What is a product? They make something that is used by others, and if they follow a product development mindset, calling it a product is fair in my opinion.
You don’t need to install the app, the prices are displayed on the product page in the App Store, towards the bottom. It’s listed automatically for all apps.
I have made my own theme for Zola (https://www.getzola.org) based on Tufte CSS. It was mostly straight forward, I believe I more or less recreated the structure on https://edwardtufte.github.io/tufte-css/. You can see my website on my profile, if you are interested.
If by "only used" you really mean you never ever use anything else I don’t believe you are missing anything. Other than bragging rights of using Vim, of course /s
But if you occasionally use other editors, many of them have plugins or modes enabling Vim keybindings. In my daily work I switch between Emacs, IntelliJ, Vim and XCode, and all of them have varying degrees of Vim emulation, which makes switching a lot easier.
Quite the opposite! I would find it highly motivating to work on something like this, even if it was just a 5% chance it would make it onto actual phones. You certainly need the right types of people who are motivated by the right factors, but that is not unique for this case.
It would be more motivating for me if in the 95% event that Apple rejects it from the app store, a PR disaster can be launched against Apple for it, and instructions are published to install it on a jailbroken phone.
Don't even need to jailbreak, nowadays you can build/sideload using a free iOS developer account, especially if the projects in question are open source.
...which only works for a few days until you need to build/sideload again on a free account. (Or a full year if you have a 100$ a year paid dev account).
Sideloading isn't a solution because Apple artificially crippled it to make it only useful for demoing and testing apps, not as a secondary install method.
True. I guess my point was that, given the insane number of zero-click iMessage exploits there have been, you’d have to really not care about any of your data to use a jail broken phone.
I mean, i could understand if you were working on some sort of research prototype that might fail, or otherwise something new and unique, but just porting an existing browser engine hardly seems to be instrinsically exciting in and of itself, so what would the motivation be?
I've worked on these sort of "5%" / "just in case" projects before and mainly accepted them because they were deeply technical, difficult and I was sure I was gonna learn a lot from them, no matter if we got the go ahead to ship them or not. Sometimes I was the only one in the company who wanted to work on it, while other times it was something everyone wanted to jump on, I guess the conclusion is that different people find different things interesting. Some people like porting software to different platforms for example :)
Well, lots of people find structural problems with a massive code base but have no justification to rewrite/make changes to it. A chance to revisit decisions might be exciting for someone who feels they could perhaps do a better job with it.
> I would find it highly motivating to work on something like this, even if it was just a 5% chance it would make it onto actual phones.
Have you ever put 6-18 months of your life into a project that got canned? If you haven't, I'm not sure you should make that kind of statement without having actual experience knowing what that's like.
It’s a balance. I more-or-less learned the first time that I needed to be getting more out of it than the “release success”; nowadays I’d codify a specific part of that as “always carve out the time to improve your skills as part of the project.”
I’m teaching the computer how to do something, at the same time I’m teaching myself how to do it.
That said, when that’s not possible - At least one project had at least a few weeks (it’s been awhile) of stupid wrestling with undocumented Xcode CLI internals. That was nearly completely wasted time. It sucked then, and it (dilutedly) sucks now.
Haha, let me count the ways. This describes nearly an entire decade at Microsoft for me. It's not that bad. Some of those projects were amazing feats and fun to build. You eventually develop an "ok, what are you going to pay me to build next" attitude.
Some people may develop that attitude, but I haven’t. I care a lot about what I build and I care that it’s useful to people. I am unable to accept putting in tons of work only for something to never see the light of day.
A project I put years of my life into got killed off in a merger and it’s still the most demoralizing event of my career.
Careful not to imply that other's don't. I'm pretty passionate about what I build, but cancellation is a fact of life. Doesn't mean it wasn't fun to do the building. One of my projects at Microsoft was something that was always destined to actually be sold by hardware partners, and the hardware partners released devices that were far, far too expensive so it flopped and the whole thing was canned. But we made an excellent product that won some awards, and frankly, knowing we killed it on the software side is good enough for me.
I sure have. It requires a specific attitude and mind set. If you go through those 18 months hoping this will actually see the light of day, there’s a big chance you will be disappointed. If you rather see this as a technical challenge, and your task is to prove that it is possible, releasing the final product might not be as big of a motivator itself. Of course, you might not always know that the chance of success is so low up front. If you don’t, I would guess it is a lot harder.
Kind of a stretch, but all of my hobby projects are like this. I have spent years on a TUI library for Swift, without any intention of releasing it. I do it to understand how terminals and layout systems work. In this case I am more motivated by the knowledge gain and experimentation than actually having others use the product.
It happens. Let's not pretend that everything we do changes the world or is even meaningful. It pays our bills and lets us do what matters to us.
On a less cynical tone, 6-18 months on a project, then we change company, or get fired, or the company shuts down for good. Some of my startup customers pivoted or shut down. I got paid, not my problem.
Anyway, it's better to work on successful projects. They expand the business.
Working on a project with only 5% chance of launch is almost a guarantee that you will be at the front of the queue for layoff when the company decides to do layoffs.
Are we reading the same reports? At least the two latest reports by Cure53 mentions "source code audit". In addition, the audits by ISE and AppSec explicitly mentions code review as part of the audit.
