I used to work for a company called "Gteko". Don't bother looking them up - they were acquired several years ago. They sold bundled software (OEM) to a handful of companies, all of them huge. One of those was AOL. This is over a decade ago.
The incident in question took place after I left, so I don't know the specifics. The bottom line is, they screwed up a server deployment that affected the AOL front page for all AOL customers. After that was finally fixed, the company's CEO, expecting pretty much to be shown the door, walked into a meeting with several AOL high execs.
The meeting started with the following sentence: "Let's see how we can make sure this never happens again"
Even when it's something less "close" to you than an employee, it is sometimes worth it to not terminate someone who made a mistake, even a serious one.
My current employer, Akamai, has a motto effectively saying: It's okay to screw up, so long as that screwup results in a procedure that will prevent anyone from making the same mistake again.
Here's the thing, however. From reading the article, it seems that DH was not, itself, broken. Here's the problem, however: DH is used for forward reference security. It is used to ensure that an adversary that captured the encrypted communication cannot be decrypted later, even if the RSA key is later compromised
Which means that whether DH has already been broken is a moot question. The real question is whether it is likely to be broken in the near future (where what "near" means depends on what you're actually encrypting).
Here is what Schneier usually has to say about that: Attacks always get better over time.
Of course, the main problem with replacing DH is that we don't really have anything better on hand.
RSA does not rely on discrete log. It rather relies on discrete root.
Dlog is the base, however, to almost any other public key algorithm out there which isn't elliptic curve. This includes Diffie Hellman, El-Gamal, DSA, Schnor and I'm sure others as well.
My reading of the article is that those are not yet borken, per se (spelling mistake left in intentionally). Since Diffie Hellman is primarily used for forward reference security, however (i.e. - figuring out a session key that will not be compromised even if the private key later is), the question is not whether it is safe today. The question is whether it will remain safe for the foreseeable future.
If attacks on dlog are beginning to become practical, the answer is "less and less".
I really really skimmed the article, but I think it all boils to this one algorithm. If Diffie Hellman is at risk, then all of our "perfect forward security" reliance of SSL is gone.
Had I not been able to postpone the migration for as long as I have, I would probably have agreed with you. I tried at least two of the versions you mentioned, and reached conclusions substantially similar to yours. None the less, modern KDE 4 is okay (after some getting used to).
KDE 4, when it first came out, was horrid. I delayed upgrade as long as I could.
Today, however, I don't think that's still true. If your hardware doesn't have 3D you might think otherwise, but I find current KDE 4 useful and functional. I even enable some of the actual effects. There are a few of them (highlight active window, magic lamp minimize) actually contribute to my intuition of what's going on.
Not everything is perfect, but the only feature I still miss from KDE 3 is the different color for the active window's title bar. It is possible, but not worth the trouble, to achieve that effect on KDE 4, but it's not the same. Turns out you can make do without (but, as I said, it's better with).
The Novel narrative is this: Microsoft shared the interface with Novel during the beta, encouraging it to rely on it. Then, a few months before release, and after WordPerfect was already dependent on those interfaces, Microsoft changed them and declined to share the new ones with Novel. When Windows 95 finally came out, MS did, in fact, publish those interfaces, but by then it was too late for Novel to ship WordPerfect with Windows 95's launch.
Had MS not shared those interfaces to begin with, Novel could have worked with an internal implementation.
I've read the Samson option, and don't recall that particular strategy ever coming up there. Would you care to give a page number?
It is true (at least according to said book) that Israel let US spy satellites take photos of missiles ready for launch in 1973, to push the US to lift the weapons embargo on Israel, and again in 1991, to nudge the US to start doing something about Saddam firing ground to ground missiles at civilians. In both cases, however, I don't think anyone thought the missiles were aimed at European cities. It certainly doesn't say so in the book you refer to.
The threat of Israel nuking an Arab nation was enough to do the trick in both cases.
I actually think Jules Verne got a surprising number of things quite accurately. In fact, I seem to recall that his depiction of mid 20th century as less personal and more polluted got him into trouble with his publisher. He did not get all of the inventions 100% accurate, but he did have some pretty impressive hits as far as tone and atmosphere go.
Don't get me wrong. If that's what gets you through the night, go right ahead in thinking that. Otherwise, my profile page has previous comments I've written on many subjects.
Click with care, however.. That link might prove you wrong.
