I think we should just classify them as Prisoners of War, give them full Red Cross priviledges and Geneva Convention rights, and just keep them imprisoned indefinitely until their movement is defeated. You can't let them go. They will go back to where they were and continue attacking American troops again. This is not a criminal matter, this is a matter of war. The enemy is unique in that the have no defined country, so we need to be come up with new classifications to deal with these people. Bottom line, no sane person thinks they should be released just to go back to their terrorist activities.
Americans like their cars and won't give them up for short trips. The one exception might be going to Vegas where once you get there you generally just stay in the hotels and use the inter-hotel shuttle system anyways. Every weekend the road from LA to Vegas turns into a parking lot on Friday and another parking lot on Sunday going the other way. It's taken me 10 hours to go what is normally a 4 hour drive.
If they had a train that made this route quickly, it would be filled to capacity all the time. The best part is you could probably get Nevada or the casino's to help cover a good chunk of the cost.
It's too bad war is not as sanitary as you want it to be. Millions of non-combatants died during the war simply because the fighting was occurring in civilian areas. This wasn't the 18th century warfare where the two sides would line up facing each other while the citizens sat on the hill watching with picnic baskets. Dropping the bomb saved far more Japanese lives than it cost. The fire-bombing of Tokyo killed more people than the A-Bomb and that was a drop in the bucket compared to what would have needed to occur with a land-invasion.
Not targetting civilians is a misnormer of political correct modern warfare too. During WW2 the entire nations infrastructure was part of the apparatus needed to fight the war, and as such was a legitimate target. Hitting the industrial capacity of the country was an important aspect of strategy.
There were also other complex factors at play. We are practically at war with the Soviets before Germany was even defeated. When it became clear that Germany was going to lose, the latter stages of the war were all jockeying for position against hte Soviets in the post-war era. The Soviets were working their way down through Asia and the thought was that we had defeated the Japanese largely on our own and we didn't want to be in a situation where the Russians could claim half of Japan the way they did Germany. The Americans needed a quick end to the war. Without the A-Bomb, parts of Japan could have become like eastern Europe under Soviet control. How would that have been better for the Japanese long term (who btw, seem to have come out pretty rosy under American occupation).
You need to have an appreciation for the way the Japanese fought to understand the mindset of their citizens. The people of Japan would never surrender (even after the bomb) until their Emperor said it was ok. Even then, they wanted the terms of surrender to include nothing happens to our Emperor. It took something as dramatic as an A-Bomb to get them to surrender. If not for that, millions of them would have died in conventional warfare trying to defend their homeland.
Finally, the Japanese started the war. I see no reason to sacrafice more American lives to save the Japanese citizens who were clearly supportive of the war. Bottom line is that dropping the A-Bomb was one of the most humane things the American's did, both in short term and long term perspective.
The only way they can accomplish this without having both sides running the neural simulation for all characters is to have the client send a packet saying not only what they are doing right now, but what they expect to do in the future. If the client doesn't actually do those steps, then the client sends out a new packet with what they actually did, along with a the series of steps the nueral algorithm expects them to do from there. The steps you expect to take have to be sent as data since the other side would have to be running the nueral simulation on your character in order to predict those steps.
I don't see how sending the steps I am going to take in advance saves bandwidth over just sending the steps I am doing as I am doing them. Now, if you are willing to have the other side try to maintain a synchronized neural network state, then you could avoid sending future steps and only send data when you are doing something different than predicted. But that isn't what the article is claiming.
Having done a lot of this type of programming in the past, I can tell you that there is usually a lot of lower hanging fruit than this when it comes to network optimization.
I also don't know all the details, but fundamentally he sold a ton of stock when he found out that Qwest would not be getting the contracts. The basic definition of insider trading is using information that is not public to gain an advantage in the trading of stock. Sounds like a classic case of insider trading to me...
The vast majority of our space funding stems from the military applications. They throw hundreds of billions into making various technologies for weapons and hardly anything into pure space science research. If not for the need for spy satellites and ICBM's, we would likely be decades behind where we are right now. Sure, the Saturn V may not be an ideal ICBM, but you can bet a lot of the technology that went into making it came from a military background and went into military applications going forward. The space race itself was the weapon of choice for the cold war, if not for the Russians, we would have never bothered going to the moon.
As an MMO game developer, cheating is something that we have to combat on a continuous basis. Some styles of games are easier to protect against cheating than others. Cheats fall into a few problem categories:
- bots - exploits - information exposure - client side authority - griefing
A bot is a cheat that automates a process we expect the user to do. This intel initiative seems to be aimed squarely at this type of cheat. Typically bots are used to automate tedious tasks that produce income for the character in the virtual world. The big danger is that they can ruin a games economy and the player experience by devaluing the effort the non-cheaters put into the game.
An exploit is a design flaw or a bug that a player finds and intentionally exploits to their advantage. While I personally don't believe in banning players for using exploits, because I consider them my problem, many games have a policy of doing such. The logic behind banning exploits is the reality that it takes developers a significant amount of time (weeks sometimes) to get an exploit-fix completed and through the testing-process before it makes it to the live game. There needs to be some protection for the game in the interim and a stern policy against exploits is all we have. The best compromise would be to ban players using exploits until the exploit can be fixed.
