2014: The Year We Learned How Vulnerable Third-Party Code Libraries Are
Really? Like we did not know before? I don't think anyone in the industry who is both sane and honest ever pretended that FOSS was bug-free. We know that software, ALL software, contains bugs. Also, plenty of projects don't have too many contributors, so the "many eyes" principle hardly applies.
But if you've got the source at least you can have a look, (and really should, if you are considring using something for a mission-critcal application). Then fix, if required,and contrib back.
Certainly, vulnerabilities in FOSS stuff tend to get fixed pretty quickly when found.
I know you're baiting, but for heaven's sake, which part of Europe are you in? Most of my family is scattered around Europe and I know that we all "enjoy":
1. Very high direct and indirect taxes / social charges, which fail to fully finance, 2. Massively oversized and inefficient public sector organisations, especially in healthcare and education, (tip: if you want "good" either of those two over here, you'd better have plenty of cash), 3. Zero or negative growth, leading to, 4. Massive public debts.
Or they'll double-down and use the subsequent tanking of their sites as "proof" for the EU Gov that Google is an "unfair monopoly".
How could this play out? Step one : We poor, highly-taxed Europeans will be asked to dip once again into our empty pockets, this time to fund a bunch of over over-paid bureaucrats while they "investigate" Google, Step two: They'll recommend that we subsidise a state-sponsored European alternative to Google, which will fail.
Sure, people at all levels should be encouraged to say "no" if other things are wrong too; for example choice of architecture, data model, choice of development environment, language or database...
Unfortunately, I've seen too many projects where people - including me - said "no" very loudly on these and similar issues and...were ignored.
"I can't wait until some foreign court rules that all of some American official's stuff should be siezed because he's been tried in absentia for war crimes."
Well, to this and other points above about trying Bush et al., there's a reason why the USA - together with other shining examples of democracy such as China, Cuba, Saudi Arabia, Israel etc. - have NOT signed up to the ICC
Here here. Instead of getting some advice from someone who understand stats, he just vomits out a crappy "justification" as to why his bullshit....erm...is not bullshit.
Let me see, who's going to go an explain to the boss that we should (a) allow users access to FB on work boxen, then (b) encourage them to share business documents on it?
"Yes, I'm sure that when they sat down to formulate legislative regulations on corporate finance records, they thoroughly intended that it be used for punishing fishermen who caught undersized fish."
No - for catching undersized fish, the fishermen would have got away with a fine. But they were dumb / dishonest enough to tamper with evidence, which is another offense entirely. (Although asking for 2 years in jail seems excessive...)
Agree about CC protection, but I've also been impressed by PapPal when used with eBay. I know it's fashionable to hate 'em here, but my experiences - including refunds when goods were not received etc. - have been uniformly positive.
Make a rocket at least 10 times cheaper than is possible today.
Hardly "prosaic"; Sounds pretty damn ambitious to me. OK, they had access to some of the body of knowledge so expensively won by the Germans, USA, Russians et al, but they're still privately funded, developed in-house a working product that's much, much cheaper than the competition and employ nearly 4000 people.
I've heard that Microsoft phones are pretty popular in [sic] europe.
Nope - non-techs and style-conscious get iPhones, nerds and people who don't care but want big screens get Androids, typically from brands they know from other contexts, like Samsung.
Yup, that old/. chestnut; correlation != causation. Maybe they just "proved" that some firms invest less when they realise they don't know how to do innovation / R&D.
In any serious organisation these days, spending serious money on R&D, there's a multi-layered approach to all this, ranging from building portfolio of defense/attack/trade patents (Google buying Motorola phone division), (or joining a group who does), through researching prior art to finally building a attacking others (think Apple vs. Samsung).
You could say that that's the real "tax on innovation", since it's far more costly than the impact of a few "trolls" (defined as someone who holds a patent for the sole purpose of using it to attack others)
Indeed. While you're at it, you can produce some for us (the "West"). I'm no leftie nutjob, but you've got to admin that the a lot of such problems are historically down to us...Africa, Middle East...) We brought technology without knowledge - if we had spent as much time educating these people over the centuries as we had killing and exploiting them, well, maybe things would be better. As it stands, this thing spreading out of control is just a short flight away...
