaranteed protection from SQL injections.

    ________________________

1: "db->query('SELECT 1 FROM users WHERE username = "' + $_POST['username'] + '" AND password = "' + md5($_POST['password']) + ';"');" was real code I’ve seen

Not just that, but the government has leaked millions of database records on everything from top-secret clearance holders to medical records to you name it. Their security posture is insulting.

Agree with the price, especially being limited to 16GB of RAM. Often times I need to run a couple VMs, editor, browser, etc. etc. 16GB just isn't enough, especially with containers and VMs in the mix.

The reason 4k monitors only support displayport is because current HDMI can only do 4k at 30hz. DP is a better cable with more bandwidth. Expect DP to overtake HDMI in the future.

I have a Vizio P55-c1 on my desk and with a GTX1080 and a BlueJeans HDMI cable, it works fine at 1080p@120hz or 4K@60hz. It's HDMI 2.0, so another case where just because it plugs in doesn't mean it'll work: https://en.m.wikipedia.org/wiki/HDMI#Version_2.0

> Instead he just dumped it all to the world

Sure you're not thinking about someone else? Snowden gave his files to journalists, not WikiLeaks.

I see this misconception all the time -- a teacher of mine (who is generally reputable) was absolutely convinced Snowden had given the documents to Anonymous. I wonder what's caused that.

Old people aren't quite as tuned-in to the technical realities of the internet and its in-groups and out-groups.

The premise that "there is no anonymous" escapes 4 out of 5 people I talk to. It takes very careful explaining, to bring people to the understanding that their are hacking teams with names, that get away with things, and the things that those named sub-groups manage pull off are perpetrated by "some unknown, anonymous group of people" until evidence demonstrates who done it.

Because of this, The Proles (people who aren't paying close attention) often confuse the premise being a simple anonymous tipster with being affiliated with the fictious premise of an organized, regimented imaginary hacking group that possesses a rightful claim to the mantle of "Anonymous" as if it were Batman.

Then media outlets exploit this cluelessness, to sell advertising, by drumming up exciting click-bait that perpetuates the false narrative that there is a movement called Anonymous, rather than the prank call it really is.

Wow... I was under the impression that he had given them carte blanc to WikiLeaks too, an action I thought warranted punishment. I have no idea where I picked that up. Maybe a subconscious association made over time somehow?

I, uh, don't happen to understand where... precisely, that real people paid with their lives, due to these leaks.

From where I stand, he released Power Point slides to journalists, outlining the broad strokes of some programs and projects.

He did so in a way that proved there were deep flaws to be found in the manner in which the NSA secured itself. Had he not proven these flaws by demonstration, those flaws would likely have persisted until, instead of merely having its pants pulled down in the middle of the street, the NSA might have been stabbed to death for its wallet.

Why listen to me though? This very document even says they still live with the hazard of another Snowden coming along and pulling another Snowden. It is, in fact, the conclusion of the document we are discussing right now.

The problem with your rant is that people have different opinions on what is "good". You would probably hate my setup because it's a tiling WM with nothing. No conky bar, no date/time in the bar, no power monitors, etc. But it works the best for me because I don't like any distractions at all.

Linux gives you the freedom to choose the environment that suits you personally best. Windows doesn't give you ANY choice, and it's still bad! If you like to be told what is good and make no optimizations for your personal workflow, more power to you. But don't go saying that Linux is "not the right answer", that's just silly. Works on my machine :)