I mean seriously, these "lawyers" thinks compiling your program "infects" it with the GPL?
Actually it's not that simple. If GCC were covered entirely by the standard GPL, and if you were to distribute binaries compiled by it, then it might do exactly that. The reason why it doesn't is because of something called the GCC Runtime Library Exception (https://www.gnu.org/licenses/gcc-exception-3.1.en.html).
Buying Nokia was a huge mistake although at the time Microsoft probably figured a big cell phone company like Nokia was a big advantage to pushing Windows mobile.
At the time a large majority of Windows Phone sales came from Nokia, but Nokia was incurring large losses as a result of this and it is doubtful as to whether they could have continued for much longer. Market share for Windows Phone was languishing around the 3% mark, which wasn't good, but at least kept Microsoft in the fight. Buying the smartphone division of Nokia was arguably just delaying the inevitable, but if Microsoft had not done that then Windows Phone would have failed sooner, more abruptly, and much more visibly.
Resonance: a force at a particular frequency that causes increased motion.
This: a powerful force caused increased motion.
By that definition you would have to say that Helmholz resonance is not a form of resonance.
As others have said, it all depends on what you define as the forcing function. The wind was applying a periodic force to the bridge due to the varying profile that it presented to the wind. It would not have been periodic in the absence of the bridge, but that's irrelevant because then there would have been no force at all (no area to act on).
That is a gross oversimplification. Receiving a dose of 200uSv via exposure to something like x-rays is very different to being exposed to 200uSv that includes particulate matter that will accumulate inside the body. The former is a one time "hit", the latter is much more likely to lead to cancer because the material can sit inside the body slowly damaging DNA.
If you believe in the linear no-threshold model then it makes no difference whether the dose is received in a single hit or an extended time period.
Those who doubt LNT usually suspect a dose-response curve that goes in the opposite direction to what you are suggesting.
Particulate exposure could conceivably be worse for you due to the exposure being localised to one part of the body, but that has nothing to do with the timescale over which the dose is spread.
Sadly that XKCD chart and nonsense like the "banana equivalent dose" have spread a lot of misinformation about this.
The main issue with the concept of a "banana equivalent dose" is homeostasis of potassium levels, which again has nothing to do with any of the points above.
The headline is sufficient for those who do not understand how the power grid works, and anyone who knows how the power grid works would not be misled by the headline.
I disagree.
Even though my bill says "100% wind" on it, and somewhere out there are windmill(s) generating as much electricity as my home consumes, the actual power consumed in my house might just as easily come from the coal plants up the highway. It's all on the same grid.
Fair enough: electricity is fungible, and it doesn't matter what powers what (if it is even possible to tell).
If you understand that, then it's obvious that "Power Every US Home With Renewables" means "Generate As Much Renewable Energy As All Homes Consume". What appears on the bills of those homeowners is irrelevant.
If you had said enough/power/ for all homes then I'd agree there too, but that is much more difficult than generating enough energy, because you have to deliver it reliably and match the demand curve. By only counting the energy you are saying two things:
1. That the non-domestic part of the grid will reserve enough spare capacity to cover any shortfall from renewables.
2. That you can dump an unlimited amount of energy onto the non-domestic part of the grid and still count it towards your target, even if it isn't actually needed at the time.
I'm not saying that increasing renewable capacity in this way is a bad thing - it depends on the details, and in any event I'm not from the US so won't have to pay for it. The claimed outcome sounds overstated though.
Why can I say you're wrong? Because people have been saying that for 20 years, it hasn't happened, it won't happen, it isn't even remotely close to happening.
I can remember much the same being said about Internet Explorer, which went from well over 90% usage share to more like 20% over the last 10-15 years (with much of the decline happening before mobile became an important factor).
An entrenched monopoly can be difficult to dislodge, but that doesn't mean it will last forever. Microsoft has also lost a lot of ground that would have protected Windows had it held onto them - control of the web browser and wordprocessor being the two main ones.
(Imagine if every website used ActiveX - that would be a problem for competitors. There are plenty of market niches were similar problems still exist, but for mainstream users I don't see any insurmountable barriers to migration now.)
