In a crippled hash function, you can add a Trojan horse to a downloaded while keeping the same hash value. Even Linux repositories would be vulnerable (the hashes are usually gpg-signed, but the hash doesn't change), and allow execution of arbitrary code.
Is it a correlation though? If the sun spends the majority of its time in such configurations, it should be that most events happen in this configuration. The probability that it is just chance is 5% (lambda=0.6, k=n=6). So there is tentative evidence for a correlation at best.
"You suggest tarballs, meaning configure && make && make install. That means you need to deal with automake and friends which are insanely obscure and hard to learn."
What 'deal with?' What on earth do you mean. You type a command and press enter, a command simple enough you embedded it in your first sentence. If that is 'difficult' for you to 'deal with' I suggest you try something a little simpler than a general purpose computer.
I was consistently talking about the developers perspective, not the user! You ignored the reference to automake which made that obvious. If you think editing configure.ac and Makefile.am files is easy to learn, I bow to your brilliance, but myself and many others don't share this experience.
And anyway I said only tarballs I didnt say anything about source tarballs. Binary tarballs are another very easy way to install a program, even easier than source tarballs, although compatibility may be more limited.
"The alternative is to make packages and get them into the offical repos. You have to do that for a couple of distributions, and probably test the installation on them as well. That is a large effort for a developer."
No, as a developer, you should not be making packages (except possibly for the distro you personally use.) Many distributions these days are crufty with proprietary junk and keeping up with all the little peculiarities of each distribution IS actually a lot more effort than typing 'make'. That job is best left in the hands of people who are intimately familiar with their distribution and have the motivation to tolerate its insanities.
Binary tarballs, as you say, are limited/useless, and don't solve anything (dependency hell, different architectures). Nor is it clear where each directory is supposed to go to (e.g. libs), as this is distribution-specific. In this paragraph you seem to agree with me.
Sorry, but it *is* difficult to get from a compilable program to a distributable program that Linux users can try out easily.
You suggest tarballs, meaning configure && make && make install. That means you need to deal with automake and friends which are insanely obscure and hard to learn.
The alternative is to make packages and get them into the offical repos. You have to do that for a couple of distributions, and probably test the installation on them as well. That is a large effort for a developer.
I think it is fine for developers to publish well-commented code with a README or documentation, without releasing installable packages. It's too hard. If the demand is there, that should be the business of package managers, who know best how to do it.
Economics would pay off tremendously. Acting late is more costly by orders of magnitudes. Do a simple risk calculation, and yes, you can take the uncertainty into account and still come to the conclusion that acting now is better. So why don't we? Psychology, as TFA says. We don't think long term enough, and don't care about distant, abstract things.
DropBox allows you to "log in" to it's website via click in the application -> no credentials required. Therefore it must either store user credentials or some other secret(s) on client side (host_id and host_int in this case).
This could in principle be secure, e.g. if the app requests a new session ID, and launches the web browser with that session ID in a GET parameter. No secret needs to be stored, you just need to be logged in with the app already.
Lawyers have trouble understanding that law doesn't dictate the limits of curiosity, greed, mathematics, or physics. If there is sufficient incentive, it WILL be cracked.
Non sequitur. Law also dictates that you can not steal and break into someone elses vault (limiting physics arguably). There will be sufficient incentive that people will do it nevertheless, thereby breaking the law. That does not mean it is an invalid law.
The feeling he describes, from lost security and violation of personal rights by security officers, police and flight company -- it's terror.
Just because of a false positive, and because people don't know the difference between a Hindu/Indian and a Muslim/Pakistani, and are "too smart" to ask directly.
I wonder how many more false positives like this happen, with similarly Kafkaesque stories and no satisfactory conclusion (compensation for raiding the wrong home, anyone?).
How about you and your mods RTFA? "The first report measures the availability of scholarly publications in 22 fields of knowledge across the European Research Area, Brazil, Canada, Japan, and the United States, between 2004 and 2011."
Just because the survey was done by the European Commission’s Directorate-General for Research and Innovation does not mean they considered only EU-funded research. And yes, there is a large push for open access for EU-funded research, but they have not made it a requirement yet.
sea levels could conceivably rise by more than three feet by the end of the century
- Only governments have the power to change this. - If someone is rich enough to have any influence on governments, he probably won't be alive by the end of the century. - If someone is rich enough to have any influence on governments, he is rich enough to move his beach mansion three feet higher. - If someone is rich enough to have any influence on governments, he probably doesn't give a fuck about what happens to those who aren't.
Why would a rich person not care about his grandchildren? Any 1000 average people are richer than one rich person. If they act as a group, they are just as influential.
I don't understand why they don't take legal action. They should be able to find a pro-bono lawyer; the Guardian is probably happy to assist with its legal department. There must be some laws left in the UK, or at least embarrass the higher courts by forcing them to make a official ruling. For example, if the law is ultimately ruled unconstitutional, it's evidence of incapacity of the parliament to make constitutional laws.