What I meant, and I'm fairly sure it wasn't as hard to understand as you make it out to be, is that you do not refrain from raising a true point merely because it seems to weaken your case.
If you do so, your best case is that you will be ignored, and your worst case is that you will be no more right than the people you are arguing with. Constraint yourself to making any and all relevant true points, and then pick up your opinion so that it is still correct. Otherwise, how do you know you are right?
Shachar
The longer you spend arguing with an idiot, the higher the chances he's doing the same thing.
Seriously, though, I agree with your objectives, but not with your suggested methods.
I think the trend of never conceding anything for the sake of winning the argument is one that hurts our ability to conduct actual conversations. I also think that, when the numbers are tallied, it is a counter-productive one. People will see you as a zealot and disregard you. I refuse to participate in it.
Nobody in their right mind would insist on reading it literally (and, yes, I am suggesting that people who read it literally are not in their right minds). It was not written that way, and was not interpreted that way until fairly recently.
The bible does not disagree with reality. Certain religious interpretation of religious concepts disagree with reality. It has been over two decades since the Vatican officially apologized for that particular incident, without the Pope renouncing God or the bible.
Rather than claim there is a fundemental conflict between religion and science, it would be more correct to say that there are some assholes who find modern times too confusing to keep up, and thus try to bring everyone back.
At least, that's the case for creationism. In this particular case, it might just be attention whoring.
But this just means one thing. Google aren't within their safe harbor during the entire first stage of the process.
If, instead or in addition to disputing, you also file claim against both for smeering your name, Google can't claim that the DMCA gives them immunity.
A contract is binding once two things happen: One party makes an offer and The other party accepts it.
There is no requirement for anything to be signed. As long as the registrar can prove that the you accepted their offer (say, by paying), and that you knew what the terms were (say, because they were posted on the web site, and linked to from the page in which you paid), you have a contract.
Now, obviously, in this case the terms were not available to you. Also, the advertisement is part of the registrar's offer, and is, therefor, as binding to it as the terms in the agreement. This entire thing is unethical, and at least seems to be illegal. Still, this is not because there is no contract.
At least here (Israel, but it inherited most of its laws from English law), there are, broadly (IANAL) two kinds of contracts. Time limited contracts, where both sides are bound by it for the duration of the contract, and unlimited contracts. For the second type, each side may terminate the contract at any point, for whatever reason, resulting in no more sanctions than the other side not being bound by the contract any more.
Since a domain registration contract is time bound, automatic exit is not guaranteed by law.
Shachar
P.s. Obviously, this is not a complete list. For example, there are also sales contracts, which fall under neither category. Like I said, IANAL. For services, however, the above two are what you get.
Blowing up at Andrew Tridgdell after he "reverse engineered" (i.e. - sent "help" on a telnet connection) the bitkeeper protocol, causing bitkeeper to withdraw support from the kernel.
Personally, I think bitkeeper were just waiting for an excuse to do that. Their business justification was quickly eroding. The needs of the kernel and the needs of their commercial customers were drifting apart. Supporting the kernel was becoming a liability, rather than an asset, to them. That's also the reason, I think, that they were so quick to withdraw all support after such a minor infraction.
Yeah. I don't see any difference between this objection, which the judge overruled, and Apple's objection in the previous trial, which the same judge accepted.
IANAL, but it seems the judge provided little enough explanation.
In the previous case, Apple asked, and was awarded by the same judge, covering the Samsung logo on the TVs used to display evidence to the Jurors. The claim then was that the court use of Samsung products might be seen as an endorsement of the company. This is, substantially, the same claim now used by Samsung.
I have not seen the whole video. The parts I did see did not show the Apple logo prominently. If that is the case throughout, I think this decision is reasonable. This, assuming none of the products used are the same as the products around which this case revolves. I believe this is the case (I did not see an Apple logo in my skimming, and the products are macbooks, while this case is about phones).
If, however, the Apple logo was on screen, or the products do have an overlap, then I think that decision, particularly by that judge, is hypocritical and wrong.
Slashdot Mirror
I found http://www.youtube.com/watch?v...
I don't see anything there substantially different than the one shown. Can you elaborate, please?
Shachar
Why not provide an actual link?
Shachar
I used to work for a company called "Gteko". Don't bother looking them up - they were acquired several years ago. They sold bundled software (OEM) to a handful of companies, all of them huge. One of those was AOL. This is over a decade ago.