Information exposure is where the client is able to expose information that they normally can't see to gain an advantage. This can be everything from making all walls have invisible textures, to sniffing packet-streams and finding out that a particular NPC just spawned nearby. These cheats are really a form of client-side-authority cheats, as the client-side of the game becomes the authority for what the users is seeing. That is, the client-side is selectively displaying information that is has. While every effort is made to only send the client information that they are supposed to have, there is a limit to what can be done.
A lot of times it comes down to game experience. Sure, we could not send down information about an NPC that spawned right behind you because technically you can't see it, but when the user suddenly turns around in the game and doesn't see the NPC, then the NPC suddenly appears a few hundred milliseconds later (ie, it pops in), it sort of ruins the game experience for the user. Also, it can create too big of a load on the server to validate absolutely everything. It would be unreasonable for the server to a do a full line-of-sight testing against every NPC in the world for every player to determine whether they should really be able to see it.
Next we have client-side-authority hacks. These are hacks where the client-side is the authority for what is happening in the game. Again, we try to minimize the amount of client-side authority there is, but it is more difficult in some games than others. A twitch FPS game is going to need to have a lot more client side authority than an RPG game for example, simply because there isn't time in a twitch game to do a round-trip to the server to validate something the user might be attempting to do. The most common client-side authority area in games is physics, because it needs to happen instantly and the server doesn't have the horsepower to do true physics for everybody in the game anyways.
Client-side-authority hacks fall into two classes, data-hacks and code-hacks. With code-hacks they change client-side code to behave differently. For example, they might just remove the call that checks for collisions against walls, such that they can walk through walls. With data hacks, they do things like change the fire-rate of their weapon, or make themselves run slightly faster.
The worst part about client-side-authority hacks is they prevent game developers from even attempting a large class of games. Client-side-authority hacks are by far the most difficult type of hacks that we have to deal with. As developers there is some client-side authority we
While I agree there is more evidence that global-warming is a man-made problem than not, I don't think there is enough proof for it to be actionable. I see no reason to make significant and costly changes on a such a weak theory (even if it is the prevailing consensus theory at the moment, that doesn't mean it is a strong theory, just means it is the best one out there right now). The bulk of the hype over global warming is taking a weak consensus and turning it into a political panic.
For example take the Kyoto protocol. It wasn't about reducing green-house gasses, it was about a socialist agenda to transfer money from the rich to the poor. Rich industrialized countries were over the limit the protocol allowed and poor unindustrialized countries were below the limit. The rich countries weren't going to reduce their emissions, the plan was that they would PAY the poor countries for the right to use their extra emission credits.
This is sort of like Al Gore claiming his energy gobbling mansion is carbon nuetral because he also owns a small rain-forest that is offsetting his usage. As the most industrialized nation, the US was more heavily penalized than any other country (that's right, we emit more gasses than anybody), meaning it would cost a fortune for the US to buy the credits from the poor countries, effectively making our industries less competitive, costing jobs. Is is any wonder that the US Senate almost unanimously rejected the Kyoto protocol (that's right even the liberal Democrats thought it was little more than an anti-US treaty dreamed up by the Europeans).
I wrote a product back around 1992 called SelectPhone/DirectPhone (won the BSA award for business product of the year back then) that put a national phone-directory on CD-ROM. It had location based searching as part of it, would let you search for business by SIC category and sort them by distance, etc, etc.
Isn't it obvious that what the administration really wants is to use the carnivore system on domestic calls, or at a minimum between domestic and foreign locations. Obviously you can't get a warrant for that as there is no intended target. I personally think such a system should be allowed but only allowed to be used to hunt terrorists and that none of the information gathered can ever be used in a court of law against them.
Isn't it strange that 99% of the time a country wants the other country to charge more for their products, not less. If you don't charge more, they will add tariffs such that they do cost more. All in an effort to give their own companies a chance to compete on price. But in this case, they have no competition, so they instead want just the opposite. They want the other country to charge less for the product.
They do the same thing with medicines I suppose...for medicines they can manufacture, the skys the limit, for those they can't, they want the maximum price controlled.
Seems what this really boils down to is the EU doesn't like paying for Windows because it is an imported product. The EU can impose whatever laws they want on Microsoft, but ultimately the WTO is going to decide this issue, not the Europeans. If the EU slaps around Microsoft too much, the WTO will find them in violation of free-trade agreements and European manufacturers will be the ones suffering as tariffs limit their exports.
Europe is still a free-enough economy that when Airbus is slapped with a 30% tariff in retaliation and can no longer compete with Boeing for American contracts, you can bet the EU politicians will feel what real pressure is like.
Last I looked, I never saw an itemization of what I was being taxed for (federally). I am taxed a certain amount regardless of what Congress decides to spend it on. For all I know, every penny I gave them went into paying for toilet-seats for the army. If a particular state isn't interested in funding Boston's big-dig, should that state be able to have it's citizens opt-out of some portion of that funding? What if my state doesn't like paying subsidies to corn-farmers, should we be able to simply cut the taxes we pay by an consumate amount? I bet Nebraska probably isn't too keen on paying for the coast-guard either.
My point is that there is no direct relationship between what we pay as a citizen and what we get back as a citizen. Likewise, there is not direct relationship between the total amount of money collected from the citizens of a particular state and the total amount of benefit those citizens receive.
If Congress wants to pull highway funding from a particular state, that is no different than Congress cutting some other pork-barrel project that benefits some states more than others. As highway funding goes, states like Utah get far more than states like Rhode Island, simply because they have a lot more land that need to be covered.
