Given the gambling example, should we be mad at the advertisers or at the forum for making money off of allowing such ads?
If the Gambling Association made a bunch of posters about their new lotto and paid anyone who put them up in buildings, and the person running the Gambling Anonymous meeting came and picked up a few to put up during their meetings, do you blame the Gambling Association or the one who picked up the posters?
Ads are currently such a nightmare because almost everyone making money off of them has chosen to go with services that handle everything instead of filtering their ads and hosting them locally because letting those services handle it all pays better. It allows for far more tracking and targeted ads, sometimes for better and sometimes for much worse.
A sane system would consider the knowledge and power differences between the average individual and the corporate lawyers who wrote the agreement, along with the one sided nature of the agreement, and void any consent as not having been possible to give. Likely the agreement would be treated as one signed by a child, where the more powerful party is the only one bound by it.
What's their solution for any other website? It seems like they'd have a very difficult time accessing ANY site.
In a quick search it seems like NoCaptcha is the accessible answer for the issues with regular Captchas. For the most part it seems to work, most of the complaints here seem to stem from people trying to actively block some of the evaluation metrics used by the checkbox (cookies,javascript,user strings,fingerprinting,etc) which makes them look very different from normal traffic which kind of by necessity makes them look a lot more like bots.
>which makes them look very different from normal traffic which kind of by necessity makes them look a lot more like bots.
But if they are doing so because they are disabled, and the difference means they receive a worse experience, may result in an ADA complaint (especially if a government service falling under section 508 is involved).
Why not both? If I move to a country that legally allows me to do something horrible, people will rightfully call me a bad person regardless of the legality of the action.
Sure, but not paying any taxes isn't obviously a horrible thing.
The government says, through its tax laws, that it wants amazon to not pay taxes (probably because they had a loss). The logic behind this is that because amazon provides jobs, the government doesn't want the company firing people and/or not hiring people because of an unrelated occurrence.
If you want what amazon is doing to be horrible you have to show that what they're doing is actually horrible.
Perhaps talk about how they're making use of the resources of the united states while not paying back for the maintenance of those resources. Like, delivery trucks damage roads and without delivery trucks amazon can't exist, and therefore they are externalizing their costs to the tax payer by not paying taxes.
Additionally, you'll need to explain why the jobs argument is not sufficient to excuse their lack of taxes.
And you might also need to talk about how amazon R&D also isn't a good excuse. For example, if amazon perfects drone delivery of goods then they won't damage the goods. So we should let amazon not pay taxes so that they can perfect drone delivery because it will be a good to the entire nation. You need an argument for why this sort of idea is wrong.
> The government says, through its tax laws, that it wants amazon to not pay taxes
This kind of statement that assumes big companies passively take their tax bill from the government is either exceptionally naïve or wilfully disingenuous. We're talking about a company whose executives sat down with representatives the Luxembourg government to negotiate a special sweetheart deal (subsequently ruled to be unlawful state aid) and then moved its European HQ to Luxembourg
So what are you suggesting; Amazon should voluntarily send a bonus check to the fed? That's just ridiculous. I'm also not convinced that following the current tax law is "something horrible".
What's most troubling is that these are the same companies who say things like "We need more educated workers" as if tax dollars don't help to do that. They also use it was a rationalization / justification for paying less and less taxes (i.e., "We're not getting any benefit from what we're already playing.) To the bottom we go...
>There are cases that I'm all for bashing Google when they don't give the company they're targeting enough time to patch something
While I understand the common ethos of our current culture supports this, has there been analysis if giving what could constitute a second chance to fix security issues leads to less prioritization of security initially? I could definitely see a business deciding to lower their security expenditure since if an issue is found, they will be given a grace window to fix it before the world hears about it. It would still be damaging, but it would be far less since the PR machine could spit out that it was patched before it was announced to the world.
There has to have been some agreement to limit the grace period since people will go live once a reasonable time frame to fix it has passed and they won't be judged negatively if others agree reasonable time was given. So if we won't judge someone for giving only 6 months instead of 3 years, what about the one who gives only 2 weeks instead of 6 months? How do we calculate which of two time frames is better?