Other posts have covered most of why this (interesting) idea won't work. Here's another - grids and grid management systems around the world are already struggling to cope with the current setup, mainly due to years of under-investment. Feed-in problems are not trivial; (causing more grid management issues), "green" sources of energy are expensive and tend to be in the wrong places... I'm all for "alternative" energy, but is everyone prepared to invest the bazillions required to do it properly, and live with the massive price increases that would require? Nope.
Inwards-facing ramps turned the 100M-square arch into a massive venturi, sweeping people off their feet, off the top of the plaza and then flinging therm down a conveniently-placed steep flight of hard stone stairs.
Genius.
Cue hastly rethink with a nasty plastic "roof" inside the arch to slow the wind...a little.
Well, most workable "solutions" tend to have started with a crazy but creative idea, that gradually gets refined and other good ideas added to it until you get something that's acceptable.
So, for example, you could imagine making the fluid magnetic, so you could then maybe guide it into position and then hold it there. But this brings another issue - you can hardly hold the patient in a strong magnetic field forever.
So, then you could imagine adding some kind of slow-setting glue into the liquid that sets hard after it's had time to be guided into the target and clogged it up.
Slashdot Mirror
2014: The Year We Learned How Vulnerable Third-Party Code Libraries Are
Really? Like we did not know before?
I don't think anyone in the industry who is both sane and honest ever pretended that FOSS was bug-free.
We know that software, ALL software, contains bugs.
Also, plenty of projects don't have too many contributors, so the "many eyes" principle hardly applies.
But if you've got the source at least you can have a look, (and really should, if you are considring using something for a mission-critcal application).
Then fix, if required,and contrib back.
Certainly, vulnerabilities in FOSS stuff tend to get fixed pretty quickly when found.
I know you're baiting, but for heaven's sake, which part of Europe are you in? Most of my family is scattered around Europe and I know that we all "enjoy":
1. Very high direct and indirect taxes / social charges, which fail to fully finance,
2. Massively oversized and inefficient public sector organisations, especially in healthcare and education, (tip: if you want "good" either of those two over here, you'd better have plenty of cash),
3. Zero or negative growth, leading to,
4. Massive public debts.
Yeah, we like it that way...
So that's what, a little more than 20Km per side; if it's a sqaure block? Not happening anywhere, especially in Russia since the currency tanked.
Also, storing something as tiny as DNA requires little space...
http://en.wikipedia.org/wiki/G...
I'm sure there's a Burma Shave in there...
about one in 16 arXiv authors were found to have copied long phrases and sentences from their own previously published work
OK, sometimes quoting your own work may be legit, but this sounds more like simple boilerplate cut and paste
The FAA is an example of regulatory capture. It is run by aviators for the interest of pilots and aviation companies
I guess you've never heard that very old GA joke, "I'm from the FAA and I'm here to help you..."
Or they'll double-down and use the subsequent tanking of their sites as "proof" for the EU Gov that Google is an "unfair monopoly".
How could this play out?
Step one : We poor, highly-taxed Europeans will be asked to dip once again into our empty pockets, this time to fund a bunch of over over-paid bureaucrats while they "investigate" Google,
Step two: They'll recommend that we subsidise a state-sponsored European alternative to Google, which will fail.
Don't laugh - they're mad enough to try it.
Sure, people at all levels should be encouraged to say "no" if other things are wrong too; for example choice of architecture, data model, choice of development environment, language or database...
Unfortunately, I've seen too many projects where people - including me - said "no" very loudly on these and similar issues and...were ignored.
Hilarity ensued.
"I can't wait until some foreign court rules that all of some American official's stuff should be siezed because he's been tried in absentia for war crimes."
Well, to this and other points above about trying Bush et al., there's a reason why the USA - together with other shining examples of democracy such as China, Cuba, Saudi Arabia, Israel etc. - have NOT signed up to the ICC
https://en.wikipedia.org/wiki/...