I think there are people in the EU who want more of a European nation and there are people who don't want that at all. I think there are both kind of people in the EU bodies, and both opinions are well known. I'm all for the Multi-speed Europe model (aka variable geometry).
If there's one thing that really annoys me on people from US, it's talking about Europeans. There's no such thing (no matter how much the European Union denies that). Europe is a geographical group of ~50 countries that are very (very very) different in all aspects.
I don't think the European Union denies the diversity of Europe. We have 24 official languages between which is translated in the parliament and all official documents come in, the legislative presidency rotates between countries. On the other hand, I do think there are things Europeans have in common. Those are the fruits of the Enlightenment* in Italy, the Democratization and Secularism in the spirit of the French Revolution, the Roman legislative baseline which started separation of powers, and a world view of moral, heroic individuals from Greek and medieval myths. And this extends across cultures, languages and geographies (to various degrees of course).
* what a silly, arrogant-sounding English word for this era.
No. It lists its authority when they did nothing worthwhile during the Rwanda genocide and the Bosnia genocide. TWO genocides and they did nothing.
The UN deserves to be laughed at and not be taken seriously.
The Palestine/Israel situation is another reason. But not due to bashing Israel, but for not being able to do anything at all to solve the conflict.
The UN is just the international community of countries. If they can not agree on a action to take, that's the fault of all the states and their communication. Don't act like the UN is some external entity. It's just the states!
So I read what you and GP say as
The international community of countries became nothing more than a organ to bash Israel and the US.
The international community of countries deserves to be laughed at and not be taken seriously.
I don't think that makes any sense.
Yes, it is fair to criticize when intervening action is not taken, and we can also criticize that unanimous agreement is necessary. Latest example: Syria.
When criticizing China and Russia however, you have to make sure not to be hypocritical. The US is picking the best options for itself on many other issues: Isreals arbitrary settling policies, ignoring international treaties, not subjecting itself to international courts, no extradition, starting illegal wars (Iraq, Afghanistan).
Slashdot Mirror
At least Yahoo! thanked them explicitly and didn't threaten to sue them.
In a crippled hash function, you can add a Trojan horse to a downloaded while keeping the same hash value. Even Linux repositories would be vulnerable (the hashes are usually gpg-signed, but the hash doesn't change), and allow execution of arbitrary code.
That's what they did: http://www.wired.com/wiredscience/2008/06/answering-mars/
Maybe Postgres lacks discoverability?
Is it a correlation though? If the sun spends the majority of its time in such configurations, it should be that most events happen in this configuration.
The probability that it is just chance is 5% (lambda=0.6, k=n=6). So there is tentative evidence for a correlation at best.
I conclude that Phil Plait is the only one with the power to put bold text into slashdot summaries.
Oracle released ZFS under a BSD compatible license. Anyone is allowed to do whatever to the opensource code.
GP was talking about patents. If they had released it under (L)GPLv3 or Apache2, users would be safe from patents suits.
"You suggest tarballs, meaning configure && make && make install. That means you need to deal with automake and friends which are insanely obscure and hard to learn."
What 'deal with?' What on earth do you mean. You type a command and press enter, a command simple enough you embedded it in your first sentence. If that is 'difficult' for you to 'deal with' I suggest you try something a little simpler than a general purpose computer.
I was consistently talking about the developers perspective, not the user! You ignored the reference to automake which made that obvious. If you think editing configure.ac and Makefile.am files is easy to learn, I bow to your brilliance, but myself and many others don't share this experience.
And anyway I said only tarballs I didnt say anything about source tarballs. Binary tarballs are another very easy way to install a program, even easier than source tarballs, although compatibility may be more limited.
"The alternative is to make packages and get them into the offical repos. You have to do that for a couple of distributions, and probably test the installation on them as well. That is a large effort for a developer."
No, as a developer, you should not be making packages (except possibly for the distro you personally use.) Many distributions these days are crufty with proprietary junk and keeping up with all the little peculiarities of each distribution IS actually a lot more effort than typing 'make'. That job is best left in the hands of people who are intimately familiar with their distribution and have the motivation to tolerate its insanities.
Binary tarballs, as you say, are limited/useless, and don't solve anything (dependency hell, different architectures). Nor is it clear where each directory is supposed to go to (e.g. libs), as this is distribution-specific. In this paragraph you seem to agree with me.
Sorry, but it *is* difficult to get from a compilable program to a distributable program that Linux users can try out easily.
You suggest tarballs, meaning configure && make && make install. That means you need to deal with automake and friends which are insanely obscure and hard to learn.
The alternative is to make packages and get them into the offical repos. You have to do that for a couple of distributions, and probably test the installation on them as well. That is a large effort for a developer.
I think it is fine for developers to publish well-commented code with a README or documentation, without releasing installable packages. It's too hard. If the demand is there, that should be the business of package managers, who know best how to do it.
So what is your opinion on the changes proposed by the new Facebook Data Policy?
Oh that's right, you can't read it.
Economics would pay off tremendously. Acting late is more costly by orders of magnitudes. Do a simple risk calculation, and yes, you can take the uncertainty into account and still come to the conclusion that acting now is better.