I imagine they share proof of concept 100% of the time, and if that is the case, I’d say it varies: target a window, say 2 months. At that point, show progress on the bug to Google (or whoever). If at the 2 month mark it is obvious it was low priority and not really looked at, the vendor of the application failed in which case I would say disclose away (bonus points if they provide something to mitigate it, if possible, though onus is not really on them either way). If they can tell the software vendor is making progress/genuinely attempting, then I’d say an extension would be fair.
In the Microsoft case that vaguely comes to mind, I believe the issue was one that required a bit of work because it was pretty low level for Windows. I want security patches on my system ASAP, but I also don’t want someone to release something that breaks my OS’s functionality or renders my files (or the ability to open files) fubared either. If memory serves, they were making progress on it, but it went past the time period Project Zero set and they were unwilling to give an extension and as far as was reported, didn’t seem to be exploited in the wild. But then you have something unpatched that is disclosed by Google. That doesn’t help users all that much.
That is all to say it isn’t being verifiably exploited in the wild. When that is the case, that changes things to the point users need to be made aware as soon as possible and if it means “turning off” a feature, if possible, as a stopgap, give that info to them.
Android as an abstract project, yes. Android, as what's actually used by users, it's not that superb.
Google is slowly trying to fix it, but average Android device is way behind average iOS device in the wild, and that will be the case for many years to come.
> Android, as what's actually used by users, it's not that superb.
It is, though. The Android that's most commonly used by users is the one from Samsung, who also issues monthly security patches for a large range of devices: https://security.samsungmobile.com/workScope.smsb
> average Android device is way behind average iOS device in the wild, and that will be the case for many years to come.
[citation needed]
Average iOS device just got hit by 2 zero-days in the wild. And jailbreaking is a long and well established practice on iOS, which is literally privilege escalation exploits. There's a constant, continuous stream of those on iOS. There doesn't seem to be many (any?) on Android for a while now.
>There doesn't seem to be many (any?) on Android for a while now.
To be fair, there are a variety of reasons why this isn't the case that have nothing to do with security. An Android jailbreak is less valuable for a few reasons, among them that you can often purchase android devices with root privs, the same isn't possible for iphone.
It's one thing to release a security patch. It's a different thing to get it installed on user devices. If a user never has an opportunity to install the patch, that patch might as well not exist from that user's standpoint.
There are millions of unpatched Android devices, probably forming a massive botnet by now. When you read it in the news sometime in the future, remember this post. You read it here first.
In C# var is always a place holder for the actual type which the compiler only accepts if it can figure out the type. If you do anything to the var that you can't do to the actual type it will still give you a compile time error.
And they do. But what exactly is that line. Prurient content that empowers people? Banned. Content that literally allows control over non-consenting individuals based on their gender? Accepted.
This is like a serial killer who campaigns against littering. They have a line they won't cross, but we shouldn't accept it.
>If we enforce some morals and not others in our app stores, who exactly do we choose as the arbiters of morality?
Apple and Google are, and their moral guideline is money. They are in the business of making money. If the content seems close enough to illegal and small enough revenue to not be worth investigating it, or if the content is legal but costs more to host than it brings in due to backlash, it will be censored. I would even guess that content that is illegal but brings in enough money won't be banned (unless a court order comes in that isn't worth the cost to fight).
One can just look at Reddit's history of banning content and see that it bans things not based on morals or laws but on when it stopped being a revenue generation. The allowed their most popular sub-reddit for years until moral outrage grew due to a news investigation, and then banned it under the guise of being illegal and protecting minors (despite the content not being illegal, as the federal government wouldn't have allowed to continue operating had it been).
Don't Apple and Google already block plenty of legal content they don't want to deal with? Consumers should force them to explain why they are willing to deal with this specific content.
If the Gambling Association made a bunch of posters about their new lotto and paid anyone who put them up in buildings, and the person running the Gambling Anonymous meeting came and picked up a few to put up during their meetings, do you blame the Gambling Association or the one who picked up the posters?
Ads are currently such a nightmare because almost everyone making money off of them has chosen to go with services that handle everything instead of filtering their ads and hosting them locally because letting those services handle it all pays better. It allows for far more tracking and targeted ads, sometimes for better and sometimes for much worse.