Saying that you are an employee at X company and make X dollars is giving away both your salary and corporate information.
The key is not involving the company. Share your salary as much as you want, but don't go on social media and say 'I work for X' unless you are actually their representative.
A company can’t tell you to not share your salary - it’s protected behavior. Whether you do that over a megaphone in the park or over TikTok they broke the law by firing her.
You can absolutely say "I work for X". Otherwise resumes don't work, forget LinkedIn. Telling people you work for X is not the same as claiming to represent X.
The exception here is executives and maybe in some instances management, where they need to be careful what they say because anything they say may be construed as representing the company. But having on your social media that you work for X and having other posts where you talk about normal social media things? 100% fine as long as your don't say something along the lines of "I work for X and our official policy on Y is..." (i.e. claiming to represent them)
Well that’s the point. While it’s perfectly possible to build a poor app in any language, it’s almost impossible to build excellent app in cross-platform framework. The reason why you recognize them almost immediately is that there are some people obvious annoying details - scroll lag, non-standard UI elements, non-standard navigation patterns, you can just immediately feel something is wrong, even if you are a normie. It can be partially compensated by the app having some other great benefits.
I disagree about scroll lag. There are plenty of WebView apps (and websites obviously) that have zero scrolling issues.
Non-standard UI elements is something I don't personally care about. Some people do, but I think this is an issue that is often overstated (or perhaps rather overestimated as a factor) by platform enthusiasts.
What does matter a great deal to me though is launch speed and battery usage. Mobile apps are often used for short periods of time. They must launch instantly. And battery is the scarcest resource in mobile computing.
Nobody will voluntarily use an app that is slow to launch and shows up at the top of the battery usage table in spite of only having been in use for a few minutes.
As a developer, these are the issues I would like to learn more about in respect of any new cross-platform technologies.
> While it’s perfectly possible to build a poor app in any language, it’s almost impossible to build excellent app in cross-platform framework.
100% this. Cross platform frameworks will always fall into a weird uncanny valley where there are just things that are subtly off about apps made with them. Most of the user base may not be able to pinpoint exactly what's wrong with such apps, but I believe they still notice on some level.
I usually don't notice or care, unless they haven't put any effort into it. Now that I'm thinking about it, there are a few that I suspect aren't native, and I don't get bad feelings from the apps unless they are badly programmed and the functionality doesn't work.
What I mean is they don't actively consciously care. They have better things to do. But they're not immune to perception. They do have some impression and experience that they're also likely to be able to express in the form of feelings.
Even the best Flutter apps feel awful compared to a decent native iOS app. Which honestly sucks, because I much prefer writing Flutter apps to anything else.
This concept is not about explaining things in terms a 6 year old can understand.
It's about understanding the subject matter well enough that if necessary you could simplify and elaborate on topics to bring your audience to your level of understanding.
(i.e. - understanding your subject vs. being able to recite facts)
You really come to terms with how well you know a subject when you sit down and try to teach it to someone else.
Author here. Yes simply editing my hosts file would have been much easier. The reason I went the longer approach of setting up the payload on a remote web server was because there is the concept of security zones in Internet Explorer. Visiting localhost in Internet Explorer gets treated with a different level of trust compared to randomwebsite.com. For example, if you go to your security settings in Internet Explorer, there is an "Internet" zone but also a "Local intranet" zone. If you compare the two, you'll see they have different security settings. By hosting the payload on an external domain, we ensure that we are simulating an identical environment that existed for the attack (and are not subject to a different level of trust).
Editing the HOSTS file has nothing to do with where the resource is hosted. It just allows you to control name resolution without doing it in DNS. Internet Explorer security zones work the same way irrespective of whether a local HOSTS file for DNS resolves the name.
Yes, but at the time I already had an existing domain with a web server I could use. You are correct that I could have setup a separate site for hidusi[.]com and then point the domain directly at my web server's IP, but since I already had a domain/web server configured, it was much easier just to swap the domain in the document.
I can assure you the answer clicked before my research ever started. Unless I am using web server software that responds with one site for multiple host names, you generally need to configure each host name that might be used with your web server as a different "site" (i.e Apache) / configuration. I could have simply edited my hosts file with hidusi[.]com pointing to my web server and created a separate site configuration to serve the hidusi[.]com domain with the second stage. What I was saying in my last response was that instead of using my hosts and having to create this new site configuration (or modify existing with an alias), I could just swap out the domain in the document and use my web server's current state without any additional modification required. It was simply more convenient to change a single domain rather than update my web server's configuration to support requests for the hidusi[.]com alias. There is no significance to using the original domain for serving the second stage, I think you all are all just overthinking it :)
All web servers respond to all hostnames. It is the default unless you have configured it otherwise.
