Domain: keithdevens.com
Stories and comments across the archive that link to keithdevens.com.
Comments · 7
-
Re:The Market Speaks!
And I object to your claim that Keith Devens' is a finer mind than yours or mine. His "rebuttal" is laughable at best. I'm sure you and I could debate for 10 minutes and come up with 20 rebuttals to the problem of evil that are more sound than his idiocy.
-
Re:The Market Speaks!
Yes, those phenomena -- "causality, chaos, and random interactions" -- are often used as arguments against the existence of God; but they are insufficient to disprove it, and depending on how one looks at them, can be viewed equally easily as manifestations of God's will.
GP prefaced his statement with "I believe", not "I have proved". Faith is the decision to believe. GP has decided to believe that God directs such phenomena; you have (I'm guessing) not decided to believe so. But either decision is a judgment call. GP is not trying to convince you. Please accord him, and others like him (like myself), the same courtesy.
Your other point -- the argument from evil -- is one that is hotly debated, and decidedly troubling. But counter-arguments have been made by finer minds than mine, if you're really interested in the question. -
Re:A point of clarification
One, is the Eiffel Tower objectively verifiable (such that you have evidence of its existence?)
No.
I have seen pictures; they might be fake.
My mother claims to have visted it; she might be lying.
I can visit it myself; I might be inside a matrix or holodeck that is showing me something that does not exist.
When I came back from visiting it, I would not know if the memory I possess of visiting it was real or implanted.
So no, if you do not assume things, you cannot objectively verify the existence of the Eiffel Tower. You cannot even objectively verify that it's possible to experience sensory input that correlates with descriptions of the Eiffel Tower, or rather, you can, it's just that every second of your life after verification, you are assuming the fidelity of your memory.
Two, did not Jesus exist (such that no evidence is obtainable?)
This is much easier to prove. I am not Jesus, I exist. Not Jesus (or, if you prefer NotJesus or !Jesus) exists.
Okay, I'm kidding. But the double negative has me confused enough to not understand your question.
There is only one thing that you can definitively say without assuming anything, and that is that such a thing as a thought exists. Even "cogito ergo sum" - "I think therefore I am" is assumptive, since it assumes that there is an entity ("I") that is experiencing the thought.
This does not mean that assumptions underpinning religious faith are the same as the assumptions underpinning science.
Science assumes the bare necessity to make sense of the world - reasonably accurate - although imperfect - fidelity of thought, senses and the laws of nature. Typically, scientists also assume that the rest of the world isn't out to deceive them, but this isn't strictly necessary for the scientific method to work if you are willing to work from base principles and verify everything you read independently.
Religious faith, on the other hand, assumes reasonably accurate - although imperfect - fidelity of thought and senses, and that what is said in some book about a magical being is also accurate.
Maybe it's just me being "corrupted by Satan", but I think that assuming that a physical phenomenon that has worked in the same way over and over since as long as I can remember will continue to do so is far saner than believing in what a book says.
Funnily enough, I'm having a similar discussion with somebody here. Apparently somebody believes that atheist assumptions are stupid but religious ones are not.
-
Lessons to be learnt?
Looking at the source code to XML-RPC library in question, to me it's raises some disturbing questions.
From a design perspective, it's really bizarre the way they've chosen to use eval() in the first place.
For a given XML-RPC request or response, they parse the XML then generate PHP code on the fly, which later get's eval'ed. Aside from the fact that using eval() should trigger all sorts of security alerts in a developers head, especially when you're building a library for hooking up remote systems, there's no need to use eval() in the first place.
You can convert data types directly from XML into a PHP data structure then make use of things like call_user_func_array() to execute a callback function as needed. This approach is taken by The Incutio XML-RPC Library for PHP, for example, and there are others to chose from.
Two further things that are disturbing about this exploit.
First looking at the diff which patched the exploit here, all that's basically changed is replacing a single quote with a double quote. That may prevent this specific exploit but the use of eval() is still there and I'm not see any further stringent checks that the incoming input is valid / safe etc. Would not be surprised if there are other ways to "inject" code here.
Second and perhaps most disturbing is the source for this library has a long history going back to Usefulinc and Edd Dumbill. Believe this and the Perl Frontier-RPC libraries were the first two Open Source XML-RPC projects released and in many ways reference implementations in a manner that parallels Apache being a reference implementation for HTTP.
This exploint has taken a very long time to spot. Looking at the main projects CVS here, with the very first revision 1.1, back in "Mon Aug 27 19:21:25 2001 UTC" (and the code is older than that going back to 1999 I believe), it looks like this specific exploit was possible then.
These days Usefulinc are doing things Gnome related - i.e. you'd assume they are real developers not PHP script kiddies. The original developer, Edd Dumbill, is no fool. In Edd's defence, believe he began development before PHP 4.0.4, somewhere with PHP 3.x, which means things like call_user_func_array() was not available and perhaps eval() was required but that should have been revised by the current maintainers of the project as PHP matured.
What's more alot of people have used this code and (hopefully) it's also had alot of experienced eyes looking at it. Those who ported it to PEAR, for example, are not beginners.
But only now, six year laters, was the exploit found. Seems like not a proud moment for Open Source.
-
Re:These names are all retarded
-
Re:In other words...
Well, I better get in a few more games of Top Spin, or Crimson Skies, before everyone else wises up to this.
It is far, far better to play the same computer AI over and over again. So I can learn every nuance of 'okay, there will be a guy over here, and if I throw a grenade right THERE I will kill him.'
Or better yet, I will devote myself to playing single player, so I can be like that guy who can beat Mario Brothers in like 8 minutes.
Mario Bros. Movies
Playing against humans on-line is just stupid! Why would I want to play a game against something as unpredictable as a people? -
Re:Explain a lot but...
Well put. I make similar points here.
It's amazing to me how much this news release dwelled on "answering the creationists" rather than detailing their scientific discovery.