The incident in question took place after I left, so I don't know the specifics. The bottom line is, they screwed up a server deployment that affected the AOL front page for all AOL customers. After that was finally fixed, the company's CEO, expecting pretty much to be shown the door, walked into a meeting with several AOL high execs.
The meeting started with the following sentence:
"Let's see how we can make sure this never happens again"
Even when it's something less "close" to you than an employee, it is sometimes worth it to not terminate someone who made a mistake, even a serious one.
My current employer, Akamai, has a motto effectively saying: It's okay to screw up, so long as that screwup results in a procedure that will prevent anyone from making the same mistake again.
Shachar
Posted it as a question there already.
Here's the thing, however. From reading the article, it seems that DH was not, itself, broken. Here's the problem, however: DH is used for forward reference security. It is used to ensure that an adversary that captured the encrypted communication cannot be decrypted later, even if the RSA key is later compromised
Which means that whether DH has already been broken is a moot question. The real question is whether it is likely to be broken in the near future (where what "near" means depends on what you're actually encrypting).
Here is what Schneier usually has to say about that: Attacks always get better over time.
Of course, the main problem with replacing DH is that we don't really have anything better on hand.
Shachar
RSA does not rely on discrete log. It rather relies on discrete root.
Dlog is the base, however, to almost any other public key algorithm out there which isn't elliptic curve. This includes Diffie Hellman, El-Gamal, DSA, Schnor and I'm sure others as well.
My reading of the article is that those are not yet borken, per se (spelling mistake left in intentionally). Since Diffie Hellman is primarily used for forward reference security, however (i.e. - figuring out a session key that will not be compromised even if the private key later is), the question is not whether it is safe today. The question is whether it will remain safe for the foreseeable future.
If attacks on dlog are beginning to become practical, the answer is "less and less".
Shachar
I really really skimmed the article, but I think it all boils to this one algorithm. If Diffie Hellman is at risk, then all of our "perfect forward security" reliance of SSL is gone.
Shachar
Had I not been able to postpone the migration for as long as I have, I would probably have agreed with you. I tried at least two of the versions you mentioned, and reached conclusions substantially similar to yours. None the less, modern KDE 4 is okay (after some getting used to).
Shachar
KDE 4, when it first came out, was horrid. I delayed upgrade as long as I could.
Today, however, I don't think that's still true. If your hardware doesn't have 3D you might think otherwise, but I find current KDE 4 useful and functional. I even enable some of the actual effects. There are a few of them (highlight active window, magic lamp minimize) actually contribute to my intuition of what's going on.
Not everything is perfect, but the only feature I still miss from KDE 3 is the different color for the active window's title bar. It is possible, but not worth the trouble, to achieve that effect on KDE 4, but it's not the same. Turns out you can make do without (but, as I said, it's better with).
Shachar
The Novel narrative is this:
Microsoft shared the interface with Novel during the beta, encouraging it to rely on it. Then, a few months before release, and after WordPerfect was already dependent on those interfaces, Microsoft changed them and declined to share the new ones with Novel. When Windows 95 finally came out, MS did, in fact, publish those interfaces, but by then it was too late for Novel to ship WordPerfect with Windows 95's launch.
Had MS not shared those interfaces to begin with, Novel could have worked with an internal implementation.
Shachar
Picture seems to suggest half of that. Four ports (+ external) and one estata.
Shachar
I've read the Samson option, and don't recall that particular strategy ever coming up there. Would you care to give a page number?
It is true (at least according to said book) that Israel let US spy satellites take photos of missiles ready for launch in 1973, to push the US to lift the weapons embargo on Israel, and again in 1991, to nudge the US to start doing something about Saddam firing ground to ground missiles at civilians. In both cases, however, I don't think anyone thought the missiles were aimed at European cities. It certainly doesn't say so in the book you refer to.
The threat of Israel nuking an Arab nation was enough to do the trick in both cases.
Shachar
I actually think Jules Verne got a surprising number of things quite accurately. In fact, I seem to recall that his depiction of mid 20th century as less personal and more polluted got him into trouble with his publisher. He did not get all of the inventions 100% accurate, but he did have some pretty impressive hits as far as tone and atmosphere go.
Shachar
No work will be done.
As opposed to... ?
Shachar
Huh?
Don't get me wrong. If that's what gets you through the night, go right ahead in thinking that. Otherwise, my profile page has previous comments I've written on many subjects.
