49 stories
·
0 followers

Major Thunderbolt security flaws found, affect Macs shipped 2011-2020

3 Comments

No fewer than seven serious Thunderbolt security flaws have been discovered, affecting machines with both standalone Thunderbolt ports and the Thunderbolt-compatible USB-C ports used on modern Macs.

The flaws allow an attacker to access data even when the machine is locked, and even when the drive is encrypted …

more…

The post Major Thunderbolt security flaws found, affect Macs shipped 2011-2020 appeared first on 9to5Mac.

Read the whole story
lasombra
63 days ago
reply
Microsoft, who would have thought, was right on this one.
UK
Share this story
Delete
2 public comments
Belfong
63 days ago
reply
🤦‍♂️
malaysia
JayM
63 days ago
reply
Ruh oh.
Atlanta, GA

Star Wars: The Rise of Skywalker

1 Comment

When we last left our heros, Luke was dead, Kilo didn't shoot first, and Fin was in a pointless B-plot.

And now on with the show …

I know I'm late to the party on this, but as far as remakes of “Star Wars: Return of the Jedi” go, it's not bad. I certainly liked it way more than I did the previous installment, and it was clear that J. J. Abrams ran from Rian Johnson's direction of “Star Wars: The Last Jedi,” for good or ill.

And make no mistake, this is a remake of “Return of the Jedi,” down to a showdown on the forest moon Endor and good ol' Emperor Palpatine pulling his “give in to your hate, strike me down and rule the galaxy” shtick he pulled on Luke. But hey, J. J. Abrams also directed “Star Wars: The Force Awakens” which was a remake of “Star Wars: A New Hope,” so I'm not terribly surprised by it either.

The movie, like all Star Wars movies, is visually beautiful, but … I think I don't care for modern movie techniques like quick editing and over-reliance on garish special effects (I was surprised by the epiliptic warning of flashing lights shown at the beginning of the movie—yes, it's that bad) and this movie is filled with them, to the point I found it distracting during the climax of the movie. Another aspect of the movie I found a bit annoying was the whole “fetch quest” vibe I got from it. The whole “we need to go here to get this MacGuffin that will show us how to get to the next MacGuffin.” I thought I was watching a Star Wars movie based on a role playing game. And due to the MacGuffin hunt, we went from location to location. In the original trilogy, “A New Hope” took place in three primary locations (Tatooine, the Death Star, Yavin 4), “The Empire Strikes Back” takes place in three primary locations (Hoth, Dagobah, Bespin), and “Return of the Jedi” takes place in, you guessed it, three primary locations (Tatooine again, the second Death Star, and the forest moon Endor). I lost track of the number of locations in this movie—I think at least six planets and numerous ships.

And can we get away from the XXXXX­XX desert planets already? Sheesh.

Afterwards at dinner, refrigerator logic started to kick in as little details started not making sense. One example: one MacGuffin the characters obtained that, story wise, must have been made after “Return of the Jedi” but before “The Force Awakens.” But as I starting thinking of that particular MacGuffin, I asked myself, who made it? Why was it made? Who was it made for? It didn't make sense. And that's just one MacGuffin—there are others.

If this wasn't a Star Wars movie, it would be a fine popcorn type movie. Decent, but nothing terribly special about it. And that's what's sad about this movie. It's … okay. It wasn't bad, but it's not great. I don't hate it.

So … yeah.

Read the whole story
lasombra
188 days ago
reply
I completely agree here. After a while, when the details start to sink in, you may notice that not a lot of things make actual sense.
UK
Share this story
Delete

Boris launches manifesto so devoid of substance, you can't tear it apart | John Crace

1 Comment

All that matters is winning the election. Breaking promises can start on 13 December

Two years ago the Tory party election campaign started to fall apart after the launch of the manifesto on a Thursday in Halifax. This time round, the Conservatives were determined to make sure that didn’t happen again by choosing a Sunday for their launch. A day when almost everyone would either be watching football, Sir David Attenborough or Countryfile. Anything to get away from the election for at least 24 hours. A day when any car crash would pass more or less unnoticed.

Just before 2pm the entire cabinet – needy Matt Hancock bouncing up and down excitedly and taking selfies to try to reassure himself he really did exist – trooped in to the main hall of the Telford International Centre and took their seats in the front row. Well not quite all the cabinet. There was no sign of Jacob Rees-Mogg who has been locked in solitary ever since he insisted that those who had died in the Grenfell fire had got what they deserved for being too stupid not to disobey instructions. One upside to this election is that we should all be seeing a lot less of the Moggster in the next parliament.

Continue reading...
Read the whole story
lasombra
231 days ago
reply
He doesn't need much to win, that's what's sad about this
UK
Share this story
Delete

Announcing JSON Feed

4 Comments and 5 Shares

Brent Simmons and Manton Reece:

We — Manton Reece and Brent Simmons — have noticed that JSON has become the developers’ choice for APIs, and that developers will often go out of their way to avoid XML. JSON is simpler to read and write, and it’s less prone to bugs.

