Even Creative Commons suggest that their licenses aren't used for code; they simply aren't designed to apply to it well, and Creative Commons don't suggest that you use licenses for situations they'd be inappropriate for. (On the other hand, you can meaningfully GPL an image, but only if the image has some sort of equivalent to source code, which would rather depend on how the image was created; this may be a bad idea for other reasons, though.)
It's a one-liner (the shortest known algorithm to write an addition without using the standard library), not a complete program; it does nothing by itself. (I had to golf it right down to fit it in Slashdot's sig limits). It's not really recommended to do it quite like that in production code, as it uses a rather significant line number (1), and leaks all over your operand overloads without scoping them properly. It works in C-INTERCAL, and I think probably CLC-INTERCAL too, although it makes use of some relatively new additions to the language.
NearlyFreeSpeech apparently, when a site gets Slashdotted, charges them for the extra bandwidth at the time, but gives them a permanent discount thereafter. (It's a side-effect of their pricing structure, but an apparently deliberate one, presumably to persuade people to keep paying through the Slashdotting, as it's pre-paid.) That seems vaguely similar to what you're suggesting.
Oh, I wasn't running inside that thing, I was working from my own computer. I thought it was a question about Emacs generally, not about the browser simulator in question. Sorry if there was a misunderstanding.
Hi from Emacs. It seems to work quite well, although a lot of scrolling is needed in order to get past the boilerplate that's normally at the top and sides of the screen. (I had to try multiple backends; the Lynx backend kept logging me out, but this w3m backend works fine.) One slight bizarreness; when I went to write this comment, it opened up an editor for me to write the comment in - and perhaps surprisingly, given that the browser was running in Emacs, it opened in vim. Still inside Emacs, though. I've long been aware that it's possible to run vim from inside Emacs, but I hadn't thought that either vim users or Emacs users would be particularly inclined to try...
Tax brackets don't work like that. If, for instance, the tax brackets are 0% up to $20000 income, 20% up to $50000 income, 30% up to $100000 income (I don't know what the individual brackets are, so this is just a hypothetical example), and you earn $50001, then you have to pay 0% of $20000, plus 20% of $30000 (the amount of income you have in the second bracket), plus 30% of $1 (the amount of income you have in the third bracket); tax is calculated on the amount of income you had so far that year at the instant you earned the money, rather than being applied retroactively. So if you go just above a tax bracket, you still end up with more net income than you had before.
The UK system works much like this. The UK tax code is really complicated, and typically probably comes to around 50% or 60% of income (but it's disguised by making it out of many smaller taxes, most notably taxing money once when it's received and again when it's used to buy things). However, for the majority of people (people who have a normal sort of job and aren't self-employed or anything like that), everything happens automatically. (When you start a job, you fill in a form to let the tax office know you're in work, and then your employer is responsible for making taxes happen automatically. When you leave a job, the employer gives you back a form with information on your tax situation at that instant, which you give to your next employer so they can continue the details, etc. When you spend money, the shop you spend it at is responsible for calculating and applying the appropriate taxes (and advertising in the UK must show prices with all relevant taxes included). About the only time this breaks down is when you have incompetence on the part of your employers, or are gaining income or spending income in a way that isn't hooked up to the automatic system.)
Why is it that every explanation of bit coin, including your attempt, is incoherent. Given it can't be explained I think it's a scam.
I have many questions in part because the basic schema is not clear. I've watched the videos and read the sites. But there just is no explanation that makes a whole coherent sum and there are contradictions when you piece the various explanations together.
I'm not that much of a fan of BitCoin myself, but I think I know how it works. So here's my attempt to explain.
1) On a torrent network, not every node knows where all the slices are. Not all nodes are in communication. Thus what happens if I sent 30 bit coins to Amy and then I sent the exact digital copy of those coins to Brad who is on a network remote from Amy. It sounds like Amy will query the local network to see if I own the coins and so will Brad. But because those queries never intersect on the same node both appear to be valid when in fact I just copied the money. Later on perhaps the system can't reconcile two people owning the same coins but by then I'm gone.
