I have a static IP at home. I use my Pi to enforce IP-based access restrictions on most sites that allow it. I use ssh's built-on socks proxy (-D on command line or DynamicForward config option) to do this. Firefox and Chrome both support SOCKS proxies.
I'm very curious what aspect of Twitter's TLS code makes hard to intercept whereas other websites can be easily intercepted? I'm also very curious about how they intercepted Whatsapp. Does it do something stupid like eval'ing code received over regular HTTP?
Quoting the paragraph, in case my paraphrasing is inaccurate: "What’s depressing is that I could have easily helped them intercept basically all of the traffic they were interested in (except for Twitter – I helped write that TLS code, and I think we did it well). They later told me they’d already gotten a WhatsApp interception prototype working, and were surprised by how easy it was. The bar for most of these apps is pretty low."
I was hoping for Yubikey support. But I'll take this for now.
I'll have to see if the Google Authenticator app shows up on all of my iDevices linked to my Apple account and whether the code from any of them will work (from the setup process, I don't see why not). Does anybody know?
If the app will work from any of iDevices, it would not be secure enough for a service storing bitcoins :) because the second factor should be hard to copy (which a real hardware token is, while a software token isn't).
I personally like semicolons. It's similar in spirit to the period of English. Even languages which didn't traditionally have the period have adopted it in the last couple of centuries.
More practically, it seems to remove a class of errors. Semicolons are optional in Javascript and I've seen posts here about subtle errors that can creep in when you change code a little carelessly.
And even more practically, it allows you to type "one liners" into things like REPLs even if they aren't one liners.
Try Adobe Lightroom [yes, our favorite whipping boy Adobe :)]. It's really really awesome as a photo management tool. IMHO. If you find it slow, try throwing in an SSD. Don't run it with less than 8 GB RAM.
Given your last point re: kids, how is it "insane" that people want to buy houses? Most people have/want to have kids.
Btw, I don't agree with your last point. It's pretty much possible to stay in a rented apartment for 5 years at a time quite easily. And kids go through wrenching changes every five years on average (home->kindergarten->middle->high school).
You make good points about the drawbacks of buying a house. However, the ability to lock in your housing expenses for the next 30 years (i.e., no impact of inflation) shouldn't be underestimated. IMHO.
Based on 10 seconds of thinking, maybe they want to prevent you from installing a suid binary in your home directory when in developer mode and then somehow running it in the regular mode.
I do something similar. You will need a powered USB hub to attach the external HDD (built-in USB can't supply the full 500 mW that a USB port is supposed to supply). Checkout out Plugable's videos on youtube.
I have a Model B with a connected HDD that's been on 24x7 for a few months now. No problems so far. I don't expect a big difference between the Model A and B wrt stability.
I also did the thing to get rid of the tmux prefix for pane switching. But since I don't use the function keys, I mapped keys F1 through F9 to various tmux functions. F1 = next pane, F2 = prev pane. One less key to press. :)
You probably knew this, but you can write and distribute Chrome extensions without having to upload them to the chrome app^Wweb store.
Second, I've tried to work twice with Doing-It-Right (i.e., fine-grain) permission systems. Once with apparmor and earlier with SE Linux. With AppArmor, I wanted to set up rules to prevent Skype from reading any except a couple of directories. The sheer number of permissions I had to configure was exhausting and I gave up. Maybe I missed something simple, but that's why I'm not clamoring for the current simple, but coarse-grain permission system to be abandoned.
It would nice if Chrome separated 'DOM write' permissions from 'DOM read' permissions. AFAIK, today extensions can't request only 'read' permissions.
Yes, I understand that it's a pain for new Chrome developers to have to understand the permission system among other things. I liked the easy ACLs of Chrome when I started.
So maybe they could allow permissions to be written in two different ways in the manifest file? Today's quick-and-dirty coarse-grain permission system would co-exist with a fine-grain permission system that would use new directives.
I'd love to prove to my users that my extension is in fact not malicious.
Since the Sift guys are responding: from where do you get the raw data about fraudulent transactions? I'm assuming you have streams of fraudulent and valid transactions, otherwise you can't figure out what correlates with fraud.
Ha ha. The foreign_key_check command is going to be a lifesaver for me.
I run with foreign key support disabled, because the referencing ("child") rows might get inserted before the referencing ("parent") rows (I don't control the order of inserts).
Now I can just run a periodic scrub job with this command to clean out rows which didn't successfully transition from "violating foreign keys" to "satisfying foreign keys", instead of writing my own code.
Amazon is an outlier.
If another company did this, but it's stock price didn't keep rising, corporate "raiders" will replace the board and get money back as dividends.
Sorry if my point isn't clear. I'm typing this in a hurry.