Now it may very well be that what replaces the Windows desktop isn't called Linux. It might not even be Linux-based, or run on what we would currently recognise as a desktop PC. (The most effective challengers so far have been Android and IOS, which satisfy two and three of these conditions respectively.) Microsoft could also stay there longer by upping their game. Nothing lasts forever, though.
And yet if I look at StatCounter's map function, showing the leading browser in each country Chrome leads in most of the world. IE only leads in Japan, South Korea, Swaziland (pop. 1.1mio), Greenland (pop. 55000) and Antarctica (5000 visitors). Firefox has a few strongholds like Germany, Indonesia, Myanmar, Bangladesh, Iran and a bunch of countries in Africa, but the only place IE is ahead of Chrome in second place is Iran (pop. 78mio). With Chrome winning on walkover in Europe, South America, North America, Africa and Oceania and taking massive wins in China, India and Russia I don't see how any possible weighting of StatCounter's numbers would put IE on top.
You're right that the country weightings don't account for the difference by themselves, but there is also the difference between counting users versus pageviews, and it would be unsurprising if there were differences between the types of websites sampled by the two companies.
Correction: it seems that Net Applications do count unique users per site, and it is per day not per month, so most of the discrepancy must be due to a different mechanism from the one I described above. Apologies for the belated fact checking.
The figures do count users rather than traffic, and while they claim to weight by traffic, the data source they appear to be referring to is stated in terms of users. If that is so then it would remain the case that they are counting traffic which is not real: users presumed to be online for more days per month than they are, and to visit more websites than they do. That is less likely to result in a very large discrepancy, but could very well be enough to account for the difference between Net Applications and other published figures.
It isn't just their correction algorithms, it is the whole basis of what they are trying to measure. Consider this.
I probably use IE once or twice a month, but Firefox and Chrome several thousand times in the same period. So far as Net Applications are concerned that counts as one user for each of the three browsers. Meanwhile, over in the Duchy of Grand Fenwick you might have a user who doesn't bother installing Firefox or Chrome because he uses the Internet so little, but who probably counts as several users for IE once the statistics are corrected[1].
The result is that IE could dwindle to a negligible fraction of total web traffic and Net Applications might still show them ahead in terms of users - even if their correction factors were spot on (which I doubt). I'm sure they're doing their best in their own terms, but it's difficult to see what the figures they are producing are useful for. The StatCounter sample may be biased, but at least their results bear some resemblance to the traffic that a web site is actually likely to receive.
[1] No offence intended to readers from the Duchy of Grand Fenwick.
Now that happened, and we add the previous corpus of English-speaking people, I think its reached a critical mass to make it a de-facto standard (like how Windows and not anything really good is our most common OS
Er, you do realise that it is several years since Windows was the most common OS (longer if you include embedded systems). It's a great example of the network effect at work, but shows how it can both give and take away.
Yes, but the ultimate goal is communication, and to that end some change is useful, some is harmful - and almost any change will have the effect of making older texts less readable.
Think of descriptivists as scientists and prescriptivists as engineers (albeit, it must be said, not always very good ones). I think there is a role for both.
Any difference looks a lot smaller than the markup I've ended up paying for things like going through an energy co-op instead of straight from the generating company.
[...] We do need to talk about cost but we need to talk about ALL the costs not just the operating costs but all the externalized costs as well.
Not just the costs, but also whether the energy is dispatchable.
Power sources which can be turned on and off at short notice - such as gas and hydro - are economically more valuable than ones which can't - such as coal and nuclear. (Some nuclear plants can be ramped up and down, but the capital costs are so high and the fuel costs so low that it doesn't win you much.)
Any of the above are considerably more valuable than sources which are both non-dispatchable and intermittent, such as wind and solar. (How much more valuable depends on factors such as the shape of the demand curve, and how much of the rest of your capacity is gas and/or hydro. Intermittent sources can work quite well in some locations, others not so much.)
Background levels are around 1 mS/year. So why advocate thresholds more than two orders of magnitude lower than what people normally get in a year? I just don't think science has much to do with your choice of thresholds.
This is a fallacy. The threshold should be set on the estimated benefits of a higher threshold vs the estimated harm from the additional radiation. The background radiation has nothing to with it.
