I hate advertisements as much as the next guy. I hate being tracked perhaps a little more than the next guy. I think it's great Apple is coming down on the side of privacy. However, a lot of comments on this article talk about how ads are a scam business model and all app developers who release ad-supported apps suck. Remember, the alternative is paid apps. I remember buying most of my software for my PC at $30-$50 per license. I know there's FOSS, but let's be real. The alternative to ads is actually having to pay for your software, and the ad-supported app economy has eroded people's tolerance for that.

"No, your honor. That wasn't me. It must have been one of my millions of robot clones"

Docker may be a fad, but containers are not. Containers are essentially just 3 things:
1) A set of linux namespaces (a pid namespace, a mount namespace, etc)
2) A set of cgroups
3) a chroot to a virtual file system

It's not a virtualization technology, so it doesn't have run-time overhead. If your OS is Linux, the "dockerized" application is a native process that you can see when you run ps. You can do the exact same thing that Docker does if you know a few system calls to create the namespace, cgroup and chroot on the fly. Docker just puts it all together so you don't have to. Every Linux process technically runs in a container, they just share the 'global' container rather than getting their own. There's nothing magical about Docker, except that you don't have to be a Linux guru to take advantage of native Linux features. So the "fad" that is containers will not go away until Linux experiences a massive design shift. Sure, Docker may fall out of fashion as the tool for creating containers. If you want a more timeless skill, learn how to create namespaces and cgroups yourself.

As far as the oft-repeated complaint that Docker runs as root, this doesn't have to be an issue. Docker starts and stops processes (it calls them containers, but they are native processes). Those containers/processes do NOT have to run as root. So complaining that the Docker daemon has root access is really no different than complaining that systemd has root access. They both manage processes for several users and therefore require root access. Configuring either also requires root access, but none of the processes they spawn need root.

If you have half an hour to burn, here's a session from DockerCon 2017 where the presenter writes a program that creates containers. It's kind of like a rudimentary Docker. If you like the idea of process isolation but aren't comfortable with a faddish tool like Docker, she walks you through what Docker is actually doing under the hood. You can incorporate any of the ideas you like into your existing deployment strategy and ignore the rest. https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3F...

The problem is that nobody is repackaging the wheel so you can reuse it without reinventing it. They are, instead, packaging an entire Chrysler factory, and you have to ship the entire thing with your can just so you could use a wheel from that factory. Nobody is suggesting that we should go back to 1.44M floppy disks for an OS, merely that we as software engineers actually attempt to engineer stuff and make sure it's built well, not just built. Moore's Law is dead. It's time we accept that and stop relying on hardware to keep catching up with our increasingly sloppy habits. "The garbage collector will get it eventually" is soon not going to be a good enough reason to allocate a metric ton of memory for a task that could be done with a tiny footprint if modern developers could be bothered to learn the classical data structures and algorithms all their 3rd party libraries are built around (at least the good ones). I've had people tell me the white-board interview is meaningless, because no dev will ever have to reverse a linked list or traverse a tree (there's libraries for that!), but I still don't want anyone on my team who doesn't understand what that means.

Samsung Customer?

There's an expiration date on private / sensitive emails. Does this mean Google will prioritize these in its queue to make sure it reads and steals all the data from these emails before others?

Wow. You have an awesome library. I too can get local newspapers, but I definitely can't 3D print at my library. I can also get VHS or DVDs as soon as 15 years after their release. That being said, I'm fully in favor of the library. When I want to find a new author to read, I like to try before I buy. I'll typically borrow the first book from a new author from the library, then buy the rest.

All the content is available on the Internet, but that means you have to sift through all the content on the internet. The benefit of libraries is that its curated. You can ask a librarian questions that Amazon's search service can't comprehend. It's the same reason professional conferences are still relevant. You can find everything presented in a conference on the internet, but until it's been presented to you, you don't have a clue what's worth searching for.

In this case, it doesn't matter what 2-factor authentication method you use. I don't think this proves Google's device is any better or worse than any other 2FA mechanism, merely proving "requiring 2FA makes phishing less effective".

Yes, but what if I social engineer your password and it's still useless because all your accounts use 2FA and I don't have your key?

I do realize that DNS cache poisoning is often a means to an end to get to man-in-the-middle attacks, but the two are separate and warrant being talked about separately. With MITM attacks we often talk about surveillance and tampering, so we often talk about encryption and content validation, while we ignore the issue of source validation. I need to be sure not only that my data is unchanged, but that it came from who it claims to come from. The biggest benefit of SSL is CAs, from that perspective.

SSL does more than simply encrypt traffic. The biggest benefit of SSL for static web sites or information-only websites is that you can verify that you are connected to the right source. Some people mentioned content tampering and man-in-the-middle attacks, but what about a good old fashioned DNS cache poisoning? With SSL, you're not as susceptible to that type of attack.

Most tech startups don't have a long-term plan. Their intention is to get the attention of one of the big players and get acquired before their lack of long-term planning bites them. They don't want to make it hire for the big guys to acquire all the little guys, because that's their entire plan (at least, that's my experience working at a start-up that got bought by a middle-tier player, that, in turn, got bought by a tech giant).

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fxkcd.com%2F810%2F

I worked at Intel in 2016. I luckily walked away before the big layoff, but I know several people who remained. When they blanket offer everyone over a certain age a lump sum of money in order to "retire early" (the sum wasn't nearly enough to allow someone to retire early, unless they were already planning to retire in the coming months), you really can't claim that age was merely a circumstantial correlation. After the chips fell with who did/didn't accept the "retirement package", THEN they commenced laying off the rest of the workers. Not sure if the EEOC is considering those people to be part of the layoff, or if those numbers only represent the involuntary ones.