The computer as a whole doesn't have to know you're there or not. The program running the sonar just has to know you weren't there at one point, to trigger the locking.
By the way, if this one program, can figure it out, then any program would've been able to figure it out all along, using the same technique...
This isn't a security issue that would be "patched".. there's just a workaround of not having a mic, or use a headset instead, or physically mute/disconnect your mic when not in use.
Well, actually I think it is a security issue that should be patched. The fact that the hardware and software allows programs to record audio through the microphone without any kind of status indicator (as with the LED featured on some webcams to indicate they're active) is, IMO, a security failure. Not just because of the whole "sonar" thing, but because it allows any program running on your computer to record any conversations you're having within earshot...
I'm not too concerned about this, personally - I haven't removed the mic or blocked access to it in software or anything... I'm just sayin', this could be an issue on par with keyloggers. The only difference is it's a lot easier to automatically process the info from a keylogger.
It's like a coder talking about a bug in a C program. You can say to yourself "Oh, that coder's just causing trouble. There's no real bug" - but that doesn't change the reality that the compiled program will do just what the C instructions tell it to do - nothing more, nothing less.
Programs don't run by coders arguing about them.
Well, it's not a perfect analogy. Note there were no cars involved, either...
Legal documents mean whatever a the last lawyer convincingly pretended they mean as long as that lawyer didn't get get caught by another lawyer.
I'm not sure what you mean here...
Each and every time a legal document is read by a new judge, the interpretation may be different. Every time a hostile lawyer reads the document, he will be looking for new ways to exploit flaws in the document.
To go back to the programming language analogy: it's as if lawyers are programmers who code in an ambiguous language, which runs on hardware which tries to find ways to subvert the intent of the program without contradicting the literal interpretation of its instructions - or find excuses to reject those instructions altogether.
My point with that sentence was that a legal document, once written, may contain flaws. These flaws, if they exist, are there whether or not we choose to acknowledge them. The whole point of the programmer analogy there was just to illustrate the point that flaws are possible, and that it's not productive to ignore them... Sooner or later, the flaw will be exploited.
If only. The vast majority of internet-connected machines don't have the proper software installed to allow them to do their part. As a result, localhost HTTP service is spotty at best and I find I'm unable to access it from most computers.
True... Well, slashdotting localhost at least won't make the service get any worse.:)
Why can't people take responsibilities for themselves, do what is right in terms of copyright, and maybe then we wouldn't have lawyers nit picking us to death. Or as the old joke goes: "What is a thousand lawyers at the bottom of the sea?" Answer: "A good start."
This is the cost of having a set of precisely-defined and (one would hope) consistently enforced laws, as opposed to a set of broadly-defined, easy-to-understand laws, and be completely at the mercy of the (hopefully reasonable) judge to supply the proper interpretation... Defining the laws becomes more complex if you want to remove the ambiguities and minimize the influence of judges' personal feelings into their interpretation of the law and judgments.
I don't like your plan for an undersea colony of lawyers, though. They could probably telecommute or something but I feel like they'd get out of touch with their clients.
These are lawyers talking about a possible flaw in a legal document.
It's like a coder talking about a bug in a C program. You can say to yourself "Oh, that coder's just causing trouble. There's no real bug" - but that doesn't change the reality that the compiled program will do just what the C instructions tell it to do - nothing more, nothing less. (Well, except that a legal document is interpreted more subjectively - if the document is not written very precisely then different readers may interpret it differently... This is why we live in a world of "legalese" - it sounds arcane and needlessly complicated to non-lawyers but that's just because non-lawyers haven't learned the terminology and practice of precisely phrasing a legal document and guarding against the various rules which may be in effect "by default"...)
We have to be realistic about this - there have been some GPL-related court cases in which the GPL was upheld, but there are also issues surrounding the license, as well as how those are likely to play out in actual court cases, which may be unresolved or unfavorable to people who value software freedom. If one hopes to fix the problem, then one has to be realistic about where and what the problem is. We have a certain set of goals when we license something under the GPL - if we want to actually achieve those goals, we have to do our best to make sure the GPL is legally sound.
The problem of what constitutes a derivative work is one that I've heard before... The problem is that what you or I might consider a GPL violation could in fact be a very small piece of GPL code pulled into a very large non-GPL project. It's difficult to call that a "derived work" of the GPL'ed project. It's using GPLed code but the project as a whole may very well not be "derived" in a real sense from that GPLed work. If the project is big and the bit of borrowed GPL code is small, courts may not take the offense seriously. I don't know if this is something that can be solved with a better license, or if the kind of protection the GPL demands is beyond the scope of copyright... Anyway, it seems like a problem. Even if we want to tell people "you can't reuse parts of this code in other projects unless those projects are GPLed, too", we may not be able to rely upon that demand being fully effective...