It would be a fallacy if background levels were fixed and unavoidable. They're not. So long as people are allowed to and choose to travel by air, and live in areas with above-average background radiation, it is reasonable to argue that nuclear power should be held to a similar standard.
(Granted that medical imaging is different because you would normally be doing it for a good medical reason.)
Nuclear plants don't emit an even level of radiation in all directions. They emit radioactive particles that then move around on the wind, in the soil and in the water. These particles can accumulate, so the level needs to be kept very low so that they can keep dispersing.
0.25 mSv is a measure of the dose received, not the radioactivity emitted. A given amount of radioactivity inside your body will result in a larger dose than the same amount outside, so the effects you describe should already have been allowed for.
Besides, if you believe in the LNT model (which current standards are based on) then it makes little difference whether you give 0.25 mSv/yr to ten people or 2.5 mSv/yr to one person (both being well below the level at which acute effects become significant). Bioaccumulation is an issue, but merely having an uneven distribution should not be.
Relaxing the rules may in theory be safe. The problem is that if you give people an inch they will take a mile. We knew that in the 1970s, but despite Fukushima the EPA seems to have forgotten it now.
Bear in mind that the safety precautions needed to prevent very low level emissions are different to those needed to prevent catastrophic meltdowns. Focussing attention and resources on the former rather than the latter isn't necessarily in the best interests of safety.
I've always been curious about this. Why can't we put all the waste on a rocket and send it to the Moon?. It shouldn't be that hard and would be cheaper than leaving it on Earth to cause future issues.
The main reason is that burial is fairly safe whereas rockets are not.
In any event, this only protects against internal incompetence rather than external malice, so is not a necessary part of running a secure system.
You forgot to mention internal malice.
Let's put my comment back into context. I was talking about forgetting to bind a private network service to the loopback interface. That would normally be done by an administrator. If an administrator is acting maliciously then you have fairly serious problems with or without a local firewall. In fact, this is a pretty good demonstration of my point that if you are going to use a firewall to protect against that kind of threat then the firewall wants to be on a different box (eg. a router or dedicated firewall), not the one that you are expecting to be compromised.
To be clear: I'm not saying that firewalls should never be used on Linux-based hosts (that would be ridiculous), only that they are not a necessary part of running Linux securely in the way that they are for Windows.
That's fine as long as you are sure there are no bugs in the services you run and the TCP/IP stack, and you keep them all up to date, and you don't mind kiddies hammering on your door 24/7 trying to guess your passwords.
If you need a service to be publicly accessible then you will need to configure the firewall accordingly, in which case it typically provides no protection if the service is exploitable.
If the service doesn't need to be publicly accessible then either turn it off or bind it to the loopback interface. Why add extra software to protect against a vulnerability that you could have avoided creating in the first place? Note that operating systems that take security seriously do not install public-facing network services unless you ask them to.
Firewalls certainly have their uses, but they aren't a necessity on non-Windows machines in the way that they are for Windows.
Firewalls are about keeping things in as well as out. One of the reasons that there are so many problems on corporate networks is that there's often times no firewalls once you get to the LAN. I remember when I was in college the set up in the dorms was dire. People would be sharing things read and write and you'd wind up will all sorts of nasty things on the network, and then there was the malware.
Yes, but I presume you are talking about Windows machines which run an SMB/CIFS server out of the box. Most GNU/Linux distributions rightly don't do that. Typically if you want to run Samba, or an FTP server, or an HTTP server on the default port then you need to be root to do that. Once you are root then you can also poke a hole in the firewall.
Granted you can run servers on high-numbered ports, but within a LAN all that does is allow two machines that had already been compromised to communicate with each other. For communication with the outside world I prefer to detect and/or block that at the boundary router (otherwise all it takes is a local root exploit to disable the firewall).
The same applies to outbound connections, although in a world where so many programs need network access that is arguably a lost cause for general-purpose workstations. In any event, a firewall isn't the right tool for controlling the capabilities of individual programs: you really need something like SELinux or AppArmor to do that effectively.
For machines which are not routers the comment is just as valid now as it was then. If you use a GNU/Linux distribution that takes security seriously then it will not install any externally-visible network services by default. The attack surface in that condition is small enough that installing a firewall won't help much, and might even make matters worse. If you deliberately install any public-facing network services then you need to add matching firewall rules, so again no benefit.