In the case of this Montana law, they just shot themselves in the foot. The state didn't pass this law based on some privacy principle, they just resented having to pay for the implementation out of the state coffers. While this may indeed save the state some money, it does so at the expense of their citizens. 10 years from now when every other state has secure id systems and counterfeiters have all moved over to using Montana licenses for their illegal activities, the Montana license will be the equivalent of having a student-id card at the local elementary school -- it will be considered a worthless form of id.
Soon Montana citizens will simply be denied access to travel on the airlines. Thanks a lot governor, why don't you cheap bastards pay the money to upgrade our ID system so we don't get screwed.
As far as unfunded federal mandates go, would you rather the federal government pay for it? (btw, the answer from most short-sighted state-legislatures to that question is yes, particularly in Democrat circles). The problem is that the in order for the Federal government to pay for it, they have to tax your citizens more money to cover the cost. So, the feds take the money from the citizens, then give the money back to the states to spend on implementing the system.
The average Joe citizen is going to pay for the implementation one way or another. Either the state can tax him to pay for it, or the feds can tax him. I would think the states would rather have control of the money more directly themselves...after all, they are always complaining about the money coming from the feds having too many strings attached.
If the states had stepped up to the plate and taxed their citizens to pay for the roads in the first place, then they wouldn't be in this mess whereby the federal government could blackmail the states into doing whatever they wanted. Did they learn their lesson? Apparently not, since Montana just said that they would rather have the federal goverment take the money from their citizens and then give it back to the state to spend with strings attached. The federal government setup a system whereby the states could keep control of this aspect of the funding cycle and the morons in Montana are complaining about it, go figure.
What is really happening here? What is really happening is the local elected officials don't want to raise taxes, because if they do that, they won't get elected. Better to let the federal government raise its taxes and then get the money back in the form a block-grant. The holy grail of all funding...block grants. These are blocks of money that come to the state with very few strings attached. The states love block-grants...they get to spend the money in the way they think is best and don't have to answer to the citizens that elect them for taking the money in the first place.
This whole Montana thing is about local politicians trying to save their asses at the expense of their citizens...way to go Montana, way to go.
Yeah, I figured when the OS window got focus it would take over the cursor image and then it wouldn't be an issue, which may be why the exploit I describe hasn't happened. But what if the web page they were visiting were able to capture the mouse and then release it right as they click, thus routing the mouse message (which is misdirected) to the OS window at an unexpected spot. I know, it's a long shot and in practice little things like the OS window never getting the button-down (only the button-up) would probably prevent it from working, but you never know what little bugs might exist that might allow something like this to work.
As far as the buffer-overflow vulnerability is concerned, that is certainly a reasonable explanation, but why would subsequent visits to other websites by the affect machine be required if that were the case? Once the unauthorized code was executing, no other actions would be needed in theory (unless they simply didn't have enough space for the full code image in the hack).
Also, you explanation about how buffer overflow attacks work is a bit off. The buffer in question is typically on the stack, located far away from the code-image. Overflowing the buffer doesn't actually tromp the code that is going to execute. Instead, since the stack grows backwards, the overflowed data actually overwrites the return-address that the function will return to (which is located on the stack).
Typically how the hack would work in this case is images 1 through 10 would actually be binary code images. The 11th image that overflows tromps the return-address. The binary data you stick into the 11th image needs to be memory-address on the stack where the other 10 images are stored. When the function returns, it pops the return-address off the stack and starts executing code at that address (which after the overwrite will be the code stored in images 1 through 10).
This is a very difficult attack to pull off, since the.ani file that contains the binary images in question needs to know in advance where the stack-frame will be in memory at the time the image is executed. In many cases, that varies quite a bit depending on what else is happening in the system, but in some cases it will tend to end up in the exact same place each time that function is visited.
This is also why the latest in security is the no-execute bit on the processor. Since the actual code-image being executed for the hack does reside on the stack, simply marking the stack-frame as no-execute can prevent this entire class of hacks from working. The problem is that in the past, executing code-images in the stack frame has been used for legitimate purposes, and unfortunately it's an all or nothing solution.
First off, I don't offer this theory as a well-researched endeavor, merely casual speculation. Just theorizing what it might be since they are intentionally vague. The italic text you quote does not preclude my explanation, in fact, one could argue it supports it. It basically states that the affected system (ie, the one with the cursor displaying off the hotspot) could cause code to execute when visiting another website/email. It doesn't say how the attack causes the code to execute. It seems reasonable to me that it causes it to execute by fooling the user into authorizing the execution when the user thinks they are not authorizing it. The successful attack is not contrained by the.ani file type, which makes sense, since the ani file is simply causing the misdirection...the actual code executing could be coming from some other source.
I suspect that what is actually happening with this exploit is they are simply creating an animated cursor that makes the cursor appear somewhere it is not (ie, the hot-spot is not where the user thinks it is). The web page then goes to execute code and when it asks the user for permission and they click on 'no', they are actually clicking on 'yes', since the cursor hotspot is not where the visual cursor would indicate that it really is. No 'root' access needed or anything else...I suspect even a linux browser could be vulernable to such tricks.
Your logic is flawed. You assume the equation stops at the website not getting any money. That is rarely the case. For example, HP offers their website for free because it helps them sell printers. Most websites that aren't selling something make money from advertising.
There are countless ways that wikipedia could make money, not the least of which is ad-revenue. They could probably come up with some sort of subscription scheme that would not decimate the sites popularity. The donation thing seems to be working reasonably well...if they did a better job of offering visitors the opportunity to donate, the could probably generate a lot more revenue that way.