Finally, it's worth emphasizing that law is not a static thing. It's a set of agreements between people subject to interpretation and alteration by people. Saying "it works and it doesn't need to change" may not be realistic. If people are working to undermine the GPL, then other people must work to reinforce and improve the license, if it is to be viable in the future. Basically, if the GPL matters to you then you need to fight for it.
might be so abhorrent to nature that its creation would ripple backward through time and stop the collider before it could make one, like a time traveler who goes back in time to kill his grandfather."
Been there, did that, and I'm still (POP!)...
Well he wouldn't have bothered to write "(POP!)", he'd have just vanished...
Remember, you don't say port 80 to go to Slashdot. Why not default to the SRV record (then port 80 for backwards-compatibility) unless the user specifies otherwise?
Extra complexity for little gain.
why not get rid of the url altogether and encode it in xml? surely that would clarify the problem of figuring out what website the user wants to go to
Well, it would at least make it very easy to provide a clear-cut place to identify the port number......And don't call me Shirley. (Damn, that joke sucks in text... Can we all move over to a truly phonetic alphabet so I can do the "Shirley" joke online?)
I mean, a triangle with 22.5 square miles in it? How are you gonna fill a triangle with squares? You need triangle miles...
Well, clearly, you take some of the square miles and cut them in half from corner to corner.
That's where the.5 mile comes from.
How are you going to use 22 square miles and one triangle mile to make a triangle? The whole concept is silly. If you had, say, 21 square miles, and eight triangle miles made by cutting square miles in half diagonally, then you could make a right triangle...
But I'm guessing this isn't even a right triangle we're talking about...
This is why I come to slashdot! A technical article with the right units! 5 GW of electricity. Not 100,000 volts of electricity, not 50,000 Amps of electricity, but 5 GW. Now, that's useful!
They got the electrical units right, but I think they messed up on the units of area. I mean, a triangle with 22.5 square miles in it? How are you gonna fill a triangle with squares? You need triangle miles...
Attention terrorists: we have a new target to aim for.
Meh. I think they'd get more mileage out of attacking a target people really care about.
I mean, the reason the attacks in 2001 were effective was because human lives were involved - and the whole thing played out such that we got to watch events unfold on TV. Taking out a piece of infrastructure wouldn't get the same reaction. Even if people eventually died from not having power, the reaction would be more like "why the hell haven't we fixed this already? What's wrong with our leaders?" rather than the kind of trauma we got from the towers collapsing.
If we were involved in a full-scale war, then infrastructure targets would be worthwhile for our enemies to hit, because each target destroyed would damage our ability to wage war... and because a full-scale assault would be able to take out enough of them to cause some real damage. But losing a chunk of the power grid would not be hugely disruptive, and it would be repaired.
This is why I come to slashdot! A technical article with the right units! 5 GW of electricity. Not 100,000 volts of electricity, not 50,000 Amps of electricity, but 5 GW. Now, that's useful!
And none of that nonsense revisionist crap making an established standard of "GW" into "GiW" either.
I don't believe hard drive or floppy drive capacities have ever measured a megabyte as 2^20 bytes. That peculiarity has always been limited to RAM and to the measurements the software on the computer itself perform...
Having grown up with a kilobyte being 1024 bytes (and later on becoming more familiar with larger units like megabytes and finally a gigabyte before I learned you could have more than one of 'em...) I can relate to your resistance to that change. And the unit names they chose (kibibytes, mebibytes, gibibytes, etc.) are fairly silly-sounding... But... "kilo"-anything else is 1000 of it. "mega"-anything else is 1000000 of it. "giga"-anything else is 1000000000 of it. These are unit prefixes which predate the era of home computers - so really, I think this disambiguation is proper, and was long overdue.
Mr. Fusion powers the time circuits and the flux capacitor. But the internal combustion engine runs on ordinary gasoline; it always has.
But what about the flight-mode conversion? Surely that doesn't run on gasoline...
Stupid 2015 junk... Stick it in a cave, neglected and unmaintained for seventy years, and oh, suddenly it breaks down... They just don't build the kind of reliable machinery any more that Delorean did in 1985...
Huh... that's interesting. I've never heard of that one before... I think, though, that based on your recommendation I'll share the link with the rest of the office. I've seen a lot of your posts here in Slashdot, Anonymous Coward, and all the ones I've seen have been pretty highly rated, so I'm guessing you wouldn't link me to a website that wasn't interesting.