Both people will publish the transactions, and when people try to update the transaction history, they'll (automatically) notice that the coins were double-spent. Over time, the "official" version of events will become the one that more computational effort goes into recording into the public record. Neither Amy nor Brad should rely on the transaction having been legitimate until enough confirmations come in; typically people would wait for a chain of 180 to 200 past a transaction to ensure it was legitimate, at the moment.
2) Suppose I send money to Alice. then a fraction of a second later Alice tries to send the same Money to Bob. How does Bob determine that Amy owns the coins? No node on BoB's network can validate my transfer to Alice.
He can't, until the confirmations of the trades come in. With all Bitcoin transfers, though, although the transfer itself is made immediately, you have to wait a while to determine whether the transfer was legitimate or not by waiting for confirmations (i.e. computational effort put into recording that history of events) to come in. I think this point isn't really explained as much as it should be.
3) the description has this trail of signed hashes being appended. Does this grow forever and can it be inverted to follow the money?
Yes, and yes. After a while it could get quite tricky to follow, because, say, someone could send 10 bitcoins to someone else and that person could send a different 10 to someone entirely different, so it's likely that transactions could be made practically untraceable, but you can tell who's been sending money to who, in terms of Bitcoin account identifiers. (However, one person could have many different account IDs, and it wouldn't necessarily be clear who was the owner of which, so although I don't think there's anything like perfect untraceability, I think there's enough there to at least slow people trying to track things down for a while.
4) is each coin signed? or is it transactions?
Transactions, and only so that people who were sent money can prove that the money was in fact sent.
5) if someone invents a way to make coins cheaply does this doom the system? What regulates the produciton rate? does this work if I have 1 million different user identities? if there is a central signing authority for this then what keeps this from getting cracked or printing their own money to flood the system?
At the moment, the only way to create bitcoins is via attempting to record histories of events; successfully putting enough computational effort into creating a history and thus confirmations of transactions ("mining", which is deliberately designed to be nontrivial, as if it were easy people could just double-spend) awards a few coins as compensation. The num
I think I agree with you. The major conclusion of this story is not that Flash is a buggy mess (we knew that already), nor that Chrome is necessarily exploitable (technically speaking), but that even Chrome's sandbox is useless at stopping Flash making for an easy attack surface.
Notably, Excel uses it, for its intended function (making the arrow keys scroll rather than moving the cursor). And Linux, when the kernel's busy handling the screen itself (say during the boot process), uses Scroll Lock to temporarily pause quickly scrolling output to the screen so that you can see what it says. Apparently KVM switches often use a double-tap of Scroll Lock in order to send signals to the switch itself rather than the computers connected to it (on the basis that that quickly turning Scroll Lock on and off again is generally not meaningful to anything else), although I don't know that one from personal experience.
That doesn't work any more (although it did indeed work in the past). The adjective gets removed if it contradicts the number. (If people mod +1 no adjective to 0 Flamebait, then an underrated mod takes it to +1 Flamebait, but a second underrated mod to +2 no adjective. I think it's possible to get +2 Flamebait using karma-bonus modifiers, but no higher than that.) So, it's not surprising that you haven't seen it happen recently.
When I was at school, I crashed what IIRC was IE4 (on, I think, windows 95) by creating a frameset that referred to itself. It didn't just take down IE, but also the Start menu (which on a computer where control-alt-delete was restricted by policy, made it rather interesting to log out afterwards). For bonus points, it popped up a "this program is using a lot of memory, do you want to exit it?" dialog box, but both the "Yes" and "No" buttons had no effect.
But in that case, the actual password isn't needed to log in; only its salted hash, which means that people can log in with only information in the server's database, much the same as with a plaintext password (although this is still better, as it saves the person in question from having their login details compromised on other sites with the same password).
