attempt to be honest. I mean, gasp, the horror of it all. As I said before, I know full well that women have the ability to focus. My mom is extremely extremely successful, much of this success is derived from her ability to focus and see things through. However, it IS a fundamentally different kind of focus. She is not by any means a nerd. She is able to at one moment, solve significant problems that her engineers at her company can't solve, while simultaneously dealing with other problems (e.g., tiffs between engineering and sales, personal problems, financial, etc.)
In short, my mom is, in my opinion, at the top of her game as an engineer and entrepreneur. She is what many women aren't, because of a great deal of SOCIAL (read: nuture) problems. I fully recognize that UNNECESSARY social problems play a large role in keeping women out of certain fields (though many women PLAY THEMSELVES into that roll, to the constant annoyance of successful women such as my mother). None of this is to say, however, that men and women are created exactly equal, except for physical attributes.
While it is true that the priorities of men also change after having a child, there is a world of difference. Men, for whatever reason, don't assume the same roles in bringing up a child as a women does. Very few men feel compelled to quit their jobs, or substancially reduce their hours for a couple year--that is a fact. You might argue much of it is social (although I think there are some chemical differences there), but that does not mean it does not play a key role on career paths. I know of a number of law firms, for instance, that have trouble retaining women--they just can't put in the kind of hours that is demanded of them, and do, what they could regard, as a proper parenting job. In talking to some of these female lawyers, I discovered that they were quite happy at the firm, they just wanted something else. Many were soon snatched up by corporations to act as corporate counsil, a job that requires fewer insane hours. I, too, know a few of these corporations, they consider themselves all too lucky to be able to hire a person that is much more qualified than any male in a similar role.
Did I say I have "proof"? Did I say that I expect everyone to swallow it whole? No. Nor can you claim that your social influences are proof either. I think that both social and chemical differences play a role, social more than chemical (atleast in non-nerdy fields, e.g., law, medicine (although many med schools have more women enrolled than men), business, etc.
Am I saying that women shouldn't enroll in programs such as engineering? No, not by a long shot. If they are happy with it, more power too them. In fact, that's exactly what my sisters are studying in college, and I support them entirely. The fact of the matter is that my mother outperformed nearly every man in her field, if my mother can do it, my sisters can do it. I think a better balance of men and women in engineering could even improve the field in general (although the means to achieve this I question sometimes) But that does not mean that I ever expect my sisters to behave the same way that thousands of young men have, through different cultures, through the decades. I don't confuse the ability to get things done, with the ability to lose sight of everything but ONE thing--in my experience, that is very much of a male attribute. Put simply, women are capable of doing the same job in engineering; it is the underlying motivations and approach that I question.
I'll be the first to tell you that women ARE plenty capable. I know this from first hand experience, as my mom is a Phd. in EE (top in her class) with several highly successfull startup companies and patents. She is honestly the all-round smartest person I've ever known...not "genius"...but I think most "genius" isn't really genius at all. (On somewhat of a side note, she put herself through all of this literally alone as a women, far worse than most of today's women have to contend with. e.g. Professors telling her in the beginning of the semester that they didn't believe her (women) capable of doing the work...only later to eat crow and then some)
I'm not going to tell you that there aren't some unfair social expectations out there--there are. However, it is equally naive to say that men and women are wired the same. I think there are also certain maternal obligation and desires that can't be ignored--men don't really face it. This is not to say that women should be home and barefoot (or any similar bullshit), but rather that many professional women start out in demanding fields, discover later in life, after graduating from grad school, law school, or what have you, that they want to raise children. This frequently requires a change of priorities...atleast for awhile...which means their ULTIMATE career paths are going to be altered.
I do believe there are fundamental genetic (nature, not nuture) differences between men and women. While I can't pinpoint them all...as that tends to be a rather risky proposition. I've seen plenty enough evidence of it, to say that the differences between men and women in the sciences is more than just social and upbringing. When is the last time you've seen a women lock themselves up in a room, and obsess about something to the exclusion of all else (e.g., body odor, hair, social life, etc) until they solve it, or come up empty handed? We see plenty of male geeks/techies do this in large numbers. Yet, I'm hardpressed, despite my experience, to think of a single women like this in anything (not just computers...)
Though just a single observation (not necessarily true across the board, although I intuit it to be so), the differences between my mother and father typify the differences between the two highly skilled respective element of the sexes. My father, too, was an engineer. Though not as degree'd, he was, by all accounts, the best in his field. As an engineer, he was better than even my mom...atleast in several important areas. One major difference I noticed about my father was that he was very much of the nerd or geek that I mentioned before (who will focus on something with such determination, that the rest of the world is just irrelevant). He loved his technology for the sake of technology. I can't say this about my mom. She loved technology for the sake of delivering a product...of helping people...or some greater end, other than her immediate edification. While my mom also has the ability to see any problem through, it just aint the same. There isn't that one track mind....the kind of mind which I've seen amongst many of the top scientists of today and the past.
