If I had a choice in high speed internet companies, then they could throttle all they wanted. The problem is that I don't, Cox is the only game in town. They don't have any competition in the internet department, so by your reasoning they should be able to kill any service they don't like? That's murder, not competition, and it's not good for anyone involved except for a few executives who won't have to deal with the fallout of their monopoly being broken up by force.
I find that highly unlikely. Less than 10% of the population is even interested in D&D. Factor in the usual resistance to new editions and the number of different places you can preorder the books, DnD taking down Amazon is like a wererat taking out a team of 9th level adventurers.
I'm sure the sysadmins appreciate Slashdot sending thousands of requests their way while they're site's already down. While we're at it, maybe we should find someone with a papercut and start squirting lemon juice all over them.
Agreed. I don't think any game has matched the sheer amount of fun I've had while flying a tie fighter against a bunch of a-wings, x-wings and y-wings. I say this as a man who primarily plays RPGs and RTSs.
but in the end it's mostly a question of style, politics and library support. Yeah, I see Obama as a Ruby man myself, whereas McCain is a C or C++ man. Ruby's cool, trendy, and somewhat revolutionary, but it's unproven and may have problems scaling beyond small to medium sized bases. The ideas all seem to be right, but nobody knows if they'll work in the real world.
C and C++, on the other hand, have been around forever, they're old and stodgy, yet you know where they stand and how things are going to work out. You're not going to get anything revolutionary out of them, and you're not going to be able to get a story on Slashdot and other news sites about this awesome new thing that you couldn't do the same way in another language.
You're right, we should make our computers secure and unplug everyone from the internet!
But seriously, the security holes won't come from the ruby language itself, but from the silverlight platform. Build silverlight securely and the rest will follow. Build the OS securely, and the rest will follow. That's the point: layer security, then when you put a new layer on you don't have to worry so much about whether or not that layer is going to have a few holes.
What we don't want to do is stifle new developments because of unfounded fears of security holes. If you don't want this insecure platform on your desktop, that's fine. For me, I'll run it as another user in a sandboxed instance so that it won't fuck up my machine badly if it does break.
Not only that, but they're not adding a language that's significantly different. They're not adding Java (which Google might appreciate) or C/C++, they're adding Ruby, which is a language very similar to javascript (certainly more similar than JS or Ruby are to Java and their ilk). Port a language with better scalability and modularity, not more of the same.
I wonder if they take turns purposely misreading the story and making a summary that's deliberately misleading. KDawson, Zonk, and now ScuttleMonkey. I understand occasionally making mistakes, but it seems like some editors seem to post story after story that's pure bullshit. This is at least the third from ScuttleMonkey in the past weeks where I feel like he's completely missed the point.
Even if it's not, how are the criminals supposed to get their money? Worst case scenario, if this becomes widespread, people will start doing backups more often. The question at the end of the summary, like all slashdot questions, is dumb and doesn't promote discussion at all.
For a game to be habit changing- the person playing it would NEED to know that it's trying to do that, and be willing to change
Those are the first two steps, aren't they?
I wouldn't be surprised if he went on a shooting spree like the troubled people he says were driven to violence by video games Would that be proving his point? After all, if people didn't play violent video games, he never would have been driven to this point.
They were looking at 10,000 scans, which would be about how much I would expect my constantly-on bittorrent to do over the course of a week or more. I don't think it'll be a problem at that threshold.
At lower thresholds (which they'll surely need since worms and viruses will just start scanning more slowly), they can start analyzing patterns and individual packets. This won't solve the problem overnight, but it will eliminate virtually all worms and viruses in the wild right now and make future worms and viruses propagate much more slowly.
First, it doesn't operate entirely over the network ajax-style. For most things, you don't need the document to be online and updated live. When I'm using Google Docs, especially the spreadsheet program, it's dirt slow and slows down the rest of my browsing, too.
Second, it provides an interface that's familiar to people, better than google docs. For a nerd like me or most of the people on slashdot, google docs works just fine; for people like my parents, OpenOffice is more familiar. Google can make internet browsers sing and dance, but the browser just can't replicate the experience as well.