There's a 1/19 chance that the Oracle, if paid enough for a major consultation, will give a hint about the invocation ritual specific enough that the correct sequence would be discovered in two or three tries, if not first time. I don't consider that to be particularly sufficient, but if you play enough to even get to that point in the game unspoiled, you'll likely have heard the consultation in question by then. (Disclaimer: I'm working on my own fork of NetHack because official development seems to be unlikely to ever produce a new version, and in that, identified items have viewable descriptions, which, for the invocation artifacts, spell out the ritual pretty precisely.)
On the other hand, I find the game to be more fun spoiled than unspoiled. Quite a lot of the interest in NetHack comes from figuring out how to do something in particular (even if it's just surviving in a particular situation); the more spoiled you are, the more information you have in order to come up with an interesting plan.
The key with the Windows logo on (generally called the Super key under X-based Linux) is also very useful in typical Linux distributions, where it's typically used for global shortcuts (ones independent of everything else you're doing), actually rather like on Windows. I use it to control the window manager (e.g. super-mousewheel = zoom, useful when looking at pixel art or trying to work out if anti-aliasing is working correctly), and have also customized it to control my media player, as my netbook doesn't have separate play/pause/etc buttons. The setup under Windows is probably more useful, though, as it has more useful functions bound by default (although, as was probably inevitable, in typical Linux distributions it's more easily customisable).
I suspect it would be used just as much under Mac OS X if it had a corresponding key (arguably, there is a corresponding key and it's used even more, although I'm not sure exactly how the correspondences work).
The rule is that when there are only 5 left, one is automatically earmarked for each of the five major RIRs (effectively, one/8 for each continent). The only reason they're still shown as unallocated is that IANA presumably hasn't yet decided which continent gets which/8 (which is of course mostly irrelevant, as they're just numbers). Also, http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml is a rather more readable version of your link.
Windows most commonly uses D: for a CD-ROM drive, thus most likely it would be at/media/cdrom or/media/cdrom0 (possibly both). However, that error message looks like it more likely refers to a second hard drive or second hard drive partition; that would be/dev/hdaN (for some N) or/dev/sdaN (again, for some N) while unmounted, and could well be mounted anywhere (although/home,/usr,/var are places which often get partitions of their own).
Using Wine on Linux, there's a config file that lets you effectively "mount" drives, giving a Windows drive letter to arbitrary directories on your Linux machine; by default, D: seems to refer to/media/disk, a common place to mount floppy disks. However, it's easy to change ("Drives" tab in wineconfig, or via making a symlink called "d:" in ~/.wine/dosdevices), and almost certainly has been changed if that is a running-under-Wine message (nobody would sanely run a server from a floppy disk). Thus, whether that's Windows directly or via Wine (which seems a little implausible from a server), I don't think we can infer much from the choice of drive letter.
According to Microsoft's security advisory, you can trigger the bug like that but Outlook's security settings are too locked down for it to actually be exploitable there.
Worse, it sets the background color of text boxes to white, but not the foreground color. My default foreground color for text boxes is white (luckily, not the #FFFFFF shade so I can just about see what I'm doing). There's a reason you're supposed to set both foreground and background, or neither, in web design...
Doesn't it also let people see photos of arbitrary people's friends? You might not need to bother to hack the account; you can get at pictures of someone simply by trying to log into their friends' accounts until you get the person you want.
If you really want to fix the root of the problem, remove all warning labels from all products. Then wait one generation. It'll sort itself out and the rest of us will be much better off.
The warning labels are occasionally useful, even to people who aren't idiots. For instance, I imagine nut allergy sufferers very much care about whether the products they buy are made on a processing line that handles nuts or not. Likewise, it's obvious some things are potentially damaged by heat (say, computer floppy disks, back in the days when people actually used those), but not obvious by how much. Could you put one in a car on a hot day, for instance? What about keeping one in the same bag as a freshly cooked takeway, which is currently far too hot in order that it'll still be hot by the time you manage to take it home? At least back when 5 and a quarter inch floppy disks were the standard, the packaging came with warning labels telling you the exact temperature that would cause them to start losing data. (Nowadays, data storage tends not to be so considerate.) What about the "best before" or "use by" dates that let you know when food is likely to spoil? Those are warning labels too, and yet definitely useful (even if you have a list of the spoiling rates of all the foods you habitually buy memorised, you still can't actually use them without knowing when the product was manufactured.)
