I would like to see in the HTTP/2 spec allow http traffic, with the requirement that http 2 traffic must be signed. This would allow publicly accessible resources (including javascript) to be cacheable, without compromising security. Random thoughts:
* The signage could be done in headers (HTTP/1.0 compatible)
* Works with all existing internet caches that don't modify pages they cache
* (some proxies inject headers into pages, so the spec should be resistance to this, and throws out all unsigned headers)
* Signature must cover cache expiry and full page url (including FQDN, port number etc)
* don't send cookies, user-agent or other identifying details over http 2 (helps with caching, and privacy)
* Could have a requirement that all https 2 traffic can only link to resources on https or http 2
* If the signature in the http 2 message fails, browser could fall back to https 2
* A redirect could sign the content it is redirecting to (to securely load resources from 3rd party CDN)
a large part of the runtime package (within the standard library) is written in c and asm. This c code compiled with one of the 5c, 6c or 8c compilers.
gcc is only used for bootstrapping (I believe... tho I am still trying to get my head around what happens).
If you have a look at the article, linked from the article, they are hiding the un-subscribe link when the link is inside quotes.
For me, the emails that get forwarded to different accounts (due to email rules), don't have quotes, so the link will show. But pressing the forward button will put quotes around the entire email, so the link won't be shown.
In saying that, there are probably some email setup out there, that doesn't work like mine, and just happens to wrap every email that it displays in quotes...
I don't know if it is a problem with their system, but it has been an issue numerous times with other systems for me.
I don't see how their system would solve the issue that occurs with this system: "inputting your email address and then pressing an ubsubscribe button" If I have to input my email address, I have to determine which email address I have to input.
according to [1], Mark Zuckerberg makes $310.67 per second... so $100 will buy you under one third of a second of his time... I hope you are not expecting a long reply.
Maybe when Facebook was still private and rising in value? I don't see where that income lies today. His salary is slightly over $1mm and $FBs value isn't shooting up anymore.
Essentially electrons must travel around in a circuit. Sort of like a racing car. Electrons can't teleport from one location to another, and the number of electrons in a circuit will never change.
If touching you touch a wire, and you don't make a circuit (a complete loop) then you will receive no current (electrons can't move in a circuit), thus there is no voltage (since V = IR)
Usually when you touch the active wires in a powerpoint a circuit is made:
from the powerplant to the powerpoint,
from the powerpoint to you,
from you to the floor you are standing on,
from the floor back to the powerplant.
A transformer works by having two coils of wires, and when electrons flow through one coil, it excites the electrons in the other coil, and they start to move too. (This is done through magnetism).
A transformer is usually used to change the voltage of an AC source, but in the case of the "Isolation transformer" the voltage on the input side and the output side are the same.
In a transformer, the two coils of wire aren't actually connected to each other. So if you touch one of the output wires, you don't make a circuit, as the electrons need to get back to the other output wire for a circuit to be formed.
The same thing happens with a battery. Unless you are touching both terminals, there will be no current flow.
A password works by there is a piece of text that only you know, and thus, when you give that password to a server, that server knows who you are.
can't you also view a url as a password? (If only I know the url, then only I can download the file).
I am able to give out a url to someone else, so they can access the file, likewise, I can give out my file server's username and password, and whoever has it can also access my files.
You have a point, but the difference is that url's are not usually considered secret and are therefore not treated the same way a password would be. For example in the browser..
"""On the flip side, Kim Dotcom will lose the ability to use the data to defend himself after pleading not guilty to piracy."""
Is it me, or is this saying: "We [the author(s) of the page] don't care if he has any evidence proving he is innocent. We just want to see him in jail"
Surely the prosecutors loose their case if the data goes. Doesn't the defense shift from 'we moderated content, majority was legal' to 'prove that we hosted illegal content'.
With the data deleted isn't it like trying to commit someone of murder after the murder weapon mysteriously vanished?
Yeah, that's sort of what I thought. This "On the flip side, Kim Dotcom will lose the ability to use the data to defend himself after pleading not guilty to piracy," seems very strange to me. Obviously, if the data were to be deleted, it would be because the FBI stopped Megaupload from paying for those data-center services. Thus, we would get a situation where the feds are at least indirectly responsible for destroying evidence, and then argue "well, prove that the data which has just been conveniently destroyed wasn't pirated!" That makes no sense at all, only makes for a stronger defense, so I don't think that's what they're going to try (which is why they had better preserve the damn data).
Perhaps even more importantly, if this data gets destroyed and they can't find further evidence to use against the Megaupload bosses, this would mean a federal bureau effectively destroyed a company without having any evidence of them having committed a crime. That would be a very bad thing, and would set a very, very bad precedent.
It's happened many times before. Anderson Consulting (http://en.wikipedia.org/wiki/Arthur_Andersen), then one of the "Big 5" accounting companies, suffered a "sentence first, verdict afterwords" execution when they were prosecuted for their putative crimes in the Enron debacle.
The reversal by the Supreme Court a few years later was cold comfort to the shell of the company that was left, the 85,000 people it once employed, the partners who lost the value of their holdings in the company, etc.
(And this hysteria lead to Sar-Box, which just happened to be the final nail in the coffin of the traditional IPO startup exit except for a very few massive successes.)
* The signage could be done in headers (HTTP/1.0 compatible)
* Works with all existing internet caches that don't modify pages they cache
* (some proxies inject headers into pages, so the spec should be resistance to this, and throws out all unsigned headers)
* Signature must cover cache expiry and full page url (including FQDN, port number etc)
* don't send cookies, user-agent or other identifying details over http 2 (helps with caching, and privacy)
* Could have a requirement that all https 2 traffic can only link to resources on https or http 2
* If the signature in the http 2 message fails, browser could fall back to https 2
* A redirect could sign the content it is redirecting to (to securely load resources from 3rd party CDN)
Edit: formatting