The problem isn't that the telco's aren't sharing the money they get with the wikipedia, the problem is that wikipedia has chosen not to take advantage of obvious opportunities. Wikipedia doesn't even generate the content they offer...that is all generated by the people who use it. All Wikipedia is is a transport mechanism that lets the people that know share the data with the people who don't. In this respect, Wikipedia is really not much different than the telco's...just another transport.
My sister has worked at Walmart for years and loves her job. They sell the same products everybody else does, only cheaper, so I don't see how quality is an issue (is their Rubbermaid stuff worse than anybody elses? Do their PS2 games suck more?). I've never had Walmart refuse to take something back...customer service seems fine to me. Sure, there is nobody there to help me pick out the best TV for my needs, but then again, I don't trust the guys at Tweeter Etc either.
Seems to me that most of the bad-press Walmart gets is generated by the political-left who can't stand that Walmart (the largest retailer in the world) is a non-union shop. They bash walmart to make their union buddies happy. Seems to me the unions are just pissed that most of the Walmart employees are perfectly happy with their pay and work conditions, without having to pay the union extortionist tax.
Quite frankly, Walmart has done more with their affordable prices to help the poor of the country than any liberal social program has. Employees are happy, customers are certainly happy, seems the only ones not happy are the ones who have the power to control others lives taken away from them...
Here in San Diego, the electric company (SDG&E) subsidizes these bulbs at the retailers so you can often find them extremely cheap. Costco was selling them here for $1.97 for a 6 pack. Home Depot had them for $1 per bulb, and just last week the local Albertsons had a 3-pack for a $1 as well.
A couple years ago when they started this program, I replaced every bulb in my house. Even the canister lights. You don't need to use the reflector-lights in the canisters since the bulbs run so cool anyways...they work and look great. They turn on instantly at about 50% to 70% of max brightness (depending on brand...the Duralast ones turn on at 70% and warm up very quickly), then within about 40 seconds warm-up to full brightness. It's a touch annoying if you want full light instantly, but it is nothing like the old flourescant bulbs where it took several seconds before you saw any light at all. It's actually quite nice when you wake up at night to have the lights come on part-way then warm-up like that.
Anyways, I have a fairly good size home with lots of lights and I figure it has probably saved me $30/month in electricity costs...easily paying for itself in a couple months. The bulbs last a long time too...I think I have lost maybe 5 out of the 60 or so that I have installed.
Bottom line, if you live in San Diego country, look around at various retailers for the subsidized bulbs (different retailers are participate in the SDG&E program at different times). At the prices you get them for here, you simply can't go wrong.
As for Walmart, I suspect their plan is to sell these bulbs VERY cheap...wouldn't surprise me if they managed to get the price to under $1/bulb. Manufacturing costs are coming way down for these things as volume starts to really ramp up.
Perhaps if Canada would let us dump our wheat and other produce on Canada, we would let them dump their lumber on us. I wonder why Barnes and Noble and Borders don't open stores in Canada.
If not for Canadian protectionism, you Canadians wouldn't be paying so much for tomotoes. It's really the consumer that loses out. I would love to build a house for less by using cheap Canadian lumber too. What happens is both governments put into place laws that protect certain industries at the expense of their own consumers.
Now if we could only get Canada to pay their fair share for medical drug research, instead of pleasing poverty and having a government monopoly negotiate third-world pity-pricing for drugs.
The American government overall seems to work pretty darn well, despite the occassional slashdot paranoia. While on the surface it seems like a pretty insane system, I don't think people appreciate how important it is to protecting against the tyranny of the majority. Better the beast you know I always say. You could change something like this and seriously mess things up.
While it may sound good to only vote on one thing at a time, the net result would surely be that the party in power gets their way 100% of the time. The way the house and senate rules work, the Republicans largley can't stop the Democrats from tacking stuff onto bills. The Republicans therefore have to compromise with the Democrats, giving them some things they want in return for getting the stuff they want (otherwise the Democrats could just filibuster everything for example).
Why would any senator ever vote for a bill that benefitted only one particular state? Now if you can get a bill put together where every state gets something out of it, then it might be possible to get it passed, but only if they are guaranteed that it's all or nothing. Congress could make a deal where all the individual bills pass, then the President could simply veto all the Democratic ones (hence changing the line-item veto rule would be too risky to our democracy IMO).
This isn't really a Republican problem. The executive branch has been pushing for a line-item veto for decades to help curb this problem, but the Democrats would never go along with it. Both parties are equally guilty of tacking on completely unrelated legislation to bills they know will pass anyways.
The majority of the bills the Democrats don't filibuster is because they managed to get some unrelated pet project of theirs tacked on. It's not uncommon at all to buy individual votes by tacking on pork-barrel projects to please the voters back in the home state. Even the party out of power (the Democrats at the moment) still manage to get their fair share of it.
This particular issue isn't really even a moral issue. The conservatives don't really get bent out of shape about online gambling. This is purely a business play. I'm sure Senator Harry Reid(D) of Nevada had a lot to do with this amendment getting tacked on.
Like I said, while it may be nice to stand on a soapbox and claim that you just won't go to the country. For 99% of people, something like this will not play into their travel plans at all.