Besides, I assume that the warning labels don't make a huge difference to sufficiently stupid people anyway. Most people don't actually read them, after all.
It'd be illegal in the UK at least; there's a law against keeping databases of personally identifiable information without fulfilling several requirements (one of which is that it cannot be disclosed to third parties without the permission of the individual involved), and it's hard to see how a dating profile could be at all useful without personally identifying information. Although the existence of such a law isn't all that surprising, what perhaps is surprising is that the law in question is actually taught in schools, as a mandatory part of the curriculum. (It has a few other interesting features too, such as saying that only an explicit opt-in counts as sufficient consent, opt-out is not enough.)
Another interesting implication of the law is that it requires people holding such information to disclose the entire relevant part of their databases to the person it's about, although they're allowed to charge a reasonable fee for the service (currently capped at £10; I suspect in practice, most companies would demand the entire thing). If you live in the UK and don't mind paying a bit of money for the privilege, it might be interesting to contact a major company like Facebook or Google and ask for a copy of all the data they hold about you (where "you" is directed at Slashdotters in general here, not the parent in particular).
It would be incredibly inconsistent if Google tried to work within even China's restrictions, yet gave up when faced with Italy's. So this seems vaguely unlikely to me.
There was a famous signature randomization failure in Debian a while back, which looks to have been entirely an accident (although it was very embarrassing at the time, and had all sorts of knock-on effects because every key generated on Debian had to be changed; hmm, I wonder if the PS3 key was one of them?) Doing something like that maliciously rather than accidentally would have been pretty easy to hide, I imagine.
ClamAV is available legally for free via the repositories here. Why would I need to pirate it?
-- Linux user who only has antivirus installed because the terms of service for the wireless network here say "you must have antivirus installed", it's never caught anything but a zipbomb I downloaded deliberately
Slashdot Mirror
Even Creative Commons suggest that their licenses aren't used for code; they simply aren't designed to apply to it well, and Creative Commons don't suggest that you use licenses for situations they'd be inappropriate for. (On the other hand, you can meaningfully GPL an image, but only if the image has some sort of equivalent to source code, which would rather depend on how the image was created; this may be a bad idea for other reasons, though.)
It's a one-liner (the shortest known algorithm to write an addition without using the standard library), not a complete program; it does nothing by itself. (I had to golf it right down to fit it in Slashdot's sig limits). It's not really recommended to do it quite like that in production code, as it uses a rather significant line number (1), and leaks all over your operand overloads without scoping them properly. It works in C-INTERCAL, and I think probably CLC-INTERCAL too, although it makes use of some relatively new additions to the language.
NearlyFreeSpeech apparently, when a site gets Slashdotted, charges them for the extra bandwidth at the time, but gives them a permanent discount thereafter. (It's a side-effect of their pricing structure, but an apparently deliberate one, presumably to persuade people to keep paying through the Slashdotting, as it's pre-paid.) That seems vaguely similar to what you're suggesting.
Oh, I wasn't running inside that thing, I was working from my own computer. I thought it was a question about Emacs generally, not about the browser simulator in question. Sorry if there was a misunderstanding.
Hi from Emacs. It seems to work quite well, although a lot of scrolling is needed in order to get past the boilerplate that's normally at the top and sides of the screen. (I had to try multiple backends; the Lynx backend kept logging me out, but this w3m backend works fine.) One slight bizarreness; when I went to write this comment, it opened up an editor for me to write the comment in - and perhaps surprisingly, given that the browser was running in Emacs, it opened in vim. Still inside Emacs, though. I've long been aware that it's possible to run vim from inside Emacs, but I hadn't thought that either vim users or Emacs users would be particularly inclined to try...