A firewall does help if you install a private network service and forget to bind it to the loopback interface (unless you have one of those systems which automatically install a firewall rule alongside the network service, which totally defeats the purpose of having a firewall). In any event, this only protects against internal incompetence rather than external malice, so is not a necessary part of running a secure system.
Firewalls are useful on routers, and on servers where you want very specific control of what can be accessed from where (such as a DBMS that is only accessible from a single client machine), but for typical Linux-based hosts they add little.
They should ask the Commedy Channel. They would be great between Family Guy and Tosh.0
Already been done as it happens: Family Guy had a clip from an 'edited' version of Cosmos in which the Earth was explained to be 'hundreds and hundreds of years old'.
In other words, it's just the way people are. It affects all aspects of society including CS. If there's one black mark I'd give CS about this, it's that it tends to have a greater percentage of socially mal-adjusted people, and so tends to hang on to this sense of superiority more than other cultural blocks. Most regular people eventually figure out that it's not really important whether the football team is better than the basketball team, or whether you bought a Toyota or a Ford. But people in CS tend to defend and promote their preferred systems with almost religious fervor well into adulthood. This can be very off-putting to regular people thinking of getting into CS.
When they become adults, regular people often move on to zealous advocacy of their preferred political system, nationality, or religious denomination. This often descends into violence, sometimes over seemingly trivial differences between the two parties. Personally I find that very off-putting: give me Debian vs. Ubuntu any day.
This isn't a zero sum exercise: by flattening the peak you are lowering the underlying cost of generating the electricity -- because you can use more efficient methods -- which in a competetive market should reduce the average price.
(Obviously in an uncompetetive market all bets are off.)
Slashdot Mirror
For remote use, there is not a lot of difference between biometrics and passwords, except that:
-- you can't change the biometrics if they are compromised
-- there is little scope for using different credentials for different sites
Can't see any advantages to them, and I really don't want to be authenticating to my bank with the same credentials I use for Slashdot.
I mean seriously, these "lawyers" thinks compiling your program "infects" it with the GPL?
Actually it's not that simple. If GCC were covered entirely by the standard GPL, and if you were to distribute binaries compiled by it, then it might do exactly that. The reason why it doesn't is because of something called the GCC Runtime Library Exception (https://www.gnu.org/licenses/gcc-exception-3.1.en.html).
Buying Nokia was a huge mistake although at the time Microsoft probably figured a big cell phone company like Nokia was a big advantage to pushing Windows mobile.
At the time a large majority of Windows Phone sales came from Nokia, but Nokia was incurring large losses as a result of this and it is doubtful as to whether they could have continued for much longer. Market share for Windows Phone was languishing around the 3% mark, which wasn't good, but at least kept Microsoft in the fight. Buying the smartphone division of Nokia was arguably just delaying the inevitable, but if Microsoft had not done that then Windows Phone would have failed sooner, more abruptly, and much more visibly.
There's a difference:
Resonance: a force at a particular frequency that causes increased motion.
This: a powerful force caused increased motion.
By that definition you would have to say that Helmholz resonance is not a form of resonance.
As others have said, it all depends on what you define as the forcing function. The wind was applying a periodic force to the bridge due to the varying profile that it presented to the wind. It would not have been periodic in the absence of the bridge, but that's irrelevant because then there would have been no force at all (no area to act on).
That is a gross oversimplification. Receiving a dose of 200uSv via exposure to something like x-rays is very different to being exposed to 200uSv that includes particulate matter that will accumulate inside the body. The former is a one time "hit", the latter is much more likely to lead to cancer because the material can sit inside the body slowly damaging DNA.
If you believe in the linear no-threshold model then it makes no difference whether the dose is received in a single hit or an extended time period.
Those who doubt LNT usually suspect a dose-response curve that goes in the opposite direction to what you are suggesting.
Particulate exposure could conceivably be worse for you due to the exposure being localised to one part of the body, but that has nothing to do with the timescale over which the dose is spread.
Sadly that XKCD chart and nonsense like the "banana equivalent dose" have spread a lot of misinformation about this.