Third, it gets existing OpenOffice users to switch to google docs. The ability to save to google docs as easily as to the hard drive would be a compelling feature, at least to me. I run a DnD game online and I use google doc's spreadsheet to manage characters; this would make it a lot easier for me and my players to use it all.
I would use this for my DnD game and most of my documents that I could possibly want in multiple places (and that wouldn't be interesting to law enforcement or identity thieves).
He's not commenting on stateless applications, but the stateless quality of http. Every time the browser communicates with the server, it has the exact same overhead, whether it's an ajax request or a full web page. The amount that's sent back may differ, but it's still sending all the information associated with instantiating a new connection, sending information about the browser, all the cookies, etc. When you build stateful applications on top of http, you incur a lot of overhead in those headers and cookies being sent back and forth. For applications trying to stay synced to the server, some people have found overhead of over 75%. This inefficiency's being made up for in packing more information into each request, stretching requests out to take up more time, and just plain fast processors and connections.
The GP is saying that if we had a stateful protocol, we could eliminate most of the overhead and make applications move a lot faster.
I'm not convinced yet that they can be "the same thing"...The trick is, weaving the story into the game, rather than making it a completely separate entity Sorry to nitpick, but if they're no longer separate entities, wouldn't that make them the same entity and, thus, the same thing?
That's what he's referring to, that the story needs to come from the gameplay. Having a machete out in GTA while on a date should, by all rights, change the way that the date plays out. Cut scenes, etc, just remove us from the game and make the story and the game separate entities. TFA is saying that the two need to be the same thing.
In my opinion, the biggest problem is that there needs to be a reward for staying with the main story. In an open world (I'm thinking morrowing, oblivion, and GTA here), the main story doesn't add significantly to the game play. What benefit do I get from hunting down the heir as opposed to breaking into random dungeons and killing everything there? The storyline typically involves challenges and roadblocks without much reward, making it more satisfying for me and my character building if I just go do my own thing.
In contrast, in playing Might and Magic 6/7, I've found that the main storyline is very rewarding. The characters level faster on the main storyline, they get objects and areas open up that otherwise wouldn't, and the main story's just a lot of fun. Instead of the main storyline pushing me off into the world, the world pushes me to the main storyline. I wish more games would learn to balance the open world with a satisfying campaign.
Don't worry, if you try watching too many ads they'll start cutting them off, disconnecting your channel randomly, and sometimes even terminating your service outright. It's "unlimited", but that doesn't mean that the 2% watching all the commercials should get to use a disproportionate amount of resources.
Because IE's a bitch to develop with. On a javascript error, it tells you the correct line number but it can't tell you which file it's in. It doesn't allow anywhere near the quality of plugins that firefox does, so it doesn't get firebug, greasemonkey, etc. Finally, IE doesn't comply with the standards very well, so it's a lot harder to get the site looking how you want it to. With firefox, when you make a change you can know fairly well what that change is going to do. When you're developing a site and making a lot of changes and tweaks, it's important to have a browser that you can work with. Converting the final product to something IE can render is a lot easier to working with IE the entire way.
No method of getting a signature is going to be foolproof. We could sit here and discuss how notaries are ridiculously insecure because of how easy it is to get fake IDs and fake a signature, but that's not the point. The point is to make it so that we can be reasonably certain that the person who's sending the fax is the person we expect it to be. Getting a fax out of the blue will prompt a phone call to the number on file. When someone faxes a form from the nearest copy service, the receiving business has already been in communication with this person and is expecting it. So while the fax in and of itself isn't necessarily all that secure, the overall structure is fairly secure.
Actually, the summary is misleading as hell. He goes on to say exactly why fax signatures are accepted and analyzes the security implications. Since faxes almost never come out of the blue and they carry a lot of information linking the fax to a specific phone number, it's trivial to verify a fax with or without the signature. I honestly don't know how anyone who read the article can come out of it thinking that Schneier opposed signatures on faxes.