Of course there has been lots of discussion in the scientific community as to what kind of cloud this might be...
Some have said that, with the bits coming off the top, it should be considered a bunny-cloud. Others have said that it rather looks more like a sea turtle swimming sideways, or a sailboat of some kind.
Amidst all this discussion a few fringe theories have also emerged. One scientist said he thought it looked like a naked lady (though it should be noted he said the same about most of the clouds) - another said that the cloud was actually none of those things - that it was actually an imaginary being called a byrnicoche, and that this one was his personal friend, named Willam.
This guy sounds similar to myself. If the job is a 9-5 coding, I don't want to spend my free time coding. If my 9-5 is working on cars, I don't want to spend my free time working on cars. If my 9-5 is being a doctor, I don't want to spend my free time working in the clinic.
On the one hand, I totally get that. In fact, in college I seriously considered not becoming a programmer for a living, specifically because I didn't want to ruin my enjoyment of it...
On the other hand - I think there are certain advantages to making your work something that you naturally enjoy. It's like Scotty on the old Star Trek. There was that one episode where he got a day off and all he wanted to do was read technical journals related to his job... I can relate to that, too. I didn't start learning about computers so I could get a job as a programmer, I became a programmer because I enjoy computers and I enjoy solving problems. I became a programmer because I wanted to be a programmer - and found it convenient that I could make money with that skill.
Now as for whether you hire someone based on whether they program in their free time - I'd agree that seems a bit silly. I expect it could be helpful to see what sorts of things they've done (like the programmers' equivalent of a portfolio) but in the end, when it comes to a job, what counts is whether they can and will do the work. Damned if I know how you judge that, though. I'm just a programmer.:)
Slashdot Mirror
The computer as a whole doesn't have to know you're there or not. The program running the sonar just has to know you weren't there at one point, to trigger the locking.
By the way, if this one program, can figure it out, then any program would've been able to figure it out all along, using the same technique...
This isn't a security issue that would be "patched".. there's just a workaround of not having a mic, or use a headset instead, or physically mute/disconnect your mic when not in use.
Well, actually I think it is a security issue that should be patched. The fact that the hardware and software allows programs to record audio through the microphone without any kind of status indicator (as with the LED featured on some webcams to indicate they're active) is, IMO, a security failure. Not just because of the whole "sonar" thing, but because it allows any program running on your computer to record any conversations you're having within earshot...
I'm not too concerned about this, personally - I haven't removed the mic or blocked access to it in software or anything... I'm just sayin', this could be an issue on par with keyloggers. The only difference is it's a lot easier to automatically process the info from a keylogger.
+1, Tor Johnson reference.
Do you think we could get that added to the moderation system?
"TIME FOR GO TO BED!"
That Tor just cracks me up...
It's like a coder talking about a bug in a C program. You can say to yourself "Oh, that coder's just causing trouble. There's no real bug" - but that doesn't change the reality that the compiled program will do just what the C instructions tell it to do - nothing more, nothing less.
Programs don't run by coders arguing about them.
Well, it's not a perfect analogy. Note there were no cars involved, either...
Legal documents mean whatever a the last lawyer convincingly pretended they mean as long as that lawyer didn't get get caught by another lawyer.
I'm not sure what you mean here...
Each and every time a legal document is read by a new judge, the interpretation may be different. Every time a hostile lawyer reads the document, he will be looking for new ways to exploit flaws in the document.
To go back to the programming language analogy: it's as if lawyers are programmers who code in an ambiguous language, which runs on hardware which tries to find ways to subvert the intent of the program without contradicting the literal interpretation of its instructions - or find excuses to reject those instructions altogether.
My point with that sentence was that a legal document, once written, may contain flaws. These flaws, if they exist, are there whether or not we choose to acknowledge them. The whole point of the programmer analogy there was just to illustrate the point that flaws are possible, and that it's not productive to ignore them... Sooner or later, the flaw will be exploited.
If only. The vast majority of internet-connected machines don't have the proper software installed to allow them to do their part. As a result, localhost HTTP service is spotty at best and I find I'm unable to access it from most computers.
True... Well, slashdotting localhost at least won't make the service get any worse. :)
Why can't people take responsibilities for themselves, do what is right in terms of copyright, and maybe then we wouldn't have lawyers nit picking us to death. Or as the old joke goes:
"What is a thousand lawyers at the bottom of the sea?"
Answer: "A good start."