The main issue with the concept of a "banana equivalent dose" is homeostasis of potassium levels, which again has nothing to do with any of the points above.
The headline is sufficient for those who do not understand how the power grid works, and anyone who knows how the power grid works would not be misled by the headline.
I disagree.
Even though my bill says "100% wind" on it, and somewhere out there are windmill(s) generating as much electricity as my home consumes, the actual power consumed in my house might just as easily come from the coal plants up the highway. It's all on the same grid.
Fair enough: electricity is fungible, and it doesn't matter what powers what (if it is even possible to tell).
If you understand that, then it's obvious that "Power Every US Home With Renewables" means "Generate As Much Renewable Energy As All Homes Consume". What appears on the bills of those homeowners is irrelevant.
If you had said enough /power/ for all homes then I'd agree there too, but that is much more difficult than generating enough energy, because you have to deliver it reliably and match the demand curve. By only counting the energy you are saying two things:
1. That the non-domestic part of the grid will reserve enough spare capacity to cover any shortfall from renewables.
2. That you can dump an unlimited amount of energy onto the non-domestic part of the grid and still count it towards your target, even if it isn't actually needed at the time.
I'm not saying that increasing renewable capacity in this way is a bad thing - it depends on the details, and in any event I'm not from the US so won't have to pay for it. The claimed outcome sounds overstated though.
Why can I say you're wrong? Because people have been saying that for 20 years, it hasn't happened, it won't happen, it isn't even remotely close to happening.
I can remember much the same being said about Internet Explorer, which went from well over 90% usage share to more like 20% over the last 10-15 years (with much of the decline happening before mobile became an important factor).
An entrenched monopoly can be difficult to dislodge, but that doesn't mean it will last forever. Microsoft has also lost a lot of ground that would have protected Windows had it held onto them - control of the web browser and wordprocessor being the two main ones.
(Imagine if every website used ActiveX - that would be a problem for competitors. There are plenty of market niches were similar problems still exist, but for mainstream users I don't see any insurmountable barriers to migration now.)
Now it may very well be that what replaces the Windows desktop isn't called Linux. It might not even be Linux-based, or run on what we would currently recognise as a desktop PC. (The most effective challengers so far have been Android and IOS, which satisfy two and three of these conditions respectively.) Microsoft could also stay there longer by upping their game. Nothing lasts forever, though.
Fermions => cats
Bosons => cows
(Bosons can be herded into the same quantum state, fermions cannot on account of the Pauli exclusion principle.)
And yet if I look at StatCounter's map function, showing the leading browser in each country Chrome leads in most of the world. IE only leads in Japan, South Korea, Swaziland (pop. 1.1mio), Greenland (pop. 55000) and Antarctica (5000 visitors). Firefox has a few strongholds like Germany, Indonesia, Myanmar, Bangladesh, Iran and a bunch of countries in Africa, but the only place IE is ahead of Chrome in second place is Iran (pop. 78mio). With Chrome winning on walkover in Europe, South America, North America, Africa and Oceania and taking massive wins in China, India and Russia I don't see how any possible weighting of StatCounter's numbers would put IE on top.
You're right that the country weightings don't account for the difference by themselves, but there is also the difference between counting users versus pageviews, and it would be unsurprising if there were differences between the types of websites sampled by the two companies.
Correction: it seems that Net Applications do count unique users per site, and it is per day not per month, so most of the discrepancy must be due to a different mechanism from the one I described above. Apologies for the belated fact checking.
The figures do count users rather than traffic, and while they claim to weight by traffic, the data source they appear to be referring to is stated in terms of users. If that is so then it would remain the case that they are counting traffic which is not real: users presumed to be online for more days per month than they are, and to visit more websites than they do. That is less likely to result in a very large discrepancy, but could very well be enough to account for the difference between Net Applications and other published figures.
It isn't just their correction algorithms, it is the whole basis of what they are trying to measure. Consider this.
I probably use IE once or twice a month, but Firefox and Chrome several thousand times in the same period. So far as Net Applications are concerned that counts as one user for each of the three browsers. Meanwhile, over in the Duchy of Grand Fenwick you might have a user who doesn't bother installing Firefox or Chrome because he uses the Internet so little, but who probably counts as several users for IE once the statistics are corrected[1].