So we developed JSON Feed, a format similar to RSS and Atom but in JSON. It reflects the lessons learned from our years of work reading and publishing feeds.

I think this is a great idea, and a good spec. I even like the style in which the spec is written: for real humans (much like the RSS spec). If you want to see a real-life example, Daring Fireball has a JSON Feed. I’ve got a good feeling about this project — the same sort of feeling I had about Markdown back in the day.

Read the whole story
lasombra
1153 days ago
reply
Another format that will never be updated and won't be able to expand because reasons
UK
samuel
1153 days ago
RSS is over ten years old, so it's had time. What would you want to add to an RSS entry? It also has media enclosures (attachments) and real-time push notifications.
lasombra
1153 days ago
It's ot about being oldbu have the opportunity to expand. RSS is stable, done and, most importantly, is a ratified standard.
samuel
1153 days ago
reply
They emailed me about it. I'm happy to support it but I'd prefer if support came from the Python feedparser library. If that happens, I'll integrate it.
Cambridge, Massachusetts
samuel
1153 days ago
Added a ticket to the feedparser library: https://github.com/kurtmckee/feedparser/issues/103
rascalking
1153 days ago
i worry that there are a dozen open PRs on that project, going back over a year, with no accepted PRs in that timeframe.
gcarothers
1153 days ago
Errr... feedparser is 99% deal with XML nonsense. It's not totally clear to me how JSON handling fits into it's code
samuel
1153 days ago
This is how it fits in: >>> feedparser.parse('http://example.com/feed.json').entries[0]['title']
gcarothers
1153 days ago
Sure, but the API also exposed at the top level feedparser.parse('http://example.com/feed.json').namespaces, and 100% of the behavior of feedparser is in FeedParserMixin which is 100% attached to XML. I mean I understand the spirit in which this comment of offered but it's hard to imagine feedparser changing enough that it would support json feeds without basically being rewritten, even the test framework of feedparser is all setup around XML
Share this story
Delete
2 public comments
brennen
1152 days ago
reply
Might be interesting, and I'd be happy to generate this for my own stuff if it sees much usage, though one gets a little nervous about fragmentation. I feel like I remember an RSS-as-JSON spec a while back that didn't really get any uptake. On a related note, I'm still waiting for someone smarter than me to take the off-the-cuff thought of "sites could publish (and feedreaders consume) .git" and do something interesting with it.
Boulder, CO
fxer
1153 days ago
reply
"developers will often go out of their way to avoid XML. JSON is simpler to read and write"

Hey, you want a hot poker in the eye, or in the ass?
Bend, Oregon

A very false narrative: Samsung Galaxy S8 vs Apple's iPhone

1 Comment
Article Image

It's hard to escape the media pronouncements that iPhones are now boring again after Samsung unveiled its latest Galaxy S8, Apple's Mac business is being overshadowed by more exciting Surface Windows PCs from Microsoft and that Apple Watch is a disappointing dud. But all of those media narratives are wrong, here's why.
Read the whole story
lasombra
1174 days ago
reply
Ah... the fans...
UK
Share this story
Delete

This week's "Hacker" "News" annotations are pretty good.

jwz
2 Shares
n-gate:

  • The United States Senate continues the war against their own users. One Hackernews suspects some kind of massive federal conspiracy to censor comments on reddit.com. Another suddenly realizes that people might disagree about things for reasons other than ignorance, and becomes distressed. The rest of the comments are people arguing about technical methods to work around the user-tracking they implement in their day jobs.

  • Google continues the war against their own users. The XMPP Memorial Society trades barbs about whose fault it is that a misdesigned overengineered shitshow of a protocol failed to gain traction amongst non-erlang enthusiasts. Every single messaging platform in current existence is held up as Obviously The Future. Hackernews tries to figure out what Google's master plan is, and why Google is working so hard to make it look like aimless poorly-managed floundering. IRCv3 continues to be a retarded pile of solutions to the wrong problems.

  • The United States House of Representatives continues the war against their own users. Hackernews is outraged, presumably because the rules will now enable other companies to compete with Google in the lucrative Fuck Everybody's Privacy market sector. The entire comment thread is just Hackernews arguing about political shit and deciding which elected officials are betraying the American people. Not a single goddamn Hackernews makes the obvious connection to the shit they do at work all day for a living. The tacit consensus: Hackernews isn't bad for creating the tools of surveillance capitalism; Congress is bad for letting people use them.

  • Some academics figure out how to make shit in pictures look like shit in other pictures. One Hackernews notices that the machine learning papers have largely stopped relying on mathematics or any other scientific endeavor; the others are ready with reassurances that someone will get around to formal research sooner or later. All this stuff is super worthwhile in the meantime because we can just keep passing around training sets verbatim and treating them as infallible, just like we do with node.js libraries! Both the machine learning community and the web development community are completely free of charlatans! Scout's honor!

Previously.

Read the whole story
lasombra
1198 days ago
reply
UK
Share this story
Delete
Next Page of Stories