HackerTrans
TopNewTrendsCommentsPastAskShowJobs

RaleyField

no profile record

comments

RaleyField
·قبل 7 سنوات·discuss
> Every single company did stupid things in the past

Perhaps there is some boundary that shouldn't be crossed. You seem to be arguing there isn't.

Perhaps global and successful companies should exercise some due diligence and have a department that would control quality and firewall wacky ideas.

Perhaps we as CEs should hold companies responsible so that they stop perpetuating never ending shenanigans that this industry is known for. If even we don't boycott bad actors how can we expect normal users to do it.

> Does it mean you should condemn the company for the rest of eternity? Probably not.

If they showed some contrition perhaps? Name and fire entire chain of people responsible for it and donate a year of their net income to foreign FOSS organizations - in ideal world the company should've gone bankrupt, so the penance should be hard. Then I'd be more ready to believe them they would do better in the future.
RaleyField
·قبل 7 سنوات·discuss
> In the end, these devices do ship with Windows, which has privacy problems anyway.

It does, but those are "theoretical" in comparison to the degree Lenovo stooped on, it doesn't excuse Superfish at all. Windows isn't a free for all platform, yet.

> All this is moot, when you put Linux on it, which was the context we were talking about.

_That_ time. I'll copy a response I provided two months ago as Lenovo on HN has become a seriously annoying groundhog day for me:

I can't know that whatever harmful and irrational environment that led to Superfish in IdeaPad won't affect ThinkPads in the future. Even in the most generous understanding where IdeaPad is a different, physically separate branch of the company, and Superfish was an act of incompetence and not outright malice I can't be expected to keep up with the insider intrigue of the company to notice any changes that could negatively affect me. More importantly, leadership is still responsible for setting irrational environment that lead to Superfish, whatever that environment was. This is a multi-billion dollar company, there is no excuse for such incompetence.
RaleyField
·قبل 7 سنوات·discuss
> want to be in control of their data and devices,

The other day there was a thread on HN about which laptop is great for Linux. Tons of people recommended Lenovo, a guy from Redhat said it's even the brand that's used internally and I got a little depressed and smh. Nobody mentioned superfish. Those glorious days of Linux are gone.
RaleyField
·قبل 10 سنوات·discuss
> It look completely like MS Windows.

I prefer taskbar from 7+ and in my experience only KDE can mimic it, albeit clunkily. From screenshot it seems Mint is closer to XP. I think GNOME can be beaten to look more familiar and I can tolerate it. At least it now respects Windows key convention and runs its search functionality.
RaleyField
·قبل 10 سنوات·discuss
And unless you are using your computer only for media consumption it's also unethical because you are only delegating that insecurity onto your customers/users.
RaleyField
·قبل 10 سنوات·discuss
> if you enable the "window list" plugin for shell

And add minimize/maximize buttons and applications ("start") button. I have no idea why Gnome has to experiment, they have lost so many users unnecessarily. At least it's configurable to something sane. They are far from catering to the same feature-averse audience of iPad so there's no use in trying to (poorly) emulate its minimalist design language.
RaleyField
·قبل 10 سنوات·discuss
> So, functionally, is there any real difference between using Mint's ISO to install-from-scratch versus using you're preferred distro of choice (Ubuntu/Fedora/FreeBSD, etc.) and installing the Cinnamon Mint desktop on top of it?

No. Switch to another DE. Cinnamon is developed by the same gung-ho cowboys that develop Mint so that's a poor indication that it's managed any better than Mint itself.
RaleyField
·قبل 10 سنوات·discuss
> I realize they have not taken security seriously in designing their delivery mechanisms. However I do not care.

I hope then that you don't use you computer for developing software or for work or anything remotely important, because otherwise using insecure software is most egregiously unethical towards your users/customers/employers because you are consciously choosing to exposing them to unnecessary risks.
RaleyField
·قبل 10 سنوات·discuss
> Seriously, with the rotten-ness of the US patent/copyright/political system

I've gotten this vibe on Reddit, but it seems people seem to be against copyright unless it's Youtube not enforcing it vigorously enough when it comes to small channel owners getting their content stolen. Then suddenly everyone appears to be for copyright laws.
RaleyField
·قبل 10 سنوات·discuss
> No consumer OS since Windows Me logs in with a system account by default.

About that.

> It’s important to be aware that UAC elevations are conveniences and not security boundaries.

https://technet.microsoft.com/en-us/magazine/2007.06.uac.asp...

>unfortunately, this is also where we run into some of the limitations of UAC. Remember, there is no effective isolation; there is no security boundary that isolates processes on the same desktop. The OS does include some protective measures to keep the obvious and unnecessary avenues of communication blocked, but it would be impossible and undesirable to block them all. Therefore, Microsoft does not consider breaches of that nonexistent security boundary to be security breaches.

https://technet.microsoft.com/en-us/magazine/2007.09.securit...

In default and probably usual configuration UAC does not represent security boundary between medium-il (user) an high-il (equivalent of linux's root). Only if you bother to run under non-admin account are you protected from escalations.

Leo Davidson then provided demonstrations of privilege escalation between those two integrity levels without triggering uac.

I haven't checked Windows 10, but at least until Windows 8 most machines running Windows had been running most software effectively under root.