FTFA:
Open, Perhaps?
The big news about our awards program this year is that we've decided to allow nominations for any open source project, not just those on SourceForge.net. We know that the success of open source is bigger than one repository can contain, so nominate your favorite Codeplex projects, Google Code projects, ASF projects, and everything else right now! It's built on open source code and it's a project about openness. Unless stated otherwise, I'm going to assume it counts.
Slashdot Mirror
If I had a choice in high speed internet companies, then they could throttle all they wanted. The problem is that I don't, Cox is the only game in town. They don't have any competition in the internet department, so by your reasoning they should be able to kill any service they don't like? That's murder, not competition, and it's not good for anyone involved except for a few executives who won't have to deal with the fallout of their monopoly being broken up by force.
I find that highly unlikely. Less than 10% of the population is even interested in D&D. Factor in the usual resistance to new editions and the number of different places you can preorder the books, DnD taking down Amazon is like a wererat taking out a team of 9th level adventurers.
I'm sure the sysadmins appreciate Slashdot sending thousands of requests their way while they're site's already down. While we're at it, maybe we should find someone with a papercut and start squirting lemon juice all over them.
Agreed. I don't think any game has matched the sheer amount of fun I've had while flying a tie fighter against a bunch of a-wings, x-wings and y-wings. I say this as a man who primarily plays RPGs and RTSs.
C and C++, on the other hand, have been around forever, they're old and stodgy, yet you know where they stand and how things are going to work out. You're not going to get anything revolutionary out of them, and you're not going to be able to get a story on Slashdot and other news sites about this awesome new thing that you couldn't do the same way in another language.
You're right, we should make our computers secure and unplug everyone from the internet!
But seriously, the security holes won't come from the ruby language itself, but from the silverlight platform. Build silverlight securely and the rest will follow. Build the OS securely, and the rest will follow. That's the point: layer security, then when you put a new layer on you don't have to worry so much about whether or not that layer is going to have a few holes.
What we don't want to do is stifle new developments because of unfounded fears of security holes. If you don't want this insecure platform on your desktop, that's fine. For me, I'll run it as another user in a sandboxed instance so that it won't fuck up my machine badly if it does break.
Not only that, but they're not adding a language that's significantly different. They're not adding Java (which Google might appreciate) or C/C++, they're adding Ruby, which is a language very similar to javascript (certainly more similar than JS or Ruby are to Java and their ilk). Port a language with better scalability and modularity, not more of the same.
I wonder if they take turns purposely misreading the story and making a summary that's deliberately misleading. KDawson, Zonk, and now ScuttleMonkey. I understand occasionally making mistakes, but it seems like some editors seem to post story after story that's pure bullshit. This is at least the third from ScuttleMonkey in the past weeks where I feel like he's completely missed the point.
Slashdot's not written in PHP, so it's not like they have that excuse.
Even if it's not, how are the criminals supposed to get their money? Worst case scenario, if this becomes widespread, people will start doing backups more often. The question at the end of the summary, like all slashdot questions, is dumb and doesn't promote discussion at all.
It's really hard to actually kill something outright, usually you just starve it of funds until it dies anyway. Would that be acceptable?
They were looking at 10,000 scans, which would be about how much I would expect my constantly-on bittorrent to do over the course of a week or more. I don't think it'll be a problem at that threshold.
At lower thresholds (which they'll surely need since worms and viruses will just start scanning more slowly), they can start analyzing patterns and individual packets. This won't solve the problem overnight, but it will eliminate virtually all worms and viruses in the wild right now and make future worms and viruses propagate much more slowly.
First, it doesn't operate entirely over the network ajax-style. For most things, you don't need the document to be online and updated live. When I'm using Google Docs, especially the spreadsheet program, it's dirt slow and slows down the rest of my browsing, too.
Second, it provides an interface that's familiar to people, better than google docs. For a nerd like me or most of the people on slashdot, google docs works just fine; for people like my parents, OpenOffice is more familiar. Google can make internet browsers sing and dance, but the browser just can't replicate the experience as well.
