The other is described in Heinlein's PuppetMasters. His specific version is also a solution to the bomb problem as well.
So why don't we abolish the indecent exposure offence for starters. Personally, I do not really care about anyone getting pictures of me in the buff. Nothing particularly interesting to see there.
The power is already there and is already being misused.
I had to help a friend of mine a few months back who has had 500$ clocked in a day or so from what appeared as his parents' asterisk extension through his Asterisk PBX to toll numbers in strange African countries.
The conclusion at the end was that someone at the ISP where his parents were connected intercepted the traffic and brute-forced the passwords. SIP's auth is MD5 so it is fairly trivial by todays standard. Once the parents switched the ISP the problem went away.
Guess where the parents (and the ISP) were - Canada. Nuff said.
The primary issue is that most manufacturers can't put together a decent hardware/UI package.
Exactly. Windows has made most of the established ones forget how to do it. None of the "stablished" PC players remembers how to do this any more. At the same time the phone players do not know how to do a bigger screen and a more PC like experience with some productivity apps that re not toys and get actual use. There are some examples here - Samsung, Archos and Sony come to mind, but that is about it. The rest of the industry has relied on someone else doing the UI for so long that they do not know how to do it. When you look at what Toshiba and HP have tried to ship it is frankly not even funny.
So not surprisingly it is being returned and Apple continues to laugh all the way to the bank.
This is a "NERD Feature" patch which does very little to the improve the way Joe Average Luser uses his desktop. In fact it leads to some seriously goofy allocation artefacts.
What it does (if I read it right) is that it puts all processes with the same controlling TTY into the same group. Well, anything launched in X has no controlling TTY. So it all gets lumped into one group. Now you open a xterm and you launch something from there. Miracle, halleluyah, that actually got into a separate schedule group which can now hog a CPU while the rest of apps will fight for the other one on a two core machine. So what am I supposed to do? Start every one of my X applications from a different Xterm so they have a different controlling TTY (and do not close any of them)?
Screw that for laughs.
Process grouping is too difficult to be done based on such simplistic criteria. It is best to provider an interface through which a user can group all of the processes with his UID and leave the Desktop environment do the grouping. Or put something on the dbus which listens and follows who talks to whom to do the same. This will provide much better results than putting yet another simplistic euristic in the kernel.
Have a seminar and make the student present the paper to peers. That is what good universities in Europe do and they have had to deal with the shadow scholar industry for many centuries. If the class is too big split the class and have the grad students run the seminars helping them out on a round-robin basis. They need to learn the trade too.
In fact in most cases the other students _WILL_ catch them for you. There is nothing as merciless as an audience of your peers especially if they are getting a grade percentage or grade bonus for successful critique. Especially in humanities.
You really need to get your hands on one of the tablet flops coming out with Android to understand just how bad android can be. Even established makers like Toshiba have a 80%+ return rate. It just goes to show that you need proper UE and proper testing and proper development to create something even if you start with a "ready" OS.
In any case, MeeGo is geared not just towards the phone and Tablet market. All those STBs, media SoCs in TVs using bespoke builds are ripe for the picking and make a much easier target. It is also a market where Intel has some clout as their media processor + Atom combination delivers same or better performance and price/performance than the incumbent (predominantly MIPS) offerings from Pace and the like.
The oil situation may change somewhat if it resolves its disputes around contentious areas with probable oil fields in the yellow sea. However even with these deemed to belong to then, online and exploited to the full it will still need to import.
As far as most metals, etc it will always have to import. So the biggest danger to China's economic boom is actually not the increase of their own living standard and costs - it is the rising competition from other countries which used to be predominantly exporters of raw materials like Brazil.
Reminds me of the wonders of the "Socialst Society". This was a standard practice by all large employers in the communist block. As there was no housing to go about this pretty much meant you slaving for life in a single job with the average time a person was in one job in excess of 20 years.
Having PlayWhatever is not enough. There is a req for it to talk to the device low level crypto. That is pretty much the standard req for stuff like that.
I would not be surprised if it is not properly standardised at that level and every manufacturer has gone his own way.
The other problem here may be the "trusted path" problem. While it is possible to have a trusted path all the way to the TPM (or whatever crypto element the phone has) the requirements for making sure it is unbroken are likely to be considerably more stringent if the phone can be reflashed with a third party build. This is one place where security through obscurity (as in closed phone OS) makes things much easier.
I have worked in all of the three - a startup in a greenfield, an incumbent and a startup challenging the incumbents on own turf.