Tax brackets don't work like that. If, for instance, the tax brackets are 0% up to $20000 income, 20% up to $50000 income, 30% up to $100000 income (I don't know what the individual brackets are, so this is just a hypothetical example), and you earn $50001, then you have to pay 0% of $20000, plus 20% of $30000 (the amount of income you have in the second bracket), plus 30% of $1 (the amount of income you have in the third bracket); tax is calculated on the amount of income you had so far that year at the instant you earned the money, rather than being applied retroactively. So if you go just above a tax bracket, you still end up with more net income than you had before.
The UK system works much like this. The UK tax code is really complicated, and typically probably comes to around 50% or 60% of income (but it's disguised by making it out of many smaller taxes, most notably taxing money once when it's received and again when it's used to buy things). However, for the majority of people (people who have a normal sort of job and aren't self-employed or anything like that), everything happens automatically. (When you start a job, you fill in a form to let the tax office know you're in work, and then your employer is responsible for making taxes happen automatically. When you leave a job, the employer gives you back a form with information on your tax situation at that instant, which you give to your next employer so they can continue the details, etc. When you spend money, the shop you spend it at is responsible for calculating and applying the appropriate taxes (and advertising in the UK must show prices with all relevant taxes included). About the only time this breaks down is when you have incompetence on the part of your employers, or are gaining income or spending income in a way that isn't hooked up to the automatic system.)
Why is it that every explanation of bit coin, including your attempt, is incoherent. Given it can't be explained I think it's a scam.
I have many questions in part because the basic schema is not clear. I've watched the videos and read the sites. But there just is no explanation that makes a whole coherent sum and there are contradictions when you piece the various explanations together.
I'm not that much of a fan of BitCoin myself, but I think I know how it works. So here's my attempt to explain.
1) On a torrent network, not every node knows where all the slices are. Not all nodes are in communication. Thus what happens if I sent 30 bit coins to Amy and then I sent the exact digital copy of those coins to Brad who is on a network remote from Amy. It sounds like Amy will query the local network to see if I own the coins and so will Brad. But because those queries never intersect on the same node both appear to be valid when in fact I just copied the money. Later on perhaps the system can't reconcile two people owning the same coins but by then I'm gone.
Both people will publish the transactions, and when people try to update the transaction history, they'll (automatically) notice that the coins were double-spent. Over time, the "official" version of events will become the one that more computational effort goes into recording into the public record. Neither Amy nor Brad should rely on the transaction having been legitimate until enough confirmations come in; typically people would wait for a chain of 180 to 200 past a transaction to ensure it was legitimate, at the moment.
2) Suppose I send money to Alice. then a fraction of a second later Alice tries to send the same Money to Bob. How does Bob determine that Amy owns the coins? No node on BoB's network can validate my transfer to Alice.
He can't, until the confirmations of the trades come in. With all Bitcoin transfers, though, although the transfer itself is made immediately, you have to wait a while to determine whether the transfer was legitimate or not by waiting for confirmations (i.e. computational effort put into recording that history of events) to come in. I think this point isn't really explained as much as it should be.
3) the description has this trail of signed hashes being appended. Does this grow forever and can it be inverted to follow the money?
Yes, and yes. After a while it could get quite tricky to follow, because, say, someone could send 10 bitcoins to someone else and that person could send a different 10 to someone entirely different, so it's likely that transactions could be made practically untraceable, but you can tell who's been sending money to who, in terms of Bitcoin account identifiers. (However, one person could have many different account IDs, and it wouldn't necessarily be clear who was the owner of which, so although I don't think there's anything like perfect untraceability, I think there's enough there to at least slow people trying to track things down for a while.
4) is each coin signed? or is it transactions?
Transactions, and only so that people who were sent money can prove that the money was in fact sent.
5) if someone invents a way to make coins cheaply does this doom the system? What regulates the produciton rate? does this work if I have 1 million different user identities? if there is a central signing authority for this then what keeps this from getting cracked or printing their own money to flood the system?