Slashdot Mirror
I think we should just classify them as Prisoners of War, give them full Red Cross priviledges and Geneva Convention rights, and just keep them imprisoned indefinitely until their movement is defeated. You can't let them go. They will go back to where they were and continue attacking American troops again. This is not a criminal matter, this is a matter of war. The enemy is unique in that the have no defined country, so we need to be come up with new classifications to deal with these people. Bottom line, no sane person thinks they should be released just to go back to their terrorist activities.
Americans like their cars and won't give them up for short trips. The one exception might be going to Vegas where once you get there you generally just stay in the hotels and use the inter-hotel shuttle system anyways. Every weekend the road from LA to Vegas turns into a parking lot on Friday and another parking lot on Sunday going the other way. It's taken me 10 hours to go what is normally a 4 hour drive.
If they had a train that made this route quickly, it would be filled to capacity all the time. The best part is you could probably get Nevada or the casino's to help cover a good chunk of the cost.
It's too bad war is not as sanitary as you want it to be. Millions of non-combatants died during the war simply because the fighting was occurring in civilian areas. This wasn't the 18th century warfare where the two sides would line up facing each other while the citizens sat on the hill watching with picnic baskets. Dropping the bomb saved far more Japanese lives than it cost. The fire-bombing of Tokyo killed more people than the A-Bomb and that was a drop in the bucket compared to what would have needed to occur with a land-invasion.
Not targetting civilians is a misnormer of political correct modern warfare too. During WW2 the entire nations infrastructure was part of the apparatus needed to fight the war, and as such was a legitimate target. Hitting the industrial capacity of the country was an important aspect of strategy.
There were also other complex factors at play. We are practically at war with the Soviets before Germany was even defeated. When it became clear that Germany was going to lose, the latter stages of the war were all jockeying for position against hte Soviets in the post-war era. The Soviets were working their way down through Asia and the thought was that we had defeated the Japanese largely on our own and we didn't want to be in a situation where the Russians could claim half of Japan the way they did Germany. The Americans needed a quick end to the war. Without the A-Bomb, parts of Japan could have become like eastern Europe under Soviet control. How would that have been better for the Japanese long term (who btw, seem to have come out pretty rosy under American occupation).
You need to have an appreciation for the way the Japanese fought to understand the mindset of their citizens. The people of Japan would never surrender (even after the bomb) until their Emperor said it was ok. Even then, they wanted the terms of surrender to include nothing happens to our Emperor. It took something as dramatic as an A-Bomb to get them to surrender. If not for that, millions of them would have died in conventional warfare trying to defend their homeland.
Finally, the Japanese started the war. I see no reason to sacrafice more American lives to save the Japanese citizens who were clearly supportive of the war. Bottom line is that dropping the A-Bomb was one of the most humane things the American's did, both in short term and long term perspective.
The only way they can accomplish this without having both sides running the neural simulation for all characters is to have the client send a packet saying not only what they are doing right now, but what they expect to do in the future. If the client doesn't actually do those steps, then the client sends out a new packet with what they actually did, along with a the series of steps the nueral algorithm expects them to do from there. The steps you expect to take have to be sent as data since the other side would have to be running the nueral simulation on your character in order to predict those steps.
I don't see how sending the steps I am going to take in advance saves bandwidth over just sending the steps I am doing as I am doing them. Now, if you are willing to have the other side try to maintain a synchronized neural network state, then you could avoid sending future steps and only send data when you are doing something different than predicted. But that isn't what the article is claiming.
Having done a lot of this type of programming in the past, I can tell you that there is usually a lot of lower hanging fruit than this when it comes to network optimization.
I also don't know all the details, but fundamentally he sold a ton of stock when he found out that Qwest would not be getting the contracts. The basic definition of insider trading is using information that is not public to gain an advantage in the trading of stock. Sounds like a classic case of insider trading to me...
The vast majority of our space funding stems from the military applications. They throw hundreds of billions into making various technologies for weapons and hardly anything into pure space science research. If not for the need for spy satellites and ICBM's, we would likely be decades behind where we are right now. Sure, the Saturn V may not be an ideal ICBM, but you can bet a lot of the technology that went into making it came from a military background and went into military applications going forward. The space race itself was the weapon of choice for the cold war, if not for the Russians, we would have never bothered going to the moon.
As an MMO game developer, cheating is something that we have to combat on a continuous basis. Some styles of games are easier to protect against cheating than others. Cheats fall into a few problem categories:
- bots
- exploits
- information exposure
- client side authority
- griefing
A bot is a cheat that automates a process we expect the user to do. This intel initiative seems to be aimed squarely at this type of cheat. Typically bots are used to automate tedious tasks that produce income for the character in the virtual world. The big danger is that they can ruin a games economy and the player experience by devaluing the effort the non-cheaters put into the game.
An exploit is a design flaw or a bug that a player finds and intentionally exploits to their advantage. While I personally don't believe in banning players for using exploits, because I consider them my problem, many games have a policy of doing such. The logic behind banning exploits is the reality that it takes developers a significant amount of time (weeks sometimes) to get an exploit-fix completed and through the testing-process before it makes it to the live game. There needs to be some protection for the game in the interim and a stern policy against exploits is all we have. The best compromise would be to ban players using exploits until the exploit can be fixed.
Information exposure is where the client is able to expose information that they normally can't see to gain an advantage. This can be everything from making all walls have invisible textures, to sniffing packet-streams and finding out that a particular NPC just spawned nearby. These cheats are really a form of client-side-authority cheats, as the client-side of the game becomes the authority for what the users is seeing. That is, the client-side is selectively displaying information that is has. While every effort is made to only send the client information that they are supposed to have, there is a limit to what can be done.