The problem with VC capital is that the maximum first round you can rely on is under 30M. In most industries it is under 10M. With that you can prepare an alpha-level prototype in a greenfield and launch a service similarly in a greenfield. If you are successful you can apply for second and sometimes third round.
This model stops working once the incumbent players become sufficiently established. Then the barrier to entry costs exceeds the maximum amount VCs can offer.
Going back to my example - you cannot get the VC money to establish a router company today. Even if Vint Cerf, Tony Lee, Kireeti Kompella and Luca Martini decide to create a router startup today, they will not be given more than the maximum VCs are willing to offer on a first round. As a result new Cisco or new Juniper is simply no longer on the cards. The last several companies trying to build products in this area failed because they did not manage to get enough funding from VCs to get to a working product. Same for ISPs, same for telcos, etc.
That does not mean that the incumbents in these fields do not go unchallenged. They surely are regularly challenged, but by players in other fields making an entry to challenge the incumbents. These use 100s of millions for initial entry, however none of that will go to two guys in a garage. Never. Not a chance in hell. In that case it goes to an established management team (quite often internal one).
Not necessarily. The old versions may stay and it may still be a viable platform provided that they updates are funnelled through the market same way package repositories in Linux work.
You want to run this app. Fine, but you will have to update to the latest patchlevel or update your OS to a newer version altogether.
It took a couple of millions to start a let's say router company 10 years ago. Now you need 100M to just consider it.
It took a couple of millions to start a network management company 10 years ago. Now you need 30-50M.
It took a couple of millions to start an ISP 10 years ago. Now you need something on the order of a few 100M.
The "several guys in the garage making the next big thing" is the norm in any market in the beginning. HP was started in a garage. Apple was started in a garage. You cannot however start a computer company in a garage today. The Internet is quickly approaching that stage. The number of areas where there are still breakthroughs of garage companies is small and decreasing and this is normal for the development of the market.
The IRA usually warned the police that they are going to blow up something to avoid collateral damage casualties.
If those bombs were happening today I would not be suprised if they were tweeted instead of phoned-in.
IRA however is a strange exemption to the overall "rules" of terrorism. Most of today's terrorists would go for the opposite - to kill as many bystanders as possible.
Stalin's ideology is as far from Socialism as anything can be.
It is a classic form of theocratic ideology with the supreme ruler equated to god - omnipotent and omniscient. Just read on "Cult of the personality" and give some thought to the word Cult.
I have designed and implemented production systems using a direct SQL-field to accessor mapping and direct SQL-to-object mapping as far back as 2000. FFS at least 4 large-ish systems I have written for the last 10 years do that. It is a bleeding obvious approach and it should not be patentable in the first place. Anyone who knows _BOTH_ SQL and OO progamming and is using a dynamic language where you can generate database structures more or less on the fly like Perl would come up to this as an approach sooner or later.
In fact I can think of a prior art here off the top of my head. RT uses at least some of these paradigms and some of its code dates back to 1996. Someone needs to ask Jesse when did he start using the automated mapping, but I suspect it is before the Acacia patent filing date.
For example they did not properly document and release the docs on the hardware RNG in their first chipsets when it came out. As a result it ended up supported only on Linux on a "friend-of-mine" basis and MSFT (on whatever basis). The other OS developers did not know about it for a while (more than half a year). I remember personally telling Theo De Raadt on BUGTRAQ at the time to stop talking rubbish that AMD does not have a hardware RNG and he was genuinely shocked. However the fact is a fact - it was not open.
This is just an example, i can think of quite a few others.
You are missing the point of marketing through fear and the difference between marketing through fear and marketing on technical spec and merit.
The first is easy, the second requires the spec and the merit to be there in the first place. Judging by the way this incident has proceeded it is not there. It takes about 5 lines of code in perl using Net::DNS to walk your address blocks and check them vs the known blacklists. It takes about 5 lines of code in perl to parse a log and pick up a 5xx SMTP bounce. It takes about a page of code to plot the bounces vs your address blocks and this plot is one of the _ESSENTIAL_ plots in a managed mail service and this change in the bounce distribution should have caused an immediate red allert. It takes 5-10 lines of perl (with a suitable framework in the back) to take an ip block from or put it back into an MX-pool service if of course you have the competence to build your service this way in the first place so it is maintainable and scalable without having to have a whole NOC on a warmer and wetter subcontinent to handle upgrades. It takes...
That is all of course if the underlying competence is there in the first place. There has to be someone moderately competent to understand the underlying subject matter _AND_ the change process to write those few lines of code ya know...
