I was literally actually thinking of this just the other day. Alcohol now gives me intestinal liquidity, possibly a result of too many years of 3-4 beer a night. And I couldn't figure out how an entire populace raised on the stuff wouldn't have had larger issues with beer than with water. I was thinking there had to be something I was missing about what I was taught (and I was taught it in college).
It's worth noting that beer hasn't exactly had a uniform makeup throughout history. The kind originally made in Mesopotamia and given as rations to soldiers was much more nutritious than the kind we drink recreationally now.
I've been reluctantly repeating this "fact" over the years. Although I've always been concerned about the rampant hangovers and dehydration that would have occurred as a result of drinking so much beer. The fact that this is not a fact makes more sense.
Yea, that's about the worst advice to give a programmer/hacker. The "maybe I can try this" and "I wonder if I could do this" is the core of my world. I've been told by actual engineers that things I wanted to do were impossible, but I played, and did the impossible. Play with your code.
I find it hard to really understand certain things: design patterns, data structures, and sometimes algorithms, without trying them.
I knew a very, very bright person who could come up with some great and clean code. He definitely understood the problem and his solution was "optimal." Problem, before he even started coding he did an insane amount of research. Not just learning syntax, common patterns, etc.. but to the point of memorizing the entire standard library and reading several books on the problem domain before even beginning with some hash-it-out code. This wasn't for hard problems, just simple CRUD apps (for the most part.) Made it impossible to work with him as a team member.
I'm not seeing the drawback to him. It may have even worked out to his benefit, as over time his knowledge of the craft would grow out of proportion to the rest of his team, say, who were solely focussed on getting things done.
I must say I'm really curious. What was his career trajectory? Has he been successful since?
This is great, but if you use a password manager, it's very difficult to determine which, if any, of your accounts would be compromised. For myself, this would just be doing a dump and looping a few greps. But for family and friends, does anyone have any ideas for a less technical audience?
If you're using a password manager and thus -- I hope -- using a different password for every service, it doesn't really matter if one service gets compromised. The compromised service in question will (hopefully) force password resets for all affected users, and the compromised password is useless elsewhere.
Instead of responding to breaches, I would recommend an annual (more frequent is better, obviously, but I think annual is fine) cycle of rotating passwords. Just pick a day and spend it replacing passwords. As a side effect, you get a mental update on exactly what identities you're managing and whether or not you want to modify or close them.
This should be fairly straightforward even for non-technical people, if they've got a grasp on actually using the password manager itself. The hard part is (1) getting the list of identities, which isn't too hard if you're hand-holding, and (2) actually remembering to do it. (Which is why annual is nice. You can peg it to a holiday you already celebrate, or substitute it for one you don't. Halloween, for instance, because breaches are scary? Or something.)
Bonus: if a breach happens that actually feels scary, just do the rotation ritual ahead of time. Not that big of a deal.
1password has a limited ability to warn you of compromised passwords. they maintain a database of breaches that they warn you about in their client. the warning, however, is much less prominent than it probably should be
Agreed, the value of magic fades very quickly when you're trying to to retro-implement complex SQL query from Stackoverflow into "smart query" language.
Why not, I'm talking about a construct that doesn't exist. A SQL literal string can be stored and auto parameterized prior to interpolation. You see the :int isn't the name, it's the parameter/type safeyness that any good dev would want.
I don't have time to look, but when I signed up, I was given the option for a free trial and the option to spend $500+ depending on the package. I'll have to look closer, but I suspect this is xaraminesque.
That's pretty awesome, now if I can fins a decent terminal browser that supports javascript and vim keybindings and the equivalent of chromes devtools, I can spend all of my time in the terminal (save design of course, but that wouldn't even make any sense). It's probably unreasonable to think that I'll fin that, but I'll keep looking.
I'm thinking it's quite handy for a quadriplegics, those with learning disabilities, children, elderly, arthritis sufferers, parkinson's sufferers, thalidomide sufferers, disable in general, etc... Just because it's not useful to you doesn't mean that it's not the number one feature in someone else's life.
Sure, I'm not saying it shouldn't exist. If it's a feature you want, then you need to accept the fact that it has to send data to a remote server in order for it to do the thing you want it to do. If you have concerns about privacy, then disable it. I don't see the point of all this hand-wringing about "OMG Samsung is spying on me!". Like there's somebody listening on the other end, waiting for you to start reciting your bank account info in the living room so they can pick it up, you know, like how people sit around in front of their TV doing that, right?
Well, I frequently see the people mentioned above, especially the elderly needing help with their phones or email or online banking, and giving their passwords to a trusted family member thinking that they are the only ones listening. So yea, it happens, a LOT. And big companies like Samsung and Sony never get hacked, right? MITM never happen, that's jus fantasy, right?
If that's a concern, you shouldn't use any online service at all. There's nothing special about voice command that makes it more susceptible to being hacked than every other service that you use every single day. In fact, it's a great deal more difficult, because now the attacker has to have an equally sophisticated voice recognition system at their disposal in order to interpret the intercepted data.
Besides, when they can hack the database itself and get a list of what they know to be passwords, why wouldn't they just do that instead of hacking a bunch of voice snippets and combing through them hoping to maybe find where somebody said a password. It's stupid.
These aren't even logical arguments. I've presented use cases where voice recognition may be the only feasible way to interact. Is a voice recognition server's security as secure as my banks? Seriously, I'm done arguing with someone who fails to rebut logical arguments and just doubles down on a fairly ignorant position.
If you're just going to make up your own things that I said, there's not really much point in me saying anything. How am I marginalizing anyone? I never said anything about voice recognition not existing or not being used. In order for it to work, it needs to transmit data to a server owned by the company providing the service. That's just a simple technological fact. If they're going to use it, they need to weigh what I think is a vanishingly small privacy risk against the benefits they get from the service. Just like you have to do for literally every online service in existence.
People can use the service and come to terms with that fact or they can not use it. If they choose not to use it, they need to live with the consequences of that decision. If it means they have no other way to access some service, then that's something they need to take into account. I can't think of any service in existence that can only be accessed by voice recognition instead of having an phone representative, physical branch, or other options. If you really, really need to access your bank account, there are plenty of options aside from speaking to your smart TV. Nobody is getting marginalized here.
>In fact, it's a great deal more difficult, because now the attacker has to have an equally sophisticated voice recognition system at their disposal in order to interpret the intercepted data.
Or you just pass the data to Siri or Cortana (or whatever microsoft is calling it). Protecting against hacking is defense in depth. If the database is well protected and monitored, attack the target that is not well protected and monitored.