A lot of times it comes down to game experience. Sure, we could not send down information about an NPC that spawned right behind you because technically you can't see it, but when the user suddenly turns around in the game and doesn't see the NPC, then the NPC suddenly appears a few hundred milliseconds later (ie, it pops in), it sort of ruins the game experience for the user. Also, it can create too big of a load on the server to validate absolutely everything. It would be unreasonable for the server to a do a full line-of-sight testing against every NPC in the world for every player to determine whether they should really be able to see it.
Next we have client-side-authority hacks. These are hacks where the client-side is the authority for what is happening in the game. Again, we try to minimize the amount of client-side authority there is, but it is more difficult in some games than others. A twitch FPS game is going to need to have a lot more client side authority than an RPG game for example, simply because there isn't time in a twitch game to do a round-trip to the server to validate something the user might be attempting to do. The most common client-side authority area in games is physics, because it needs to happen instantly and the server doesn't have the horsepower to do true physics for everybody in the game anyways.
Client-side-authority hacks fall into two classes, data-hacks and code-hacks. With code-hacks they change client-side code to behave differently. For example, they might just remove the call that checks for collisions against walls, such that they can walk through walls. With data hacks, they do things like change the fire-rate of their weapon, or make themselves run slightly faster.
The worst part about client-side-authority hacks is they prevent game developers from even attempting a large class of games. Client-side-authority hacks are by far the most difficult type of hacks that we have to deal with. As developers there is some client-side authority we
While I agree there is more evidence that global-warming is a man-made problem than not, I don't think there is enough proof for it to be actionable. I see no reason to make significant and costly changes on a such a weak theory (even if it is the prevailing consensus theory at the moment, that doesn't mean it is a strong theory, just means it is the best one out there right now). The bulk of the hype over global warming is taking a weak consensus and turning it into a political panic.
For example take the Kyoto protocol. It wasn't about reducing green-house gasses, it was about a socialist agenda to transfer money from the rich to the poor. Rich industrialized countries were over the limit the protocol allowed and poor unindustrialized countries were below the limit. The rich countries weren't going to reduce their emissions, the plan was that they would PAY the poor countries for the right to use their extra emission credits.
This is sort of like Al Gore claiming his energy gobbling mansion is carbon nuetral because he also owns a small rain-forest that is offsetting his usage. As the most industrialized nation, the US was more heavily penalized than any other country (that's right, we emit more gasses than anybody), meaning it would cost a fortune for the US to buy the credits from the poor countries, effectively making our industries less competitive, costing jobs. Is is any wonder that the US Senate almost unanimously rejected the Kyoto protocol (that's right even the liberal Democrats thought it was little more than an anti-US treaty dreamed up by the Europeans).
I wrote a product back around 1992 called SelectPhone/DirectPhone (won the BSA award for business product of the year back then) that put a national phone-directory on CD-ROM. It had location based searching as part of it, would let you search for business by SIC category and sort them by distance, etc, etc.
Isn't it obvious that what the administration really wants is to use the carnivore system on domestic calls, or at a minimum between domestic and foreign locations. Obviously you can't get a warrant for that as there is no intended target. I personally think such a system should be allowed but only allowed to be used to hunt terrorists and that none of the information gathered can ever be used in a court of law against them.
Isn't it strange that 99% of the time a country wants the other country to charge more for their products, not less. If you don't charge more, they will add tariffs such that they do cost more. All in an effort to give their own companies a chance to compete on price. But in this case, they have no competition, so they instead want just the opposite. They want the other country to charge less for the product.
They do the same thing with medicines I suppose...for medicines they can manufacture, the skys the limit, for those they can't, they want the maximum price controlled.
Seems what this really boils down to is the EU doesn't like paying for Windows because it is an imported product. The EU can impose whatever laws they want on Microsoft, but ultimately the WTO is going to decide this issue, not the Europeans. If the EU slaps around Microsoft too much, the WTO will find them in violation of free-trade agreements and European manufacturers will be the ones suffering as tariffs limit their exports.
Europe is still a free-enough economy that when Airbus is slapped with a 30% tariff in retaliation and can no longer compete with Boeing for American contracts, you can bet the EU politicians will feel what real pressure is like.
Last I looked, I never saw an itemization of what I was being taxed for (federally). I am taxed a certain amount regardless of what Congress decides to spend it on. For all I know, every penny I gave them went into paying for toilet-seats for the army. If a particular state isn't interested in funding Boston's big-dig, should that state be able to have it's citizens opt-out of some portion of that funding? What if my state doesn't like paying subsidies to corn-farmers, should we be able to simply cut the taxes we pay by an consumate amount? I bet Nebraska probably isn't too keen on paying for the coast-guard either.
My point is that there is no direct relationship between what we pay as a citizen and what we get back as a citizen. Likewise, there is not direct relationship between the total amount of money collected from the citizens of a particular state and the total amount of benefit those citizens receive.
If Congress wants to pull highway funding from a particular state, that is no different than Congress cutting some other pork-barrel project that benefits some states more than others. As highway funding goes, states like Utah get far more than states like Rhode Island, simply because they have a lot more land that need to be covered.