So why don't we? Psychology, as TFA says. We don't think long term enough, and don't care about distant, abstract things.
DropBox allows you to "log in" to it's website via click in the application -> no credentials required. Therefore it must either store user credentials or some other secret(s) on client side (host_id and host_int in this case).
This could in principle be secure, e.g. if the app requests a new session ID, and launches the web browser with that session ID in a GET parameter. No secret needs to be stored, you just need to be logged in with the app already.
Lawyers have trouble understanding that law doesn't dictate the limits of curiosity, greed, mathematics, or physics. If there is sufficient incentive, it WILL be cracked.
Non sequitur. Law also dictates that you can not steal and break into someone elses vault (limiting physics arguably). There will be sufficient incentive that people will do it nevertheless, thereby breaking the law. That does not mean it is an invalid law.
Use a non-compiled language, get what you deserve...
Python is compiled, if you distribute *.pyc files only.
He did answer one question once and for all. The smiley closes the bracket.
https://xkcd.com/541/ All hail the BDFL
So you justify your actions by "everyone else is doing it"? That's just as immoral as "the (potential) ends justify the means".
An eye for an eye makes the whole world blind. In this case, trust is the sight lost. And not caring about trust between partners is short-sighted.
The feeling he describes, from lost security and violation of personal rights by security officers, police and flight company -- it's terror.
Just because of a false positive, and because people don't know the difference between a Hindu/Indian and a Muslim/Pakistani, and are "too smart" to ask directly.
I wonder how many more false positives like this happen, with similarly Kafkaesque stories and no satisfactory conclusion (compensation for raiding the wrong home, anyone?).
How about you and your mods RTFA?
"The first report measures the availability of scholarly publications in 22 fields of knowledge across the European Research Area, Brazil, Canada, Japan, and the United States, between 2004 and 2011."
Just because the survey was done by the European Commission’s Directorate-General for Research and Innovation does not mean they considered only EU-funded research. And yes, there is a large push for open access for EU-funded research, but they have not made it a requirement yet.
Here you go: http://grist.org/series/skeptics/#Stages%20of%20Denial
You are at Stage 2: "We don’t know why it’s happening" and a bit of Stage 5: "Climate change can’t be stopped"
sea levels could conceivably rise by more than three feet by the end of the century
- Only governments have the power to change this.
- If someone is rich enough to have any influence on governments, he probably won't be alive by the end of the century.
- If someone is rich enough to have any influence on governments, he is rich enough to move his beach mansion three feet higher.
- If someone is rich enough to have any influence on governments, he probably doesn't give a fuck about what happens to those who aren't.
Why would a rich person not care about his grandchildren?
Any 1000 average people are richer than one rich person. If they act as a group, they are just as influential.
I don't understand why they don't take legal action. They should be able to find a pro-bono lawyer; the Guardian is probably happy to assist with its legal department. There must be some laws left in the UK, or at least embarrass the higher courts by forcing them to make a official ruling. For example, if the law is ultimately ruled unconstitutional, it's evidence of incapacity of the parliament to make constitutional laws.
I think there are people in the EU who want more of a European nation and there are people who don't want that at all. I think there are both kind of people in the EU bodies, and both opinions are well known. I'm all for the Multi-speed Europe model (aka variable geometry).
If there's one thing that really annoys me on people from US, it's talking about Europeans. There's no such thing (no matter how much the European Union denies that). Europe is a geographical group of ~50 countries that are very (very very) different in all aspects.
I don't think the European Union denies the diversity of Europe. We have 24 official languages between which is translated in the parliament and all official documents come in, the legislative presidency rotates between countries.
On the other hand, I do think there are things Europeans have in common. Those are the fruits of the Enlightenment* in Italy, the Democratization and Secularism in the spirit of the French Revolution, the Roman legislative baseline which started separation of powers, and a world view of moral, heroic individuals from Greek and medieval myths. And this extends across cultures, languages and geographies (to various degrees of course).
* what a silly, arrogant-sounding English word for this era.
Try using Slashdot through Tor. You'll soon be "killall -HUP tor" trigger happy (tor creates a new circuit when you do that).
No. It lists its authority when they did nothing worthwhile during the Rwanda genocide and the Bosnia genocide. TWO genocides and they did nothing.
The UN deserves to be laughed at and not be taken seriously.
The Palestine/Israel situation is another reason. But not due to bashing Israel, but for not being able to do anything at all to solve the conflict.
The UN is just the international community of countries. If they can not agree on a action to take, that's the fault of all the states and their communication. Don't act like the UN is some external entity. It's just the states!
So I read what you and GP say as
I don't think that makes any sense.
Yes, it is fair to criticize when intervening action is not taken, and we can also criticize that unanimous agreement is necessary. Latest example: Syria.
When criticizing China and Russia however, you have to make sure not to be hypocritical. The US is picking the best options for itself on many other issues: Isreals arbitrary settling policies, ignoring international treaties, not subjecting itself to international courts, no extradition, starting illegal wars (Iraq, Afghanistan).