Do as I say, not how I do
Here here.
Instead of getting some advice from someone who understand stats, he just vomits out a crappy "justification" as to why his bullshit....erm...is not bullshit.
C'mon Haselton - start here, it's all free.
https://en.wikipedia.org/wiki/...
https://en.wikipedia.org/wiki/...
Let me see, who's going to go an explain to the boss that we should (a) allow users access to FB on work boxen, then (b) encourage them to share business documents on it?
Not me, thanks.
"Yes, I'm sure that when they sat down to formulate legislative regulations on corporate finance records, they thoroughly intended that it be used for punishing fishermen who caught undersized fish."
No - for catching undersized fish, the fishermen would have got away with a fine.
But they were dumb / dishonest enough to tamper with evidence, which is another offense entirely.
(Although asking for 2 years in jail seems excessive...)
Agree about CC protection, but I've also been impressed by PapPal when used with eBay.
I know it's fashionable to hate 'em here, but my experiences - including refunds when goods were not received etc. - have been uniformly positive.
Make a rocket at least 10 times cheaper than is possible today.
Hardly "prosaic"; Sounds pretty damn ambitious to me.
OK, they had access to some of the body of knowledge so expensively won by the Germans, USA, Russians et al, but they're still privately funded, developed in-house a working product that's much, much cheaper than the competition and employ nearly 4000 people.
Like Musk or not, he made it work so far.
I've heard that Microsoft phones are pretty popular in [sic] europe.
Nope - non-techs and style-conscious get iPhones, nerds and people who don't care but want big screens get Androids, typically from brands they know from other contexts, like Samsung.
Yup, that old /. chestnut; correlation != causation.
Maybe they just "proved" that some firms invest less when they realise they don't know how to do innovation / R&D.
In any serious organisation these days, spending serious money on R&D, there's a multi-layered approach to all this, ranging from building portfolio of defense/attack/trade patents (Google buying Motorola phone division), (or joining a group who does), through researching prior art to finally building a attacking others (think Apple vs. Samsung).
You could say that that's the real "tax on innovation", since it's far more costly than the impact of a few "trolls" (defined as someone who holds a patent for the sole purpose of using it to attack others)
Indeed. While you're at it, you can produce some for us (the "West").
I'm no leftie nutjob, but you've got to admin that the a lot of such problems are historically down to us...Africa, Middle East...)
We brought technology without knowledge - if we had spent as much time educating these people over the centuries as we had killing and exploiting them, well, maybe things would be better.
As it stands, this thing spreading out of control is just a short flight away...
Other posts have covered most of why this (interesting) idea won't work. Here's another - grids and grid management systems around the world are already struggling to cope with the current setup, mainly due to years of under-investment.
Feed-in problems are not trivial; (causing more grid management issues), "green" sources of energy are expensive and tend to be in the wrong places...
I'm all for "alternative" energy, but is everyone prepared to invest the bazillions required to do it properly, and live with the massive price increases that would require?
Nope.
http://en.wikipedia.org/wiki/G...
Inwards-facing ramps turned the 100M-square arch into a massive venturi, sweeping people off their feet, off the top of the plaza and then flinging therm down a conveniently-placed steep flight of hard stone stairs.
Genius.
Cue hastly rethink with a nasty plastic "roof" inside the arch to slow the wind...a little.
http://www.independent.co.uk/n...
http://thebulletin.org/making-...
Madness...as if Ebola was not enough.
Probably.
But does it blend?
Well, most workable "solutions" tend to have started with a crazy but creative idea, that gradually gets refined and other good ideas added to it until you get something that's acceptable.
So, for example, you could imagine making the fluid magnetic, so you could then maybe guide it into position and then hold it there. But this brings another issue - you can hardly hold the patient in a strong magnetic field forever.
So, then you could imagine adding some kind of slow-setting glue into the liquid that sets hard after it's had time to be guided into the target and clogged it up.
It depends - there's a difference between saying 70% "in general" and "this one will be part of the 70%".
Of course, since the percentages seem very close the practical implications would seem to be the same.
Good reply - shame you did not get modded up