This is the cost of having a set of precisely-defined and (one would hope) consistently enforced laws, as opposed to a set of broadly-defined, easy-to-understand laws, and be completely at the mercy of the (hopefully reasonable) judge to supply the proper interpretation... Defining the laws becomes more complex if you want to remove the ambiguities and minimize the influence of judges' personal feelings into their interpretation of the law and judgments.
I don't like your plan for an undersea colony of lawyers, though. They could probably telecommute or something but I feel like they'd get out of touch with their clients.
If Richard Stallman wanted to help open source, he would resign from the FSF.
He doesn't want to help "open source", he wants to help "free software". :)
These are lawyers talking about a possible flaw in a legal document.
It's like a coder talking about a bug in a C program. You can say to yourself "Oh, that coder's just causing trouble. There's no real bug" - but that doesn't change the reality that the compiled program will do just what the C instructions tell it to do - nothing more, nothing less. (Well, except that a legal document is interpreted more subjectively - if the document is not written very precisely then different readers may interpret it differently... This is why we live in a world of "legalese" - it sounds arcane and needlessly complicated to non-lawyers but that's just because non-lawyers haven't learned the terminology and practice of precisely phrasing a legal document and guarding against the various rules which may be in effect "by default"...)
We have to be realistic about this - there have been some GPL-related court cases in which the GPL was upheld, but there are also issues surrounding the license, as well as how those are likely to play out in actual court cases, which may be unresolved or unfavorable to people who value software freedom. If one hopes to fix the problem, then one has to be realistic about where and what the problem is. We have a certain set of goals when we license something under the GPL - if we want to actually achieve those goals, we have to do our best to make sure the GPL is legally sound.
The problem of what constitutes a derivative work is one that I've heard before... The problem is that what you or I might consider a GPL violation could in fact be a very small piece of GPL code pulled into a very large non-GPL project. It's difficult to call that a "derived work" of the GPL'ed project. It's using GPLed code but the project as a whole may very well not be "derived" in a real sense from that GPLed work. If the project is big and the bit of borrowed GPL code is small, courts may not take the offense seriously. I don't know if this is something that can be solved with a better license, or if the kind of protection the GPL demands is beyond the scope of copyright... Anyway, it seems like a problem. Even if we want to tell people "you can't reuse parts of this code in other projects unless those projects are GPLed, too", we may not be able to rely upon that demand being fully effective...
Finally, it's worth emphasizing that law is not a static thing. It's a set of agreements between people subject to interpretation and alteration by people. Saying "it works and it doesn't need to change" may not be realistic. If people are working to undermine the GPL, then other people must work to reinforce and improve the license, if it is to be viable in the future. Basically, if the GPL matters to you then you need to fight for it.
So gravity doesn't escape a black hole? Then how does gravity pull you closer to it?
The gravity is just holding on to you, taking you to the mouth of hell along with it.
Been there, did that, and I'm still (POP!) ...
Well he wouldn't have bothered to write "(POP!)", he'd have just vanished...
Damn, dude. You just slashdotted localhost.
Don't worry, the HTTP serving duties for localhost are distributed over the whole internet.
Remember, you don't say port 80 to go to Slashdot. Why not default to the SRV record (then port 80 for backwards-compatibility) unless the user specifies otherwise?
Extra complexity for little gain.
why not get rid of the url altogether and encode it in xml? surely that would clarify the problem of figuring out what website the user wants to go to
Well, it would at least make it very easy to provide a clear-cut place to identify the port number... ...And don't call me Shirley. (Damn, that joke sucks in text... Can we all move over to a truly phonetic alphabet so I can do the "Shirley" joke online?)
Well, clearly, you take some of the square miles and cut them in half from corner to corner.
That's where the .5 mile comes from.
How are you going to use 22 square miles and one triangle mile to make a triangle? The whole concept is silly. If you had, say, 21 square miles, and eight triangle miles made by cutting square miles in half diagonally, then you could make a right triangle...
But I'm guessing this isn't even a right triangle we're talking about...
Stick it in a cave, neglected and unmaintained for seventy years, and oh, suddenly it breaks down...
You forgot "strike it with lightning!"
Damn, you're right...
I hang my head in shame.
On the bright side, we'll have hoverboards in about five years...
This is why I come to slashdot! A technical article with the right units! 5 GW of electricity. Not 100,000 volts of electricity, not 50,000 Amps of electricity, but 5 GW. Now, that's useful!
They got the electrical units right, but I think they messed up on the units of area. I mean, a triangle with 22.5 square miles in it? How are you gonna fill a triangle with squares? You need triangle miles...
Sure Amiga still rocks !
Who will build an Atari ST grid ?
Imagine a Beowulf cluster of those... (It's only tres Amigas, but it's a start...)
