So what about all the other gaming apps on the iOS store? Literally thousands of them are specifically designed to get (trick) kids to spend money on them. Apple is more than happy to enable In-App purchases for them and then promotes them heavily through its own advertising on the app store. How is Apple not part of the problem in this whole system?
But what's really amazing is Google, Amazon and Microsoft have all been sued for the same thing too and it still not illegal to have games where kids can spend unlimited amounts and conduct unlimited transactions using obfuscated virtual currencies.
It’s got to start somewhere. Punch the biggest bullies in the yard down and everyone of their comrades will get the point and generally fall in line. Or you’ve got smaller fries to then make examples of on your own time. If you start at the bottom and work your way up the bigger players will just benefit from lack of competition and not see a need for change. The whataboutism is really an argument against change at all than it is a question of tactics.
"There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers (see https://www.usenix.org/system/files/1401_08-12_mickens.pdf, Figure 1)
These types of vulnerabilities should not surprise any security researchers; similar flaws have been found in other embedded systems that have attempted to implement security features. They are the result of simple programming flaws, unclear security boundaries, and insufficient security testing."
- https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-...
>There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers...
ToB is right to say this, but it’s not at all uncommon for very serious security vulnerabilities to be “beyond the reach of most attackers.” Browse through Google Project Zero’s blog for examples.
> These types of vulnerabilities should not surprise any security researchers; similar flaws have been found in other embedded systems that have attempted to implement security features. They are the result of simple programming flaws, unclear security boundaries, and insufficient security testing.
Again, correct. However, that describes most serious security vulnerabilities. I’m a security researcher; at this point I’m nearly immune to astonishment about how bad simple programming errors can be. ToB is not insinuating the impact is small, they’re reminding the community that serious problems emerge from seemingly innocuous failures.
For example, I’ve actually witnessed a two-factor auth and password reset system utterly fail and compromise the login interface. A developer wrote “!= 404” instead of “== 200” for the status code handling logic. They forgot the 2fa microservice would return a “429” after five incorrect codes triggered the rate limiter. It was literally a one-line fix. Mistakes don’t get much simpler than that unless you make a typo or off by one error, but it still allowed every single user’s account to be arbitrarily compromised. These mistakes are extremely easy to make the lower down the stack you go.
Much French cuisine is built around coaxing flavor from inexpensive/undesirable ingredients. Expensive haute cuisine has little to do with the baguette, stew, stocks, etc., of regular food.
With such little information out there at the present I don't believe there is any point to discussion right now. With just unverified speculation, people are resorting to their imagination for any explanation which is never a good idea.
I've thought about this a lot for India as well. To be realistic we would need unprecedented levels of transparency to get the amount of data needed to get usable results. With the amount of nepotism around even constructing a simple network of party heads of each state and related companies and contracts awarded for public work would be valuable.
At this stage we really should think of it more in terms of documenting corruption rather than stopping corruption. When (and if) the system is ready to change the data would be extremely useful to see why things are happening the way they are and work out if solutions would just move the corruption-bottleneck rather than eliminate it.
> At this stage we really should think of it more in terms of documenting corruption rather than stopping corruption.
This is a very good point; often I see people block this sort of discussion by asking "Well, what are you gonna do about it??" Taking this point of view sidesteps that question.
Tell them that documenting will allow better history be recorded. Then you can redirect the argument of "is history as a subject any useful" to external endpoint.
I have always told the same about India. We need to make everything accessible WITHOUT the need of a Right to Information query. Almost every query that is made via RTI should be accessible within a few clicks.
Thanks for linking to the podcast, it was eye opening! Many people commenting here should listen to this before spouting off the same things repeatedly.
It's so frustrating watching people ignoring history and then passionately agreeing with like minded people into tunnel vision solutions.
What is also quite interesting about their platform is that they use Stackless Python for the game logic (https://community.eveonline.com/news/dev-blogs/stackless-pyt...). Their whole architecture is quite amazing for how old their tech is and what they have managed to achieve.
Loved the simple, straightforward language used at the time. Currently even mainstream news sites are are just dripping with way too many marketing terms that don't really mean anything anymore.
Liked how the interviewer was posing tough questions around the failures of previous product launches and around any resentment towards folks who had deemed him incapable of running the Lisa division. Didn't seem like the interviewer was sitting inside the distortion field. Having said that, I must also say that Jobs fielded the questions rather well.
I definitely prefer hg but github has pretty much won war so I'm stuck with git. At the end of the day I'm not going to get religious about version control, I have vim for that :)
That hula hoops bit was a bit... strange. If it were a couple of attractive girls I probably would also find myself staring. I mean, its just not something you see everyday working at an office.
I understand being stared at is uncomfortable too, and they should feel free to do whatever they want of course. It just sounds like how unattractive people "stare creepily" while attractive people "look."
Watching your co-workers as they hula-hoop in the office doesn't sound terribly sexist or out of the ordinary [1]. Hula hooping in the office is offbeat enough that you'd expect people to stop and look And it's certainly not the some kind of 'last straw' sexist incident.
Obviously, what happened is that Horvath was already upset from the weirdness that had transpired thus far - and based on the article, it does sound pretty weird.
Because of this she read a lot of 'meaning' into the hula-hooping that just wasn't there. It's hard to see how this situation could be a last straw otherwise.
[1] i.e. "hula hooping in the office" is out of the ordinary ... watching something out of the ordinary is normal
It could easily have been there. Stop being condescending.
A lot of "normal" interactions between men and women are fraught with creepy weirdness due to the way we're socialized. This is well studied, even if you find the conclusions of those researchers unpalatable.
I think it's a problem if women (or men) start dishing out accusations from projecting something into other people's faces. "They looked leery" - what sort of accusation is that? All bets are off if such a thing is held up as evidence for sexism.
There is a famous early cinema experiment which cuts the same closeup of a face with three different scenes (don't remember, I think a funeral, something to eat, whatever). Each time the viewer interprets a different emotion into the face (sad, or hungry, or yearning, or whatever).
She chose to be upset by falsely matching male co-workers watching (I don't want to use her word, gawking, because it's her subjective conclusion) safe-to-assume attractive female co-workers "hula hooping in the office." Especially none of her business if the girls were aware they had the attention of the gentlemen. Who knows, they may have appreciated the attention.