The result is that IE could dwindle to a negligible fraction of total web traffic and Net Applications might still show them ahead in terms of users - even if their correction factors were spot on (which I doubt). I'm sure they're doing their best in their own terms, but it's difficult to see what the figures they are producing are useful for. The StatCounter sample may be biased, but at least their results bear some resemblance to the traffic that a web site is actually likely to receive.
[1] No offence intended to readers from the Duchy of Grand Fenwick.
Now that happened, and we add the previous corpus of English-speaking people, I think its reached a critical mass to make it a de-facto standard (like how Windows and not anything really good is our most common OS
Er, you do realise that it is several years since Windows was the most common OS (longer if you include embedded systems). It's a great example of the network effect at work, but shows how it can both give and take away.
Yes, but the ultimate goal is communication, and to that end some change is useful, some is harmful - and almost any change will have the effect of making older texts less readable.
Think of descriptivists as scientists and prescriptivists as engineers (albeit, it must be said, not always very good ones). I think there is a role for both.
eh.
Any difference looks a lot smaller than the markup I've ended up paying for things like going through an energy co-op instead of straight from the generating company.
[...] We do need to talk about cost but we need to talk about ALL the costs not just the operating costs but all the externalized costs as well.
Not just the costs, but also whether the energy is dispatchable.
Power sources which can be turned on and off at short notice - such as gas and hydro - are economically more valuable than ones which can't - such as coal and nuclear. (Some nuclear plants can be ramped up and down, but the capital costs are so high and the fuel costs so low that it doesn't win you much.)
Any of the above are considerably more valuable than sources which are both non-dispatchable and intermittent, such as wind and solar. (How much more valuable depends on factors such as the shape of the demand curve, and how much of the rest of your capacity is gas and/or hydro. Intermittent sources can work quite well in some locations, others not so much.)
Background levels are around 1 mS/year. So why advocate thresholds more than two orders of magnitude lower than what people normally get in a year? I just don't think science has much to do with your choice of thresholds.
This is a fallacy. The threshold should be set on the estimated benefits of a higher threshold vs the estimated harm from the additional radiation. The background radiation has nothing to with it.
It would be a fallacy if background levels were fixed and unavoidable. They're not. So long as people are allowed to and choose to travel by air, and live in areas with above-average background radiation, it is reasonable to argue that nuclear power should be held to a similar standard.
(Granted that medical imaging is different because you would normally be doing it for a good medical reason.)
Nuclear plants don't emit an even level of radiation in all directions. They emit radioactive particles that then move around on the wind, in the soil and in the water. These particles can accumulate, so the level needs to be kept very low so that they can keep dispersing.
0.25 mSv is a measure of the dose received, not the radioactivity emitted. A given amount of radioactivity inside your body will result in a larger dose than the same amount outside, so the effects you describe should already have been allowed for.
Besides, if you believe in the LNT model (which current standards are based on) then it makes little difference whether you give 0.25 mSv/yr to ten people or 2.5 mSv/yr to one person (both being well below the level at which acute effects become significant). Bioaccumulation is an issue, but merely having an uneven distribution should not be.
Relaxing the rules may in theory be safe. The problem is that if you give people an inch they will take a mile. We knew that in the 1970s, but despite Fukushima the EPA seems to have forgotten it now.
Bear in mind that the safety precautions needed to prevent very low level emissions are different to those needed to prevent catastrophic meltdowns. Focussing attention and resources on the former rather than the latter isn't necessarily in the best interests of safety.
I never understood why a couple of GNU command line tools made it worth calling the OS GNU/Linux.
I'm told that they contributed a few libraries too, but with cryptic names like glibc they surely can't be that important.
I've always been curious about this. Why can't we put all the waste on a rocket and send it to the Moon?. It shouldn't be that hard and would be cheaper than leaving it on Earth to cause future issues.
The main reason is that burial is fairly safe whereas rockets are not.
In any event, this only protects against internal incompetence rather than external malice, so is not a necessary part of running a secure system.
You forgot to mention internal malice.