In the case of this Montana law, they just shot themselves in the foot. The state didn't pass this law based on some privacy principle, they just resented having to pay for the implementation out of the state coffers. While this may indeed save the state some money, it does so at the expense of their citizens. 10 years from now when every other state has secure id systems and counterfeiters have all moved over to using Montana licenses for their illegal activities, the Montana license will be the equivalent of having a student-id card at the local elementary school -- it will be considered a worthless form of id.
Soon Montana citizens will simply be denied access to travel on the airlines. Thanks a lot governor, why don't you cheap bastards pay the money to upgrade our ID system so we don't get screwed.
As far as unfunded federal mandates go, would you rather the federal government pay for it? (btw, the answer from most short-sighted state-legislatures to that question is yes, particularly in Democrat circles). The problem is that the in order for the Federal government to pay for it, they have to tax your citizens more money to cover the cost. So, the feds take the money from the citizens, then give the money back to the states to spend on implementing the system.
The average Joe citizen is going to pay for the implementation one way or another. Either the state can tax him to pay for it, or the feds can tax him. I would think the states would rather have control of the money more directly themselves...after all, they are always complaining about the money coming from the feds having too many strings attached.
If the states had stepped up to the plate and taxed their citizens to pay for the roads in the first place, then they wouldn't be in this mess whereby the federal government could blackmail the states into doing whatever they wanted. Did they learn their lesson? Apparently not, since Montana just said that they would rather have the federal goverment take the money from their citizens and then give it back to the state to spend with strings attached. The federal government setup a system whereby the states could keep control of this aspect of the funding cycle and the morons in Montana are complaining about it, go figure.
What is really happening here? What is really happening is the local elected officials don't want to raise taxes, because if they do that, they won't get elected. Better to let the federal government raise its taxes and then get the money back in the form a block-grant. The holy grail of all funding...block grants. These are blocks of money that come to the state with very few strings attached. The states love block-grants...they get to spend the money in the way they think is best and don't have to answer to the citizens that elect them for taking the money in the first place.
This whole Montana thing is about local politicians trying to save their asses at the expense of their citizens...way to go Montana, way to go.
Yeah, I figured when the OS window got focus it would take over the cursor image and then it wouldn't be an issue, which may be why the exploit I describe hasn't happened. But what if the web page they were visiting were able to capture the mouse and then release it right as they click, thus routing the mouse message (which is misdirected) to the OS window at an unexpected spot. I know, it's a long shot and in practice little things like the OS window never getting the button-down (only the button-up) would probably prevent it from working, but you never know what little bugs might exist that might allow something like this to work.
.ani file that contains the binary images in question needs to know in advance where the stack-frame will be in memory at the time the image is executed. In many cases, that varies quite a bit depending on what else is happening in the system, but in some cases it will tend to end up in the exact same place each time that function is visited.
As far as the buffer-overflow vulnerability is concerned, that is certainly a reasonable explanation, but why would subsequent visits to other websites by the affect machine be required if that were the case? Once the unauthorized code was executing, no other actions would be needed in theory (unless they simply didn't have enough space for the full code image in the hack).
Also, you explanation about how buffer overflow attacks work is a bit off. The buffer in question is typically on the stack, located far away from the code-image. Overflowing the buffer doesn't actually tromp the code that is going to execute. Instead, since the stack grows backwards, the overflowed data actually overwrites the return-address that the function will return to (which is located on the stack).
Typically how the hack would work in this case is images 1 through 10 would actually be binary code images. The 11th image that overflows tromps the return-address. The binary data you stick into the 11th image needs to be memory-address on the stack where the other 10 images are stored. When the function returns, it pops the return-address off the stack and starts executing code at that address (which after the overwrite will be the code stored in images 1 through 10).
This is a very difficult attack to pull off, since the
This is also why the latest in security is the no-execute bit on the processor. Since the actual code-image being executed for the hack does reside on the stack, simply marking the stack-frame as no-execute can prevent this entire class of hacks from working. The problem is that in the past, executing code-images in the stack frame has been used for legitimate purposes, and unfortunately it's an all or nothing solution.
First off, I don't offer this theory as a well-researched endeavor, merely casual speculation. Just theorizing what it might be since they are intentionally vague. The italic text you quote does not preclude my explanation, in fact, one could argue it supports it. It basically states that the affected system (ie, the one with the cursor displaying off the hotspot) could cause code to execute when visiting another website/email. It doesn't say how the attack causes the code to execute. It seems reasonable to me that it causes it to execute by fooling the user into authorizing the execution when the user thinks they are not authorizing it. The successful attack is not contrained by the .ani file type, which makes sense, since the ani file is simply causing the misdirection...the actual code executing could be coming from some other source.
I suspect that what is actually happening with this exploit is they are simply creating an animated cursor that makes the cursor appear somewhere it is not (ie, the hot-spot is not where the user thinks it is). The web page then goes to execute code and when it asks the user for permission and they click on 'no', they are actually clicking on 'yes', since the cursor hotspot is not where the visual cursor would indicate that it really is. No 'root' access needed or anything else...I suspect even a linux browser could be vulernable to such tricks.
One of these days those crazy scientists are going to do something and we will all just disappear into a mass of energy.
So why don't we just get a weather balloon and check out the black holes forming naturally in the atmosphere?
Your logic is flawed. You assume the equation stops at the website not getting any money. That is rarely the case. For example, HP offers their website for free because it helps them sell printers. Most websites that aren't selling something make money from advertising.
There are countless ways that wikipedia could make money, not the least of which is ad-revenue. They could probably come up with some sort of subscription scheme that would not decimate the sites popularity. The donation thing seems to be working reasonably well...if they did a better job of offering visitors the opportunity to donate, the could probably generate a lot more revenue that way.