It is of course easier to blame it all on "hackers"...
Seconded. I tried using them a few years back and balked at the appalling quality of the data.
In any case, using greylisting, some basic header sanity checking and spamhaus kills 99%+ of the spam so there is really no technical need to use such an aggressive list.
That is the biggest problem with SLBMs. Until it has started curving towards its target you do not know where it is going. So for all practical purposes they can open all bloody tubes, shoot the whole lot and there is still NO casus belli to take them out. They can even surface and shoot them in plain sight in front of everyone. Until it is clear where they are going there is bugger all that can be done.
One of the times the world has been closest to full nuclear annihilation was when the French tested their SLBM without telling anyone off the shore of Ireland towards the open Atlantic. It caused both USA and Britain immediately followd by USSR to go on the highest state of alert right away (basically with the hand on the button). The rumour is that there were quite a few sets of very brown pants in both NORAD and its British equivalent by the time it became apparent that the SLBM is going only a few hundred miles out and not across the Atlantic towards NYC.
You can make a single shot throw away device (and a pretty powerful one) out of plumbing supplies available from B&Q, Praktiker or any other DIY shop in about 10 minutes. Even easier if you live on the continent and have access to stainless steel pipes. Why bother with printing even if the printer could produce a functional one?
Same goes for prohibiting printing on these grounds. What's next? Making plumbing a licensed profession which requires a a security clearance and supplies being available only from a licensed shop?
Exactly, while CPUID and its equivalents are usually privileged operations their results are not.
Most OSes out there will spill the beans on the platform including CPU, PCI devices, USB devices, etc to anyone. Some of that info is even handed out freely to anyone the system talks to. There is also a whole bunch of network protocols which disclose some info about the systems involved - http (Agent string), UpNP and discovery protocols like Randevous, CDP, you name it.
Slashdot Mirror
That's one option.
The other is described in Heinlein's PuppetMasters. His specific version is also a solution to the bomb problem as well.
So why don't we abolish the indecent exposure offence for starters. Personally, I do not really care about anyone getting pictures of me in the buff. Nothing particularly interesting to see there.
The power is already there and is already being misused.
I had to help a friend of mine a few months back who has had 500$ clocked in a day or so from what appeared as his parents' asterisk extension through his Asterisk PBX to toll numbers in strange African countries.
The conclusion at the end was that someone at the ISP where his parents were connected intercepted the traffic and brute-forced the passwords. SIP's auth is MD5 so it is fairly trivial by todays standard. Once the parents switched the ISP the problem went away.
Guess where the parents (and the ISP) were - Canada. Nuff said.
There are some examples - meant to say "exemptions", not examples. Should use preview next time... Sigh...
The primary issue is that most manufacturers can't put together a decent hardware/UI package.
Exactly. Windows has made most of the established ones forget how to do it. None of the "stablished" PC players remembers how to do this any more. At the same time the phone players do not know how to do a bigger screen and a more PC like experience with some productivity apps that re not toys and get actual use. There are some examples here - Samsung, Archos and Sony come to mind, but that is about it. The rest of the industry has relied on someone else doing the UI for so long that they do not know how to do it. When you look at what Toshiba and HP have tried to ship it is frankly not even funny.
So not surprisingly it is being returned and Apple continues to laugh all the way to the bank.
The answer is very very very badly.
This is a "NERD Feature" patch which does very little to the improve the way Joe Average Luser uses his desktop. In fact it leads to some seriously goofy allocation artefacts.
What it does (if I read it right) is that it puts all processes with the same controlling TTY into the same group. Well, anything launched in X has no controlling TTY. So it all gets lumped into one group. Now you open a xterm and you launch something from there. Miracle, halleluyah, that actually got into a separate schedule group which can now hog a CPU while the rest of apps will fight for the other one on a two core machine. So what am I supposed to do? Start every one of my X applications from a different Xterm so they have a different controlling TTY (and do not close any of them)?
Screw that for laughs.
Process grouping is too difficult to be done based on such simplistic criteria. It is best to provider an interface through which a user can group all of the processes with his UID and leave the Desktop environment do the grouping. Or put something on the dbus which listens and follows who talks to whom to do the same. This will provide much better results than putting yet another simplistic euristic in the kernel.
Sure you can.
Have a seminar and make the student present the paper to peers. That is what good universities in Europe do and they have had to deal with the shadow scholar industry for many centuries. If the class is too big split the class and have the grad students run the seminars helping them out on a round-robin basis. They need to learn the trade too.