Central Point of Failure.
Attention terrorists: we have a new target to aim for.
Meh. I think they'd get more mileage out of attacking a target people really care about.
I mean, the reason the attacks in 2001 were effective was because human lives were involved - and the whole thing played out such that we got to watch events unfold on TV. Taking out a piece of infrastructure wouldn't get the same reaction. Even if people eventually died from not having power, the reaction would be more like "why the hell haven't we fixed this already? What's wrong with our leaders?" rather than the kind of trauma we got from the towers collapsing.
If we were involved in a full-scale war, then infrastructure targets would be worthwhile for our enemies to hit, because each target destroyed would damage our ability to wage war... and because a full-scale assault would be able to take out enough of them to cause some real damage. But losing a chunk of the power grid would not be hugely disruptive, and it would be repaired.
This is why I come to slashdot! A technical article with the right units! 5 GW of electricity. Not 100,000 volts of electricity, not 50,000 Amps of electricity, but 5 GW. Now, that's useful!
And none of that nonsense revisionist crap making an established standard of "GW" into "GiW" either.
I don't believe hard drive or floppy drive capacities have ever measured a megabyte as 2^20 bytes. That peculiarity has always been limited to RAM and to the measurements the software on the computer itself perform...
Having grown up with a kilobyte being 1024 bytes (and later on becoming more familiar with larger units like megabytes and finally a gigabyte before I learned you could have more than one of 'em...) I can relate to your resistance to that change. And the unit names they chose (kibibytes, mebibytes, gibibytes, etc.) are fairly silly-sounding... But... "kilo"-anything else is 1000 of it. "mega"-anything else is 1000000 of it. "giga"-anything else is 1000000000 of it. These are unit prefixes which predate the era of home computers - so really, I think this disambiguation is proper, and was long overdue.
That's enough to power THREE flux capacitors at once!
Four, even.
Mr. Fusion powers the time circuits and the flux capacitor. But the internal combustion engine runs on ordinary gasoline; it always has.
But what about the flight-mode conversion? Surely that doesn't run on gasoline...
Stupid 2015 junk... Stick it in a cave, neglected and unmaintained for seventy years, and oh, suddenly it breaks down... They just don't build the kind of reliable machinery any more that Delorean did in 1985...
Goat.se
Huh... that's interesting. I've never heard of that one before... I think, though, that based on your recommendation I'll share the link with the rest of the office. I've seen a lot of your posts here in Slashdot, Anonymous Coward, and all the ones I've seen have been pretty highly rated, so I'm guessing you wouldn't link me to a website that wasn't interesting.
Playboy is portable and doesn't require internet access or power. I predict that it's still quite popular with that crowd.
These people have smartphones and ipods, you think they can't bring their porn with them?
Of course there has been lots of discussion in the scientific community as to what kind of cloud this might be...
Some have said that, with the bits coming off the top, it should be considered a bunny-cloud. Others have said that it rather looks more like a sea turtle swimming sideways, or a sailboat of some kind.
Amidst all this discussion a few fringe theories have also emerged. One scientist said he thought it looked like a naked lady (though it should be noted he said the same about most of the clouds) - another said that the cloud was actually none of those things - that it was actually an imaginary being called a byrnicoche, and that this one was his personal friend, named Willam.
...no one expects that grandma and grandpa know how to what English is and what it does...
Hmm, I think when I get home I'll watch a cheesy old movie. Maybe "Attack of the The Eye Creatures"...
This guy sounds similar to myself. If the job is a 9-5 coding, I don't want to spend my free time coding. If my 9-5 is working on cars, I don't want to spend my free time working on cars. If my 9-5 is being a doctor, I don't want to spend my free time working in the clinic.
On the one hand, I totally get that. In fact, in college I seriously considered not becoming a programmer for a living, specifically because I didn't want to ruin my enjoyment of it...
On the other hand - I think there are certain advantages to making your work something that you naturally enjoy. It's like Scotty on the old Star Trek. There was that one episode where he got a day off and all he wanted to do was read technical journals related to his job... I can relate to that, too. I didn't start learning about computers so I could get a job as a programmer, I became a programmer because I enjoy computers and I enjoy solving problems. I became a programmer because I wanted to be a programmer - and found it convenient that I could make money with that skill.
Now as for whether you hire someone based on whether they program in their free time - I'd agree that seems a bit silly. I expect it could be helpful to see what sorts of things they've done (like the programmers' equivalent of a portfolio) but in the end, when it comes to a job, what counts is whether they can and will do the work. Damned if I know how you judge that, though. I'm just a programmer. :)