Third, it gets existing OpenOffice users to switch to google docs. The ability to save to google docs as easily as to the hard drive would be a compelling feature, at least to me. I run a DnD game online and I use google doc's spreadsheet to manage characters; this would make it a lot easier for me and my players to use it all.
I would use this for my DnD game and most of my documents that I could possibly want in multiple places (and that wouldn't be interesting to law enforcement or identity thieves).
Hmm, on the ground, firing upwards, fighting aliens, and you take cover. This sounds familiar. Perhaps they should call it "Space Invaders 3D".
He's not commenting on stateless applications, but the stateless quality of http. Every time the browser communicates with the server, it has the exact same overhead, whether it's an ajax request or a full web page. The amount that's sent back may differ, but it's still sending all the information associated with instantiating a new connection, sending information about the browser, all the cookies, etc. When you build stateful applications on top of http, you incur a lot of overhead in those headers and cookies being sent back and forth. For applications trying to stay synced to the server, some people have found overhead of over 75%. This inefficiency's being made up for in packing more information into each request, stretching requests out to take up more time, and just plain fast processors and connections.
The GP is saying that if we had a stateful protocol, we could eliminate most of the overhead and make applications move a lot faster.
I see it as an indicator of exactly how bad the previous js interpreters have been.
That's what he's referring to, that the story needs to come from the gameplay. Having a machete out in GTA while on a date should, by all rights, change the way that the date plays out. Cut scenes, etc, just remove us from the game and make the story and the game separate entities. TFA is saying that the two need to be the same thing.
In my opinion, the biggest problem is that there needs to be a reward for staying with the main story. In an open world (I'm thinking morrowing, oblivion, and GTA here), the main story doesn't add significantly to the game play. What benefit do I get from hunting down the heir as opposed to breaking into random dungeons and killing everything there? The storyline typically involves challenges and roadblocks without much reward, making it more satisfying for me and my character building if I just go do my own thing.
In contrast, in playing Might and Magic 6/7, I've found that the main storyline is very rewarding. The characters level faster on the main storyline, they get objects and areas open up that otherwise wouldn't, and the main story's just a lot of fun. Instead of the main storyline pushing me off into the world, the world pushes me to the main storyline. I wish more games would learn to balance the open world with a satisfying campaign.
Don't worry, if you try watching too many ads they'll start cutting them off, disconnecting your channel randomly, and sometimes even terminating your service outright. It's "unlimited", but that doesn't mean that the 2% watching all the commercials should get to use a disproportionate amount of resources.
Because IE's a bitch to develop with. On a javascript error, it tells you the correct line number but it can't tell you which file it's in. It doesn't allow anywhere near the quality of plugins that firefox does, so it doesn't get firebug, greasemonkey, etc. Finally, IE doesn't comply with the standards very well, so it's a lot harder to get the site looking how you want it to. With firefox, when you make a change you can know fairly well what that change is going to do. When you're developing a site and making a lot of changes and tweaks, it's important to have a browser that you can work with. Converting the final product to something IE can render is a lot easier to working with IE the entire way.
No method of getting a signature is going to be foolproof. We could sit here and discuss how notaries are ridiculously insecure because of how easy it is to get fake IDs and fake a signature, but that's not the point. The point is to make it so that we can be reasonably certain that the person who's sending the fax is the person we expect it to be. Getting a fax out of the blue will prompt a phone call to the number on file. When someone faxes a form from the nearest copy service, the receiving business has already been in communication with this person and is expecting it. So while the fax in and of itself isn't necessarily all that secure, the overall structure is fairly secure.
Actually, the summary is misleading as hell. He goes on to say exactly why fax signatures are accepted and analyzes the security implications. Since faxes almost never come out of the blue and they carry a lot of information linking the fax to a specific phone number, it's trivial to verify a fax with or without the signature. I honestly don't know how anyone who read the article can come out of it thinking that Schneier opposed signatures on faxes.