In fact in most cases the other students _WILL_ catch them for you. There is nothing as merciless as an audience of your peers especially if they are getting a grade percentage or grade bonus for successful critique. Especially in humanities.
Divide, conquer, rule.
You really need to get your hands on one of the tablet flops coming out with Android to understand just how bad android can be. Even established makers like Toshiba have a 80%+ return rate. It just goes to show that you need proper UE and proper testing and proper development to create something even if you start with a "ready" OS.
In any case, MeeGo is geared not just towards the phone and Tablet market. All those STBs, media SoCs in TVs using bespoke builds are ripe for the picking and make a much easier target. It is also a market where Intel has some clout as their media processor + Atom combination delivers same or better performance and price/performance than the incumbent (predominantly MIPS) offerings from Pace and the like.
You are not quoting it right.
First of all, it is not an accountant interview, it is the interview for the Chief Economist of Romanian Socialist Republic.
Q: How much is 2+2.
A: That depends, if you have to give - 3, if you have to take - 5.
And he was not hired on the spot. The person to be hired was the nephew of Tovarish Cheushesku.
It has little or no oil or iron for that matter.
The oil situation may change somewhat if it resolves its disputes around contentious areas with probable oil fields in the yellow sea. However even with these deemed to belong to then, online and exploited to the full it will still need to import.
As far as most metals, etc it will always have to import. So the biggest danger to China's economic boom is actually not the increase of their own living standard and costs - it is the rising competition from other countries which used to be predominantly exporters of raw materials like Brazil.
Reminds me of the wonders of the "Socialst Society". This was a standard practice by all large employers in the communist block. As there was no housing to go about this pretty much meant you slaving for life in a single job with the average time a person was in one job in excess of 20 years.
Having PlayWhatever is not enough. There is a req for it to talk to the device low level crypto. That is pretty much the standard req for stuff like that.
I would not be surprised if it is not properly standardised at that level and every manufacturer has gone his own way.
The other problem here may be the "trusted path" problem. While it is possible to have a trusted path all the way to the TPM (or whatever crypto element the phone has) the requirements for making sure it is unbroken are likely to be considerably more stringent if the phone can be reflashed with a third party build. This is one place where security through obscurity (as in closed phone OS) makes things much easier.
Oh yes, I have.
I have worked in all of the three - a startup in a greenfield, an incumbent and a startup challenging the incumbents on own turf.
The problem with VC capital is that the maximum first round you can rely on is under 30M. In most industries it is under 10M. With that you can prepare an alpha-level prototype in a greenfield and launch a service similarly in a greenfield. If you are successful you can apply for second and sometimes third round.
This model stops working once the incumbent players become sufficiently established. Then the barrier to entry costs exceeds the maximum amount VCs can offer.
Going back to my example - you cannot get the VC money to establish a router company today. Even if Vint Cerf, Tony Lee, Kireeti Kompella and Luca Martini decide to create a router startup today, they will not be given more than the maximum VCs are willing to offer on a first round. As a result new Cisco or new Juniper is simply no longer on the cards. The last several companies trying to build products in this area failed because they did not manage to get enough funding from VCs to get to a working product. Same for ISPs, same for telcos, etc.
That does not mean that the incumbents in these fields do not go unchallenged. They surely are regularly challenged, but by players in other fields making an entry to challenge the incumbents. These use 100s of millions for initial entry, however none of that will go to two guys in a garage. Never. Not a chance in hell. In that case it goes to an established management team (quite often internal one).
Not necessarily. The old versions may stay and it may still be a viable platform provided that they updates are funnelled through the market same way package repositories in Linux work.
You want to run this app. Fine, but you will have to update to the latest patchlevel or update your OS to a newer version altogether.
That _WAS_ the case.
It took a couple of millions to start a let's say router company 10 years ago. Now you need 100M to just consider it.
It took a couple of millions to start a network management company 10 years ago. Now you need 30-50M.
It took a couple of millions to start an ISP 10 years ago. Now you need something on the order of a few 100M.
The "several guys in the garage making the next big thing" is the norm in any market in the beginning. HP was started in a garage. Apple was started in a garage. You cannot however start a computer company in a garage today. The Internet is quickly approaching that stage. The number of areas where there are still breakthroughs of garage companies is small and decreasing and this is normal for the development of the market.
In the UK? Not twitter, but phone - yes.
The IRA usually warned the police that they are going to blow up something to avoid collateral damage casualties.
If those bombs were happening today I would not be suprised if they were tweeted instead of phoned-in.
