The hidden problem many password managers gloss over is how unbelievably insecure the Windows copy-n-paste is in Windows for decades.
IIRC (corrections welcome) Windows's window manager broadcasts the contents of the "copy" operation to any application that requests to receive the ? WM_CLIPBOARDUPDATE event... so any windows malware or even legit application with legal fineprint basically gets a plaintext message with the contents even before the "paste" occurs. All running apps are trusted.
Not to mention newer Microsoft conveniences like logging your clipboard history to your disk so it doesn't go away when your computer reboots, and/or syncing it to the cloud.
I have a related question, is anyone developing standards on how agents can proxy the requestor identity to backend database or application layers? (short lived oauth tokens perhaps, not long lived credentials like the ShowHN seems to focus on?)
I heard about this feature first from Snowflake but there are similar options around in other ecosystems which may be of interest to someone here and one thing to keep in mind with even Snowflake's implementation...
Snowflake's implementation only works within a single Snowflake account, not cross-account, which implies if you want to clone across dev/qa/prod you must manage those environments within a single Snowflake account.
BigQuery has a very similar "table clone" feature. It works across GCP projects (accounts) but not across organizations.
Redshift and Azure Synapse do not really have this feature at all.
Databricks, Microsoft Fabric and the Iceberg Nessie-only catalog do support something similar, often called shallow cloning.
(Nobody really supports cross-region cloning... which makes sense if you think about it.)
I throw out this observation more to be provactive than persuasive, but I haven't seen it elsewhere..
People before me have observed how Trump's moves all are ego driven, or self serving or serve Putin or Israel or gas companies, and I'm here to add to the mix a different conjecture.
Trump's moves all tend to increase inflation in a plausibly deniable way. Tarrifs, fed-fighting, wars, etc.
And that is a deeply unpopular but elite-viewed necessity for handling America's national debt.
Inflation allows the wealthy class to get away with extending government spending without admitting/pursuing austerity which was political suicide under Carter.
The wealthy shelter in their land and stock portfolios which keep growing unlike cash and also benefit from said spending, while ordinary people pay the extra regressive tax that is inflation. The elite can then turn around and blame the little guy for supporting Trump and their hands are clean.
I always warn people (particularly junior people) though that blindly dropping duplicates is a dangerous habit because it helps you and others in your organization ignore the causes of bad data quickly without getting them fixed at the source. Over time, that breeds a lot of complexity and inefficiency. And it can easily mask flaws in one's own logic or understanding of the data and its properties.
When I'm in pandas (or was, I don't use it anymore) I'm always downstream of some weird data process that ultimately exported to a CSV from a team that I know has very lax standards for data wrangling, or it is just not their core competency. I agree that duplicates are a smell but they happen often in the use-cases that I'm specifically reaching to pandas for.
MS SQL Server was a cheaper, friendlier plugin replacement for Sybase in the early 2000s.
I built apps in an active-active bidirectional replication telecom Sybase environment and was deeply involved in migrating it to MS SQL server in the early 2000s. I remember a fair amount of paranoia and effort around the transition as our entire business and customers' phone calls depended on it (for "reasons") but in hindsight it went quite smoothly and there were no regrets afterwards.
The Microsoft went and added a nice BI stack to the whole thing which added a new dimension of value creation at a new low price point.
You aren't wrong that Vanguard seems more active friendly these days.
But Vanguard under Bogle always played both sides of the fence at least to some extent. They have always had that actively managed Windsor fund, right? And Wellington?
I think your article headline shows you have a fair bit more to learn about Bogle. Or at least you haven't made your case on that front. Bogle was at least as much about low cost and aligning interests of the investment client as he was about passive indexing, though he is known more for the latter.
Not the parent poster but, while I acknowledge your point on Canada and Europe entering the conflict (and I'd add that the highly motivated Dutch punch well above their weight in intelligence and economic spheres and this whole scenario of US invasion is a Putin dream), when you ask "why do you think it could win...", the 50k population of Greenland is smaller than Granada (100k) and three orders of magnitude smaller than Vietnam/Afghanistan/Iraq (~40m). So I find its insurgency potential hard to compare to those examples you give.
IIRC (corrections welcome) Windows's window manager broadcasts the contents of the "copy" operation to any application that requests to receive the ? WM_CLIPBOARDUPDATE event... so any windows malware or even legit application with legal fineprint basically gets a plaintext message with the contents even before the "paste" occurs. All running apps are trusted.
Here's an example blog entry from "grumpy-sec"(?) laying this out (2018): https://share.google/0til1YzbF4xFRY7ls
Not to mention newer Microsoft conveniences like logging your clipboard history to your disk so it doesn't go away when your computer reboots, and/or syncing it to the cloud.
reply