On Sunday 25 June 2006 10:54 pm, Stewart Stremler wrote:
> begin quoting boblq as of Sun, Jun 25, 2006 at 09:59:26PM -0700:
> > Here is an app that demands javascript.
> > http://www.zillow.com/
>
> Eh. A good tool for generating buyer's remorse...
Heh, or if you bought in 1996 a smug grin.
[snip]
> > Using a REST architecture with AJAX to build a responsive front end
> > has some real legs. The vast majority of people are going to like apps
> > like zillow.com and so the security people will just have to catch up.
>
> That sort of attitude doesn't deserve security. I _don't_ want the
> security guys catching up: if people are willing to abandon security,
> well, that's their choice. Let 'em live with their choices.
They will. That is my point. And other security people will
catch up. The world goes on willy nilly and it cares little for
the opinions of BobLQ or Stewart Stremler.
> I object to people telling me I must abandon my standards to accomodate
> their sloppiness. I don't do business with companies that _require_
> javascript -- because it's not their place to make that decision for
> me, and I object when they do so.
You can drive a Model T. Nobody forces you to go to zillow.com.
But if you do in order for it to be of use you will have to enable
javascript. It is a little like realizing that English has great economic
value in the USA. You can go there and speak only Spanish but you
will pay a price for that choice.
> Nor do I recommend 'em if someone is looking for something, and I
> know they have it. Why should I? It's wrong to recommend a business
> that you won't do business with yourself.
Right you can do that. So what? For every SS I assert there are at
least 100 unwashed naifs who will say "Kool!!!" or whatever such
folks say these days :) I suppose I should ask my son.
Of course these Javascript users will pay a price, but the vast
majority of them will not even know it and will not care. You on
the otherhand are almost paralyzed in this arena by your superior
knowledge.
Recently I read "Thucydides reminds us 'the stupid
come off best in intrigue." He uses the word intrigue
repeatedly in The History of the Peloponnesian War
in a very broad sense to describe the complex encounters
between the various factions who were party to those
wars ... "these individuals succeed because they fear
being outwitted by more reflective people, so they
do not hesitate to strike suddenly and sharply. Thought
and unfettered discussion help, but only so much."
Bend these thoughts a little and they apply to the security
issues that have you paralyzed.
> (And I'm astonished when a business makes it difficult for me to give
> them money. Obviously, I don't understand modern commerce. Piss off
> your customers, insult them, treat 'em as thieves, and then sue them.
> Maybe most people are dysfunctional and like being treated like crap?)
Piss off an irrelevant elite and it does not matter. What is it about
your irrelevance that you do not understand?
[snip random ravings as SS loses it, were I feeling cruel I would
say, again ... ;{]
>What's that you say? Ah, yes... so it goes.
Indeed, so it shall go,
BobLQ
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
