I really don't believe that Facebook's developers are incompetent. And it's quite easy to neglect work when there's a business case for leaving that work undone.
I suspect that as with any large enough organisation there is a spectrum of competence across their workers, raging from high to low. I obviously have no proof that there isn't some big conspiracy afoot, but given the choice to bet on conspiracy or incompetence as the primary factor for the issues we're seeing, I know what I'd put my money on.
I use pretty much the exact same system that you do and have done so for many years as well. Recently though, I'm starting to think I might try out the password management software route. I've haven't yet had a problem with any of my accounts being brute forced and I guess there's something to be said for "if it 'aint broke...", but reviewing the passwords I use, even the more secure ones, I have this nagging feeling that they are more similar to each other than they should be. If a resourceful and determined attacker was to somehow figure out one of my secure passwords, then that would be a good ways towards figuring out all of my secure passwords and I don't like that possibility, however remote it may actually be.
As long as each of your secure sites has encrypted the password in their database, which they damn well should be doing, an attacker wouldn't be able to benefit from any similarities because they wouldn't know what your password actually is. Right?
That would be right assuming passwords were always encrypted - and we know that unfortunately even some of the biggest sites have been bitten by not encrypting passwords in their database[1] - but that's not actually the case I was thinking of when I said "brute forced".
Here's one possible scenario: let's say that I happened to be a member of a website that unfortunately allows an attacker to hit their login form as many times as they like and as fast as they like with various username/password combinations, and by brute forcing this login page in this way, they manage to determine what my username/password actually is. Now the attacker does know my username/password for one website I belong to and - if they're smart and determined - it may occur to them that now they know one of my usernames/passwords they might use these details as a starting point in trying to brute force other accounts that I may have on other websites.
I used to run these kinds of brute force attacks against websites back in the day when I had nothing better to do and before I had to work for a living. Often I was quite successful, but I wasn't targeting specific users and even back then I could tell that websites were getting more savvy in terms of detecting and defeating such attacks. So no doubt it would be harder to pull this kind of thing off now and it would probably depend a lot on which website(s) you targeted. But surely it wouldn't be impossible.
The value of what you're doing right here with your post shouldn't be overlooked. Just to know that you guys were around, listening and taking suggestions would have made a difference to my satisfaction with IE... were I still primarily a windows user. :)
Keep doing what you're doing, get more of the IE Team to do the same.
Thanks; I'm not sure about the "get more of the IE Team on" bit. Personally, I'd rather the bulk of the IE folks focus on making IE9 better than ask around for feedback. I realized that even through these channels, I'm overwhelmed (my day job isnt to collect feedback for IE - there's folks who do that for a living; I'm just a regular hacker like the rest of you here with an interest in understanding what the people want ;) so I gotta say I'm not sure that's a good (tm) thing, really.
I hear you. I just think that people (particularly if those people are also developers) would appreciate it if they actually heard from the IE developers a bit more. It doesn't have to be to degree where it's interfering with your actual job. You guys should stay in control of how much you interact etc. For me I would find it encouraging to know that the IE developers are just around in places like HN and are listening. I'd know that if they say something occasionally. How much you interact or how much feedback you gather would not really be the relevant issue to me.
no 'target=' user preference so that external links could show up in another tab/window if so desired
I have always seen a default option to open links in the same window as a small but definite signal that a site is more geared towards technical people who know how to open a new tab/window if and when they want one.
I'm so used to mouse gesturing a line up across a link to open it in a new window, I often confuse myself when I'm using a browser without this capability.
I just went to add the same link without realising it was already here, d'oh. It was also the first material I remember reading on form label placement and I found it to be a bit more enlightening (and better written) than the subject post of this thread.
There's no privacy information on your preview page. While I personally have faith that most people posting here on HN asking for feedback would not sell my email address to Russian gangsters, it might be an idea to address such issues explicitly.
I completely agree. I watched the movie thinking to myself every now and again "OK when's the full on mind fuck coming?" but it never really came, not for me anyway. Afterwards when I heard or read people talking about how confusing or hard to follow the movie was, I began to wonder if perhaps there was some huge extra layer of complexity to Inception that just went totally over my head. A bit more time has passed now and I don't think there was.
The only confusing bit is whether he was actually ever in the real world at all, or it was all a dream. This is almost the main concept of the film, and not answered when we see the spinning top still spinning at the end.
Great film, glad to see a great sci-fi film doing well at the box office as well. Moon was a great story last year, that did not do so well. Worth checking out.
I saw Moon and thought it was good too. I liked how it seemed to intentionally and quite successfully avoid every cliched direction the story could have taken.
The only confusing bit is whether he was actually ever in the real world at all, or it was all a dream. This is almost the main concept of the film, and not answered when we see the spinning top still spinning at the end.
Yeah, though I didn't really see this as confusing, simply an unknown left open to interpretation.
I was half waiting for some kind of twist like say, it turns out that Cobb was dreaming the whole time and is in reality the heir to the company and is the target of the Incpetion... or something. I didn't really think that one through too deeply though and I'm not sure that a twist like this would have made the movie better in any case. I guess it just comes back again to that expectation that was built up in me of it being a full on "mind fuck" movie. In some ways I was kind of happy walking out of the cinema that my mind had not been fucked, just well entertained.
Perhaps your original intent would have been more immediately obvious if you had chosen a different animal that's also almost extinct, but not synonomous in people's minds with large size more so than the fact of their near extinction? Or was that also part of the original intent?
I admit that the analogy is a bit leaky, but the point is that ants are nowhere near extinct, even though they may be much smaller than elephants. Where it breaks down is if you consider the number of ants vs elephants globally. I probably shouldn't have said "total" mass, just relative mass.
I only got my first Mac about 12 months ago and I am really liking it. I too would be really sad if they leave OS X and it's traditionally associated hardware to languish.
Oh well, I guess I could always go back to Linux or BSD for my primary workstation.