In the event you are doing virtual hosts in Apache, you just add a single line:
ServerAlias www.example.com
And your webserver will respond when queried via this hostname.
So, even in the worst case scenario, we are talking about two very basic lines of text to accomplish your goal.
The whole setup should take about 60 seconds.
I am not trying to say that your approach is wrong, but just that there is a much simpler way to go about accomplishing this goal.
As far as "overthinking it".. I think we are going to have to disagree here because I am unable to see how your method of reverse engineering can possibly be simpler than something that takes practically no time or effort.
At any rate, this is not an argument, I just want you to be aware of your options as you continue your research.
I wish you luck as you continue exploring, and thanks for the writeup :)
I don't know if Iceland follows in lockstep with the rest of EU monetary policy but here in Denmark, they take your money another way: negative inflation applied to comically low limits (100,000 DKK) equivalent to $15,000 USD.
And if an airline that actually has passengers gets the slots, that’s worthwhile. That Brussels would give unused slots to someone else that lacks passengers too would be a silly thing, the kind of silly thing that’s all too likely too.
I’m not saying it’s a good rule to have at this juncture. But what’s good for Lufthansa is not necessarily good for the world.
Inspire is a better word than force. Or choose.
Burning money to keep competitors away from resources is anti-competitive.
Businesses come and go. I admit I don’t know how many gates Lufthansa acquired when competitors went out of business or were acquired by them, how many have been theirs since each terminal opened. Since in the past they were smaller, it is obvious that gates are something that can be acquired. Maybe not on the ideal schedule, but such is life.
Brussels Airport has plenty of expansion planned. Airports get bigger over time, not smaller.
Your analogy doesn't hold water. This is your garage, and you'd lose the rights to it by not using it.
A better one would be:
You have a reserved parking spot near a nice beach; but you will have to visit this beach at least 20 times during the summer or you will lose your reservation.
Does this make sense? Depends on your goal. If you want fair access to the beach for as many people as possible, no. If you want a smaller number of regulars that will spend many days at the beach and might be more willing to maybe buy some ice cream at your chiringuito, yes.
The actual problem also translates well to this analogy: You might drive all the way to the beach only to park for 10 minutes and drive back, only to keep your privilege for those days where you really want to use it.
Your analogy is slightly better, but even then it still misses the whole idea of hubs and connecting flights, because it's not just your trip to the beach, it's a whole network of cars trips to the beach that also depend on your trip to the beach in order for the system to function.
Once you start removing trips and other people take your parking spot, you don't always get your parking spot back or even one close, sometimes you might have to find all your cars a new beach to use.
You may find reasons to favor yourself, of course. But if you’re just diddling around not making use of your slots, and someone else can be, the greater good is served by opening up the spot for someone else.
The decision is on me. If the environment is actually important, I drop the space. If I’m spending the next year just driving aimlessly to keep the space, I don’t really need it.
Please quote the text of the article which claims they are being forced to fly? In fact you do claim it’s the company’s decision that this is the best course of action, acknowledging the alternative that’s plainly available.
Yes, there is the “or lose it” option. There is no forcing. They have the option. I can understand that they don’t like the rule. But to say they are forced is like saying your friends forced you to to go to a movie with them. It’s not forcing in any way.
That option is to lose their slot, if they lose their slots, they will probably lose an entire hub on their network that they can not regain.
It's not like you can just buy these slots back. In fact, slots are valuable for the simple reason that they can not be bought and sold. (unless airlines consolidate, and even then these transactions are heavily scrutinized)
You're basically saying it is better for them to tank their business so another airline can steal the slots from them.
And do you know what the competition will do? They will keep that slot at all cost regardless of whether their planes are full or not, because this is how airlines maintain their network.
Please consider familiarizing yourself with airline network operations before speaking authoritatively on the subject.
I’m well aware. It’s still their choice. It is absolutely a choice for them to behave this way. Why would any of us take the side of Lufthansa over the side of another airline? Possibly one that is actually flying passengers around? I’d respect them more if they said “we actually believe it’s a stupid idea to burn fuel pointlessly, we’ll take the side of the world’s good over our own medium-term interests”.
Sharing your salary is one thing.
Saying that you are an employee at X company and make X dollars is giving away both your salary and corporate information.
The key is not involving the company. Share your salary as much as you want, but don't go on social media and say 'I work for X' unless you are actually their representative.