Let's put my comment back into context. I was talking about forgetting to bind a private network service to the loopback interface. That would normally be done by an administrator. If an administrator is acting maliciously then you have fairly serious problems with or without a local firewall. In fact, this is a pretty good demonstration of my point that if you are going to use a firewall to protect against that kind of threat then the firewall wants to be on a different box (eg. a router or dedicated firewall), not the one that you are expecting to be compromised.
To be clear: I'm not saying that firewalls should never be used on Linux-based hosts (that would be ridiculous), only that they are not a necessary part of running Linux securely in the way that they are for Windows.
That's fine as long as you are sure there are no bugs in the services you run and the TCP/IP stack, and you keep them all up to date, and you don't mind kiddies hammering on your door 24/7 trying to guess your passwords.
If you need a service to be publicly accessible then you will need to configure the firewall accordingly, in which case it typically provides no protection if the service is exploitable.
If the service doesn't need to be publicly accessible then either turn it off or bind it to the loopback interface. Why add extra software to protect against a vulnerability that you could have avoided creating in the first place? Note that operating systems that take security seriously do not install public-facing network services unless you ask them to.
Firewalls certainly have their uses, but they aren't a necessity on non-Windows machines in the way that they are for Windows.
Firewalls are about keeping things in as well as out. One of the reasons that there are so many problems on corporate networks is that there's often times no firewalls once you get to the LAN. I remember when I was in college the set up in the dorms was dire. People would be sharing things read and write and you'd wind up will all sorts of nasty things on the network, and then there was the malware.
Yes, but I presume you are talking about Windows machines which run an SMB/CIFS server out of the box. Most GNU/Linux distributions rightly don't do that. Typically if you want to run Samba, or an FTP server, or an HTTP server on the default port then you need to be root to do that. Once you are root then you can also poke a hole in the firewall.
Granted you can run servers on high-numbered ports, but within a LAN all that does is allow two machines that had already been compromised to communicate with each other. For communication with the outside world I prefer to detect and/or block that at the boundary router (otherwise all it takes is a local root exploit to disable the firewall).
The same applies to outbound connections, although in a world where so many programs need network access that is arguably a lost cause for general-purpose workstations. In any event, a firewall isn't the right tool for controlling the capabilities of individual programs: you really need something like SELinux or AppArmor to do that effectively.
1997 called and wants its comment back...
For machines which are not routers the comment is just as valid now as it was then. If you use a GNU/Linux distribution that takes security seriously then it will not install any externally-visible network services by default. The attack surface in that condition is small enough that installing a firewall won't help much, and might even make matters worse. If you deliberately install any public-facing network services then you need to add matching firewall rules, so again no benefit.
A firewall does help if you install a private network service and forget to bind it to the loopback interface (unless you have one of those systems which automatically install a firewall rule alongside the network service, which totally defeats the purpose of having a firewall). In any event, this only protects against internal incompetence rather than external malice, so is not a necessary part of running a secure system.
Firewalls are useful on routers, and on servers where you want very specific control of what can be accessed from where (such as a DBMS that is only accessible from a single client machine), but for typical Linux-based hosts they add little.
They should ask the Commedy Channel. They would be great between Family Guy and Tosh.0
Already been done as it happens: Family Guy had a clip from an 'edited' version of Cosmos in which the Earth was explained to be 'hundreds and hundreds of years old'.
In other words, it's just the way people are. It affects all aspects of society including CS. If there's one black mark I'd give CS about this, it's that it tends to have a greater percentage of socially mal-adjusted people, and so tends to hang on to this sense of superiority more than other cultural blocks. Most regular people eventually figure out that it's not really important whether the football team is better than the basketball team, or whether you bought a Toyota or a Ford. But people in CS tend to defend and promote their preferred systems with almost religious fervor well into adulthood. This can be very off-putting to regular people thinking of getting into CS.
When they become adults, regular people often move on to zealous advocacy of their preferred political system, nationality, or religious denomination. This often descends into violence, sometimes over seemingly trivial differences between the two parties. Personally I find that very off-putting: give me Debian vs. Ubuntu any day.
This isn't a zero sum exercise: by flattening the peak you are lowering the underlying cost of generating the electricity -- because you can use more efficient methods -- which in a competetive market should reduce the average price.
(Obviously in an uncompetetive market all bets are off.)