Click with care, however.. That link might prove you wrong.
Shachar
What I meant, and I'm fairly sure it wasn't as hard to understand as you make it out to be, is that you do not refrain from raising a true point merely because it seems to weaken your case.
If you do so, your best case is that you will be ignored, and your worst case is that you will be no more right than the people you are arguing with. Constraint yourself to making any and all relevant true points, and then pick up your opinion so that it is still correct. Otherwise, how do you know you are right?
Shachar
The longer you spend arguing with an idiot, the higher the chances he's doing the same thing.
TL;DR.
Seriously, though, I agree with your objectives, but not with your suggested methods.
I think the trend of never conceding anything for the sake of winning the argument is one that hurts our ability to conduct actual conversations. I also think that, when the numbers are tallied, it is a counter-productive one. People will see you as a zealot and disregard you. I refuse to participate in it.
Shachar
Nobody in their right mind would insist on reading it literally (and, yes, I am suggesting that people who read it literally are not in their right minds). It was not written that way, and was not interpreted that way until fairly recently.
Shachar
The bible does not disagree with reality. Certain religious interpretation of religious concepts disagree with reality. It has been over two decades since the Vatican officially apologized for that particular incident, without the Pope renouncing God or the bible.
Rather than claim there is a fundemental conflict between religion and science, it would be more correct to say that there are some assholes who find modern times too confusing to keep up, and thus try to bring everyone back.
At least, that's the case for creationism. In this particular case, it might just be attention whoring.
Shachar
Can you please provides citations to the "agreed to stop" claim?
Shachar
But this just means one thing. Google aren't within their safe harbor during the entire first stage of the process.
If, instead or in addition to disputing, you also file claim against both for smeering your name, Google can't claim that the DMCA gives them immunity.
Shachar
A contract is binding once two things happen:
One party makes an offer
and
The other party accepts it.
There is no requirement for anything to be signed. As long as the registrar can prove that the you accepted their offer (say, by paying), and that you knew what the terms were (say, because they were posted on the web site, and linked to from the page in which you paid), you have a contract.
Now, obviously, in this case the terms were not available to you. Also, the advertisement is part of the registrar's offer, and is, therefor, as binding to it as the terms in the agreement. This entire thing is unethical, and at least seems to be illegal. Still, this is not because there is no contract.
And, again, IANAL.
Shachar
At least here (Israel, but it inherited most of its laws from English law), there are, broadly (IANAL) two kinds of contracts. Time limited contracts, where both sides are bound by it for the duration of the contract, and unlimited contracts. For the second type, each side may terminate the contract at any point, for whatever reason, resulting in no more sanctions than the other side not being bound by the contract any more.
Since a domain registration contract is time bound, automatic exit is not guaranteed by law.
Shachar
P.s.
Obviously, this is not a complete list. For example, there are also sales contracts, which fall under neither category. Like I said, IANAL. For services, however, the above two are what you get.
Sh.
Blowing up at Andrew Tridgdell after he "reverse engineered" (i.e. - sent "help" on a telnet connection) the bitkeeper protocol, causing bitkeeper to withdraw support from the kernel.
Personally, I think bitkeeper were just waiting for an excuse to do that. Their business justification was quickly eroding. The needs of the kernel and the needs of their commercial customers were drifting apart. Supporting the kernel was becoming a liability, rather than an asset, to them. That's also the reason, I think, that they were so quick to withdraw all support after such a minor infraction.
Shachar
Yeah. I don't see any difference between this objection, which the judge overruled, and Apple's objection in the previous trial, which the same judge accepted.
IANAL, but it seems the judge provided little enough explanation.
Shachar
In the previous case, Apple asked, and was awarded by the same judge, covering the Samsung logo on the TVs used to display evidence to the Jurors. The claim then was that the court use of Samsung products might be seen as an endorsement of the company. This is, substantially, the same claim now used by Samsung.
I have not seen the whole video. The parts I did see did not show the Apple logo prominently. If that is the case throughout, I think this decision is reasonable. This, assuming none of the products used are the same as the products around which this case revolves. I believe this is the case (I did not see an Apple logo in my skimming, and the products are macbooks, while this case is about phones).
If, however, the Apple logo was on screen, or the products do have an overlap, then I think that decision, particularly by that judge, is hypocritical and wrong.
Shachar