IRA however is a strange exemption to the overall "rules" of terrorism. Most of today's terrorists would go for the opposite - to kill as many bystanders as possible.
Stalin's ideology is as far from Socialism as anything can be.
It is a classic form of theocratic ideology with the supreme ruler equated to god - omnipotent and omniscient. Just read on "Cult of the personality" and give some thought to the word Cult.
I have designed and implemented production systems using a direct SQL-field to accessor mapping and direct SQL-to-object mapping as far back as 2000. FFS at least 4 large-ish systems I have written for the last 10 years do that. It is a bleeding obvious approach and it should not be patentable in the first place. Anyone who knows _BOTH_ SQL and OO progamming and is using a dynamic language where you can generate database structures more or less on the fly like Perl would come up to this as an approach sooner or later.
In fact I can think of a prior art here off the top of my head. RT uses at least some of these paradigms and some of its code dates back to 1996. Someone needs to ask Jesse when did he start using the automated mapping, but I suspect it is before the Acacia patent filing date.
That is not always the case.
For example they did not properly document and release the docs on the hardware RNG in their first chipsets when it came out. As a result it ended up supported only on Linux on a "friend-of-mine" basis and MSFT (on whatever basis). The other OS developers did not know about it for a while (more than half a year). I remember personally telling Theo De Raadt on BUGTRAQ at the time to stop talking rubbish that AMD does not have a hardware RNG and he was genuinely shocked. However the fact is a fact - it was not open.
This is just an example, i can think of quite a few others.
So is the answer to the question "Should I destroy evidence". He got away lightly on this one.
You are missing the point of marketing through fear and the difference between marketing through fear and marketing on technical spec and merit.
The first is easy, the second requires the spec and the merit to be there in the first place. Judging by the way this incident has proceeded it is not there. It takes about 5 lines of code in perl using Net::DNS to walk your address blocks and check them vs the known blacklists. It takes about 5 lines of code in perl to parse a log and pick up a 5xx SMTP bounce. It takes about a page of code to plot the bounces vs your address blocks and this plot is one of the _ESSENTIAL_ plots in a managed mail service and this change in the bounce distribution should have caused an immediate red allert. It takes 5-10 lines of perl (with a suitable framework in the back) to take an ip block from or put it back into an MX-pool service if of course you have the competence to build your service this way in the first place so it is maintainable and scalable without having to have a whole NOC on a warmer and wetter subcontinent to handle upgrades. It takes...
That is all of course if the underlying competence is there in the first place. There has to be someone moderately competent to understand the underlying subject matter _AND_ the change process to write those few lines of code ya know...
It is of course easier to blame it all on "hackers"...
Seconded. I tried using them a few years back and balked at the appalling quality of the data.
In any case, using greylisting, some basic header sanity checking and spamhaus kills 99%+ of the spam so there is really no technical need to use such an aggressive list.
And how do you know it is shot at you?
That is the biggest problem with SLBMs. Until it has started curving towards its target you do not know where it is going. So for all practical purposes they can open all bloody tubes, shoot the whole lot and there is still NO casus belli to take them out. They can even surface and shoot them in plain sight in front of everyone. Until it is clear where they are going there is bugger all that can be done.
One of the times the world has been closest to full nuclear annihilation was when the French tested their SLBM without telling anyone off the shore of Ireland towards the open Atlantic. It caused both USA and Britain immediately followd by USSR to go on the highest state of alert right away (basically with the hand on the button). The rumour is that there were quite a few sets of very brown pants in both NORAD and its British equivalent by the time it became apparent that the SLBM is going only a few hundred miles out and not across the Atlantic towards NYC.
Well, from Foot User Interface to Heel User Interface is just one letter...
You can make a single shot throw away device (and a pretty powerful one) out of plumbing supplies available from B&Q, Praktiker or any other DIY shop in about 10 minutes. Even easier if you live on the continent and have access to stainless steel pipes. Why bother with printing even if the printer could produce a functional one?
Same goes for prohibiting printing on these grounds. What's next? Making plumbing a licensed profession which requires a a security clearance and supplies being available only from a licensed shop?
Exactly, while CPUID and its equivalents are usually privileged operations their results are not.
Most OSes out there will spill the beans on the platform including CPU, PCI devices, USB devices, etc to anyone. Some of that info is even handed out freely to anyone the system talks to. There is also a whole bunch of network protocols which disclose some info about the systems involved - http (Agent string), UpNP and discovery protocols like Randevous, CDP, you name it.