Crazed gunman? Come back later. Crazed gunman with a kid? Come back later. Crazed fugitive gunman with a warrant out, with a kid, threatening to kill police? Let them settle down, come back later.
There was outrage in my town over a standoff with a guy (with kids) who was having attempted to be served on him by the cops for the dozenth time after a year on the lam, for driving drunk and unlicensed while out on bail for a previous serial drunk-driving arrest. He shot at the cops, screamed that he wouldn't be taken alive, and the cops secured the area, and the guy shot himself in the head. People said they should have left and come back later.
What kind of moving goalpost is that? Chrome 1.0 came with Incognito built-in. Safari had it for three years. Because there may have been a plugin for Firefox a few months before Chrome's release, and followed IE in shipping it, it's the superior privacy option?
Ok, you got me. What I said was nonsense, taken literally, I was being lazy; you're right, Chrome's heavily multithreaded too. But, there is process-level separation both between tabs/browser contexts with information of differing security sensitivity, and between nasty stuff like parsing and rendering versus basic UI etc. All the good defense-in-depth sandboxing that others have alluded to, that is the stuff of many papers.
Yep, Webkit dates to 1998, and Firefox (2002) was such a radical departure from Mozilla suite it's more than a little ridiculous in 2016 to handwave Chrome (2008)'s advantages as "greenfield." Microsoft just released a brand spanking new browser. Firefox is a great product but it's deficiencies are its deficiencies.
It's been my experience over the past couple of years dealing with ugly web-apps that abuse JS, have huge DOMs, thousands of tiny images etc., that such abominations (hacks) will run reasonably well on Chrome while verging on unusable in Firefox. This is from someone who was ideologically wedded to Mozilla for years, and more or less refused to use IE regardless of how good it got; I switch to Chrome basically solely on the basis of performance; secondarily the strength of dev tools and the impressive security model.
It's freaking sad that Firefox is stumbling out multi-process in 2016. This has plainly been the way to go for years. Multithreading is a disaster, it's just not a workable model for browser-scale applications.
But hey, if they could recover Firefox from the ashes of the bloated disaster that Mozilla Suite became, I have hope that the community can catch up eventually. Maybe.
I see your point, but they don't leapfrog Chrome in privacy when the browser is pwned and leaks its entire process state to an attacker.
Any browser is a massive, rich attack surface with bugs, but Chrome has been cutting edge in its sandboxing, privilege separation, and overall security.
True, Chrome is and has always been a Google marketing vehicle, where the user is the product. But has Mozilla always been at the forefront of privacy, even? Something as basic as private browsing, let's see:
April 29, 2005 Safari 2.0 Private Browsing
December 11, 2008 Google Chrome 1.0 Incognito
March 19, 2009 Internet Explorer 8 InPrivate Browsing
June 30, 2009 Mozilla Firefox 3.5 Private Browsing
Apple, Google, and Microsoft all beat Mozilla to the punch.
I subscribe to Ting and I'm happy with it. But, while very good, it's far from unique. I came in from another Sprint MVNO that was very good but slipping in value proposition. An MVNO is almost by nature a precarious thing. Major telecom? It's a subsidiary of Tucows, which will to me be forever be linked to '90s shareware downloads, its listing is basically an accident of the dotcom bubble, and it has a market cap of < $300 million. I'm guessing their domain name line easily rivals Ting in value. Healthy in its niche, but no major force. By comparison, Frontier, a smaller RBOC, is worth $5.6B, frigging T-Mobile is worth $9.5B.
Love Canal is not a city, it's a neighborhood of Niagara Falls, roughly 16 acres of the worst of which is fenced. Since the toxins have been buried probably nothing would happen unless you went digging around the soil and eating with dirty hands; or maybe spent a few years living in a tent above it.
You've given one example; SELinux. Did wheezy ship with SELinux enabled? No. So how is that a step backwards? It would have been a step backwards if they shipped with it enabled and it was half-assed. SELinux is notoriously hard to get right across the board. See how many Fedora solutions start with "turn off SELinux." Shipping jessie without SELinux enabled was the right thing to do, if the alternative was: not shipping jessie; or shipping borked jessie with borked SELinux support on by default. Those who know what they are doing can turn it on with all that entails.
You gripe about kernel 3.16 LTS but provide no support for your statement. With a cursory search I can't find any. If it was such a big deal I have to assume I would. For my part I use Jessie on the desktop and server and have not encountered these mysterious kernel problems of which you complain. Again, you may have wished for some reason that they shipped with 3.18 or 4.x, but they shipped. They have 10 official ports and 20K+ packages to deal with, I'm sorry they didn't release with your pet kernel version. Again, those who know what they are doing can upgrade jessie's kernel themselves if they are wedded to the new features.
Or Salt? All that and simple YAML flavor by default. I mean, nice work, but I don't see any holes in the ops space that this fills, and there's already a proliferation of tools solving the same problem. I like that the MIT license has fewer words than Apache 2.0, but otherwise I see nothing to buy into here.
Scanning this site I feel déjà vu like I am looking at an incipient, less mature version of Salt with fewer features.
You didn't look at the giant photo of Milk in his naval officer's uniform under the headline in the linked article? He served voluntarily under commission in the Korean War. You're going to need better than a bald assertion to assume the Navy is doing one of its own a dishonor.
Emacs unexec is mature (by decades), ported to 11 operating systems. CRIU is Linux-only, more or less experimental, and not included in mainstream stable distros. Does that answer your question?
Oh cut me a break. The glibc "community" consists of a cabal of developers who won't fix broken for good reason and break userland for bad reason all the time, admit no wrong, and bring gaping security holes to entire platforms every couple of years. Uri Drepper was the tip of the iceberg. Nothing changed.
unexec is hairy, but it's mature, greybeard hair. It is no worse than any JIT, for starters.
Besides local iptables you can forward the port at the firewall level. Many people (myself included) have observed failed ssh logins going from many thousands daily to on average zero just by changing the port on a netfacing server. Of course a determined hacker who is after you can trivially portscan. But why not block all that noise and a huge percentage of shotgun attacks? If someone is out just to find servers to root with a new zero day they're liable to spray the net searching on the target port rather than portscanning all IPv4 space. Why not buy yourself some free time?
It is basically zero inconvenience to add an extra argument or shell setting.
Hydrogen is low energy density and next to impossible to contain or transport without lossage. These are major barriers to commercial adoption absent a breakthrough, laying aside the problem of generation.
Ships must abide by flag country laws in international waters. There are treaties that cover most states. Compliance is an issue now though to say the least.
Solar aircraft at this stage (large, slow) have to stay in the sun, are sensitive to wind, and require periodic maintenance. In principle what you describe is basically the goal; aviation equivalent of a nuclear submarine that can stay in flight for weeks, months, or more.
Crazed gunman? Come back later. Crazed gunman with a kid? Come back later. Crazed fugitive gunman with a warrant out, with a kid, threatening to kill police? Let them settle down, come back later.
There was outrage in my town over a standoff with a guy (with kids) who was having attempted to be served on him by the cops for the dozenth time after a year on the lam, for driving drunk and unlicensed while out on bail for a previous serial drunk-driving arrest. He shot at the cops, screamed that he wouldn't be taken alive, and the cops secured the area, and the guy shot himself in the head. People said they should have left and come back later.
Makes a lot of sense.