At the moment, the only way to create bitcoins is via attempting to record histories of events; successfully putting enough computational effort into creating a history and thus confirmations of transactions ("mining", which is deliberately designed to be nontrivial, as if it were easy people could just double-spend) awards a few coins as compensation. The num
I think I agree with you. The major conclusion of this story is not that Flash is a buggy mess (we knew that already), nor that Chrome is necessarily exploitable (technically speaking), but that even Chrome's sandbox is useless at stopping Flash making for an easy attack surface.
Notably, Excel uses it, for its intended function (making the arrow keys scroll rather than moving the cursor). And Linux, when the kernel's busy handling the screen itself (say during the boot process), uses Scroll Lock to temporarily pause quickly scrolling output to the screen so that you can see what it says. Apparently KVM switches often use a double-tap of Scroll Lock in order to send signals to the switch itself rather than the computers connected to it (on the basis that that quickly turning Scroll Lock on and off again is generally not meaningful to anything else), although I don't know that one from personal experience.
That doesn't work any more (although it did indeed work in the past). The adjective gets removed if it contradicts the number. (If people mod +1 no adjective to 0 Flamebait, then an underrated mod takes it to +1 Flamebait, but a second underrated mod to +2 no adjective. I think it's possible to get +2 Flamebait using karma-bonus modifiers, but no higher than that.) So, it's not surprising that you haven't seen it happen recently.
When I was at school, I crashed what IIRC was IE4 (on, I think, windows 95) by creating a frameset that referred to itself. It didn't just take down IE, but also the Start menu (which on a computer where control-alt-delete was restricted by policy, made it rather interesting to log out afterwards). For bonus points, it popped up a "this program is using a lot of memory, do you want to exit it?" dialog box, but both the "Yes" and "No" buttons had no effect.
But in that case, the actual password isn't needed to log in; only its salted hash, which means that people can log in with only information in the server's database, much the same as with a plaintext password (although this is still better, as it saves the person in question from having their login details compromised on other sites with the same password).
There's a 1/19 chance that the Oracle, if paid enough for a major consultation, will give a hint about the invocation ritual specific enough that the correct sequence would be discovered in two or three tries, if not first time. I don't consider that to be particularly sufficient, but if you play enough to even get to that point in the game unspoiled, you'll likely have heard the consultation in question by then. (Disclaimer: I'm working on my own fork of NetHack because official development seems to be unlikely to ever produce a new version, and in that, identified items have viewable descriptions, which, for the invocation artifacts, spell out the ritual pretty precisely.)
On the other hand, I find the game to be more fun spoiled than unspoiled. Quite a lot of the interest in NetHack comes from figuring out how to do something in particular (even if it's just surviving in a particular situation); the more spoiled you are, the more information you have in order to come up with an interesting plan.
The key with the Windows logo on (generally called the Super key under X-based Linux) is also very useful in typical Linux distributions, where it's typically used for global shortcuts (ones independent of everything else you're doing), actually rather like on Windows. I use it to control the window manager (e.g. super-mousewheel = zoom, useful when looking at pixel art or trying to work out if anti-aliasing is working correctly), and have also customized it to control my media player, as my netbook doesn't have separate play/pause/etc buttons. The setup under Windows is probably more useful, though, as it has more useful functions bound by default (although, as was probably inevitable, in typical Linux distributions it's more easily customisable).
I suspect it would be used just as much under Mac OS X if it had a corresponding key (arguably, there is a corresponding key and it's used even more, although I'm not sure exactly how the correspondences work).
The rule is that when there are only 5 left, one is automatically earmarked for each of the five major RIRs (effectively, one /8 for each continent). The only reason they're still shown as unallocated is that IANA presumably hasn't yet decided which continent gets which /8 (which is of course mostly irrelevant, as they're just numbers). Also, http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml is a rather more readable version of your link.
Windows most commonly uses D: for a CD-ROM drive, thus most likely it would be at /media/cdrom or /media/cdrom0 (possibly both). However, that error message looks like it more likely refers to a second hard drive or second hard drive partition; that would be /dev/hdaN (for some N) or /dev/sdaN (again, for some N) while unmounted, and could well be mounted anywhere (although /home, /usr, /var are places which often get partitions of their own).