The problem isn't that the telco's aren't sharing the money they get with the wikipedia, the problem is that wikipedia has chosen not to take advantage of obvious opportunities. Wikipedia doesn't even generate the content they offer...that is all generated by the people who use it. All Wikipedia is is a transport mechanism that lets the people that know share the data with the people who don't. In this respect, Wikipedia is really not much different than the telco's...just another transport.
My sister has worked at Walmart for years and loves her job. They sell the same products everybody else does, only cheaper, so I don't see how quality is an issue (is their Rubbermaid stuff worse than anybody elses? Do their PS2 games suck more?). I've never had Walmart refuse to take something back...customer service seems fine to me. Sure, there is nobody there to help me pick out the best TV for my needs, but then again, I don't trust the guys at Tweeter Etc either.
Seems to me that most of the bad-press Walmart gets is generated by the political-left who can't stand that Walmart (the largest retailer in the world) is a non-union shop. They bash walmart to make their union buddies happy. Seems to me the unions are just pissed that most of the Walmart employees are perfectly happy with their pay and work conditions, without having to pay the union extortionist tax.
Quite frankly, Walmart has done more with their affordable prices to help the poor of the country than any liberal social program has. Employees are happy, customers are certainly happy, seems the only ones not happy are the ones who have the power to control others lives taken away from them...
Here in San Diego, the electric company (SDG&E) subsidizes these bulbs at the retailers so you can often find them extremely cheap. Costco was selling them here for $1.97 for a 6 pack. Home Depot had them for $1 per bulb, and just last week the local Albertsons had a 3-pack for a $1 as well.
A couple years ago when they started this program, I replaced every bulb in my house. Even the canister lights. You don't need to use the reflector-lights in the canisters since the bulbs run so cool anyways...they work and look great. They turn on instantly at about 50% to 70% of max brightness (depending on brand...the Duralast ones turn on at 70% and warm up very quickly), then within about 40 seconds warm-up to full brightness. It's a touch annoying if you want full light instantly, but it is nothing like the old flourescant bulbs where it took several seconds before you saw any light at all. It's actually quite nice when you wake up at night to have the lights come on part-way then warm-up like that.
Anyways, I have a fairly good size home with lots of lights and I figure it has probably saved me $30/month in electricity costs...easily paying for itself in a couple months. The bulbs last a long time too...I think I have lost maybe 5 out of the 60 or so that I have installed.
Bottom line, if you live in San Diego country, look around at various retailers for the subsidized bulbs (different retailers are participate in the SDG&E program at different times). At the prices you get them for here, you simply can't go wrong.
As for Walmart, I suspect their plan is to sell these bulbs VERY cheap...wouldn't surprise me if they managed to get the price to under $1/bulb. Manufacturing costs are coming way down for these things as volume starts to really ramp up.
I believe you will find Senate Minority Leader Harry Reid(D) from Nevada is the one most in favor of this bill, not the conservatives.
Perhaps if Canada would let us dump our wheat and other produce on Canada, we would let them dump their lumber on us. I wonder why Barnes and Noble and Borders don't open stores in Canada.
If not for Canadian protectionism, you Canadians wouldn't be paying so much for tomotoes. It's really the consumer that loses out. I would love to build a house for less by using cheap Canadian lumber too. What happens is both governments put into place laws that protect certain industries at the expense of their own consumers.
Now if we could only get Canada to pay their fair share for medical drug research, instead of pleasing poverty and having a government monopoly negotiate third-world pity-pricing for drugs.
The American government overall seems to work pretty darn well, despite the occassional slashdot paranoia. While on the surface it seems like a pretty insane system, I don't think people appreciate how important it is to protecting against the tyranny of the majority. Better the beast you know I always say. You could change something like this and seriously mess things up.
While it may sound good to only vote on one thing at a time, the net result would surely be that the party in power gets their way 100% of the time. The way the house and senate rules work, the Republicans largley can't stop the Democrats from tacking stuff onto bills. The Republicans therefore have to compromise with the Democrats, giving them some things they want in return for getting the stuff they want (otherwise the Democrats could just filibuster everything for example).
Why would any senator ever vote for a bill that benefitted only one particular state? Now if you can get a bill put together where every state gets something out of it, then it might be possible to get it passed, but only if they are guaranteed that it's all or nothing. Congress could make a deal where all the individual bills pass, then the President could simply veto all the Democratic ones (hence changing the line-item veto rule would be too risky to our democracy IMO).
This isn't really a Republican problem. The executive branch has been pushing for a line-item veto for decades to help curb this problem, but the Democrats would never go along with it. Both parties are equally guilty of tacking on completely unrelated legislation to bills they know will pass anyways.
The majority of the bills the Democrats don't filibuster is because they managed to get some unrelated pet project of theirs tacked on. It's not uncommon at all to buy individual votes by tacking on pork-barrel projects to please the voters back in the home state. Even the party out of power (the Democrats at the moment) still manage to get their fair share of it.
This particular issue isn't really even a moral issue. The conservatives don't really get bent out of shape about online gambling. This is purely a business play. I'm sure Senator Harry Reid(D) of Nevada had a lot to do with this amendment getting tacked on.
Like I said, while it may be nice to stand on a soapbox and claim that you just won't go to the country. For 99% of people, something like this will not play into their travel plans at all.