I am in no way familiar with these kinds of reports, but does this not mean that (at least parts of) the source code was audited?
> When you're on prem you only have to worry about your own employees opening sketchy PDFs
This is just plain wrong. When you’re on prem you have to worry about configuring all of you hardware and software correctly yourself. Your firewalls, your SSH server(s), off site backup systems, hardware failures, software patching, access points to your network – the list goes on. Some of these are true for cloud services as well.
They are just different trade offs. Sometimes on prem makes sense, and sometimes cloud services makes sense. You can’t say that security is less of a concern in one of them.
> Nevermind the fact that the next time a major world conflict occurs, the big 4 cloud providers will probably be destroyed, taking about 90% of the western economy with it.
And it somehow does _not_ take your on prem system with it? Even though cloud providers are spread across the whole world, and your on prem system is most likely in one, single location?
> This is probably not at all intuitive to the regular Windows user, my parents would never understand the implications of this
The trick here is how do we solve this other than further user education? When the user profile folder is unusable for some reason you either have to do this or just refuse login. Neither are good answers, but this one is better as long as you understand what the system's doing.
If one doesn't know what the system's doing and isn't interested in trying to understand it I don't see a way to avoid this issue.
I see this attitude a lot, and it drives me a little crazy. All the conversations I've heard between developers and project managers immediately spring into my head. "But what if X happens", "Well, we showed them a message about it. There's nothing else we can do." This only makes sense for confirmations ("Leave this page? You'll lose your work."), and only sometimes. In most other cases, it's just an excuse to keep things simple for developers. Software can do anything you want, especially if you own the stack in question - you just have to care enough to design and pursue it. There is always an at-least-pretty-decent UX answer to any problem. In this case, some off-the-top-of-my-head possibilities are simply disabling writes, or showing a message with better wording at write time in Explorer, e.g. "This file will be deleted . . .". If a designer takes the time to think about it, they could come up many more, perhaps better, possibilities.
Hell, even just changing the terrible wording on the notification (and putting it somewhere much less ignorable) would be a step forward. E.g. "Your files have been temporarily moved to X. Any files you place in My Documents, My Pictures (etc) will be deleted when you log off or turn off your computer.").
How the hell did they have read + write access from the temporary profile to the old one? Shouldn't the tenporary profile belong to a distinct, temporary user account?
Or the move opration immediately prompted for admin authorisation, and they just clicked through that? (not suggesting that these prompts are in any way useful for the average user)
> When the user profile folder is unusable for some reason you either have to do this or just refuse login. Neither are good answers, but this one is better as long as you understand what the system's doing.
As this whole discussion shows, no, this one is worse since it can easily lead to data loss. A third option, however, would be to do this but not erase the profile on logout.
Or an even better fourth option: the warning message literally says "you cannot access your files". https://i.imgur.com/6jk6imp.png
That is apparently false because the user did access their files and dragged them into the temp profile.
Either that should be literally true (a completely broken profile is a bad problem that needs help from a competent tech support person) or the profile should at least be made read-only until the entire profile is deleted. That way they could copy the files into the temp folder, but not lose anything (other than changes) after logging out.
Also, the warning should be more obviously "fatal", not something to be clicked through. E.g. replace the desktop background with a black screen and put the warning text in red on it.
Changes are always difficult, no matter how small or large they are.
As a European, I welcome this wholeheartedly! It makes my daily job harder (as a programmer), but it’s needed to stop this insane industry of using private information as a currency. Most people seem to don’t care, but that is mostly because they don’t understand the consequences of this.
GDPR isn’t really that hard to understand. If you need to gather PII, you need the proper approval from the end user to do so. If you don’t have the proper approval, you can’t store it. Also, don’t gather information you don’t need. If you only need page views, don’t store IP, resolution, localisation and all these things in addition. This is common sense, not science. In fact, you should be happy to have these restrictions, because it lowers the risks in case of data breaches.
The real problem with GDPR is that we’re so used to violate peoples rights that we have completely forgotten how we should behave.
This is almost beyond funny. I googled "Avira antivirus cryptomining" to see if I could find any other sources, and quite a few results [0][1][2] are from Aviras own blog warning about crypto mining viruses. One of the solutions mentioned are actually to install Avira. Yes, these are written a few years ago, but the irony is just incredible.
Super funny was my first thought but also pretty alarming that they thought they could get away with this. The amount of government contracts they have is probably enormous. Here's something to add to the jokes: A fun example I just found of one of their contracts with the US Secret Service, who they presumably just hijacked the computers of to cryptomine. [1] Hahaha isn't this like how you get a congressional hearing?
True - but since the tool is strictly opt-in only, are we a bit too critical of the tool? Personally I don't use any such av tools or have any stakes in cryptocurrencies. But in a way they are providing an option for less tech savvy people to mine cryptocurrency right? Would've been better if the crypto component was not installed by default, but still. As many mentioned, there's also the question of the education component to the users - how much good a job the tool does in providing proper awareness to people who go opt-in to the tool, on what they're getting into. Personally if I were to use such a tool, I'd prefer that.
I think what is wrong is telling people they will earn cash while the electricity bill will make so that only Norton will get money instead. All this while increasing global warming and energy waste.
It may be opt-in but there is just nothing good in it.