Using Wine on Linux, there's a config file that lets you effectively "mount" drives, giving a Windows drive letter to arbitrary directories on your Linux machine; by default, D: seems to refer to /media/disk, a common place to mount floppy disks. However, it's easy to change ("Drives" tab in wineconfig, or via making a symlink called "d:" in ~/.wine/dosdevices), and almost certainly has been changed if that is a running-under-Wine message (nobody would sanely run a server from a floppy disk). Thus, whether that's Windows directly or via Wine (which seems a little implausible from a server), I don't think we can infer much from the choice of drive letter.
According to Microsoft's security advisory, you can trigger the bug like that but Outlook's security settings are too locked down for it to actually be exploitable there.
Worse, it sets the background color of text boxes to white, but not the foreground color. My default foreground color for text boxes is white (luckily, not the #FFFFFF shade so I can just about see what I'm doing). There's a reason you're supposed to set both foreground and background, or neither, in web design...
Doesn't it also let people see photos of arbitrary people's friends? You might not need to bother to hack the account; you can get at pictures of someone simply by trying to log into their friends' accounts until you get the person you want.
If you really want to fix the root of the problem, remove all warning labels from all products. Then wait one generation. It'll sort itself out and the rest of us will be much better off.
The warning labels are occasionally useful, even to people who aren't idiots. For instance, I imagine nut allergy sufferers very much care about whether the products they buy are made on a processing line that handles nuts or not. Likewise, it's obvious some things are potentially damaged by heat (say, computer floppy disks, back in the days when people actually used those), but not obvious by how much. Could you put one in a car on a hot day, for instance? What about keeping one in the same bag as a freshly cooked takeway, which is currently far too hot in order that it'll still be hot by the time you manage to take it home? At least back when 5 and a quarter inch floppy disks were the standard, the packaging came with warning labels telling you the exact temperature that would cause them to start losing data. (Nowadays, data storage tends not to be so considerate.) What about the "best before" or "use by" dates that let you know when food is likely to spoil? Those are warning labels too, and yet definitely useful (even if you have a list of the spoiling rates of all the foods you habitually buy memorised, you still can't actually use them without knowing when the product was manufactured.)
Besides, I assume that the warning labels don't make a huge difference to sufficiently stupid people anyway. Most people don't actually read them, after all.
It'd be illegal in the UK at least; there's a law against keeping databases of personally identifiable information without fulfilling several requirements (one of which is that it cannot be disclosed to third parties without the permission of the individual involved), and it's hard to see how a dating profile could be at all useful without personally identifying information. Although the existence of such a law isn't all that surprising, what perhaps is surprising is that the law in question is actually taught in schools, as a mandatory part of the curriculum. (It has a few other interesting features too, such as saying that only an explicit opt-in counts as sufficient consent, opt-out is not enough.)
Another interesting implication of the law is that it requires people holding such information to disclose the entire relevant part of their databases to the person it's about, although they're allowed to charge a reasonable fee for the service (currently capped at £10; I suspect in practice, most companies would demand the entire thing). If you live in the UK and don't mind paying a bit of money for the privilege, it might be interesting to contact a major company like Facebook or Google and ask for a copy of all the data they hold about you (where "you" is directed at Slashdotters in general here, not the parent in particular).
It would be incredibly inconsistent if Google tried to work within even China's restrictions, yet gave up when faced with Italy's. So this seems vaguely unlikely to me.
There was a famous signature randomization failure in Debian a while back, which looks to have been entirely an accident (although it was very embarrassing at the time, and had all sorts of knock-on effects because every key generated on Debian had to be changed; hmm, I wonder if the PS3 key was one of them?) Doing something like that maliciously rather than accidentally would have been pretty easy to hide, I imagine.
ClamAV is available legally for free via the repositories here. Why would I need to pirate it?
-- Linux user who only has antivirus installed because the terms of service for the wireless network here say "you must have antivirus installed", it's never caught anything but a zipbomb I downloaded deliberately