I'm also equally sure that there are certain qualities that women have that in a long-term career can prove to be equally valuable in certain fields. I also believe women are fundamentally more social creatures than men...which may explain my mom's success in some ways. Very few people have the ability to manage and understand all types of people (particularly geeks and nerds) and also fully comprehend (as opposed to superficially) the underlying technical problem(s).
More observations...look at girls and boys sports between at a very young age. Across many different cultures, the boys and girls start to differentiate themselves significantly, in terms of aggresion, and the like.... In any case, I can only scratch the surface here, but the mere fact that I lack official stats and figures does not mean that men and women are exactly the same mentally.
It is fine and good to say, that, you object to "...handing out the tools to exploit a hole...to anyone that wants it". However, if the act isn't intrinsically bad, then you should to argue exactly why you feel this way. This argument, naturally, involves weighing the costs and the benefits, on both the short term and the long term (aggregated).
As i've said before, i'm an advocate of disclosure. However, that does not mean that I think all, or even most security "pros", are motivated altruistically. In fact, the motive to publish is very much of a self-centered one. I, for a long time, have held the belief that there is something of a symbiotic relationship between script kiddies and the security professionals who create exploits (script kiddy fodder). The professional not only improves his recognition as a security guru, but he also helps drive up demand for his services when the script kiddies, inevitably, start hacking.
That being said, not every act done out of self-interest is NECESSARILY bad in any context (e.g., the entreprenuer). Nor does every act done out of self-interest, with initially negative consequences, have a net bad effect (e.g., the small business that displaces mom-and-pop stores).
Some of the pros follow a path, which I believe, to be optimal. That is, they first generally discuss the exploit and/or email the vendor(s) and ask them to patch it. Then, after a given period of time, or if the vendor(s) refuse to fix the problem, they'll publish an exploit. Unfortunately, many vendors are less than honest when it comes to these issues, so they force the hand of the hacker. In these kinds of cases, I advocate 100%.
Another argument which I have mixed feeling for, is one of KEEPING the security profession alive. This can be supported by arguing that exploits are necessary for both education (of other pros, but also the up-and-coming kiddies). Remember, that many types of exploits work cross-platform with minimal work applied. So that, if I were to create an exploit on, say, Solaris, and email Sun exclusively, the other security professionals would not benefit from my new technique. Nor would the other vendors' systems necessarily be exposed to the same level of scrutiny.
The secondary argument i'll make, is that in order to have a system hardened against truely determined attackers, we need a system where security is deemed to be IMPORTANT. If the only reminder of the importance of security is the more stealthfull/determined hackers (e.g., the oppositive of a script kiddy) that i've referred to, the costs of hiring professionals would be deemed as too steep relative to the apparent unlikelyhood of getting hacked. This is where, i'll say that the symbiotic relationship comes into play...possibly for our benefit...in the long term...
I wish you'd clarify what your position actually is! Are you referring to DoS utilities, or security exploits? I don't advocate, from a positive net effect point of view, the publication of DoS programs, at least not those that are merely designed for massive flooding using well established techniques. However, I am a strong advocate of disclosure. Proper disclosure, to me, means first approaching the vendor(s) and/or discussing the vulnerability from a technical approach. Failing a positive reaction from the vendors (when they can reasonably solve the problem), then publication of an exploit may be in order.
Guns are of entirely different nature. When someone is shot, that is the end--there is no worse crime. Thousands of people have been killed by guns in this country. Empirically speaking, script kiddies have done very little severe damage with security exploits (not DoS scripts).
In releasing guns to the general public, no reasonable person could claim that it results in a positive net effect. It is not possible, for example, to, say, merely apply a new chemical to your clothing that makes it bullet proof. Nor, could you claim that your bullet vulnerability is due to some flaw in your body or your clothing that can merely be patched. Furthermore, We have a strong military--foreign invaders are not going to be deterred by small civilian arms. Anyone who could defeat the US military would defeat US citizens with relative ease, regardless of how many rifles they may have. Additionally, we have a strong police--most people don't need that kind of protection. Yet my arguments for exploits still stand (atleast you refuse to attack them head on). Vendors are forced to take corrective action every day, that, many of them, would not otherwise have taken were it not for the current approach. The larger ISPs are starting to harden themselves to script kiddies, and are, in the process, making it tougher for wide-spread (particularly automated) hacking by other more malicious interests.
To boil this all down for you. Publishing an exploit is not INTRINSICALLY immoral. If you wish to say it is unwise or immoral, you should make an argument that the results of publishing the exploit is. I could see your arguing, perhaps, that, the short-term losses far outweigh my somewhat longer-term and more theoretical benefits. However, I obviously take a very different view, both in the assumptions made (on which these decisions are predicated) and in the conclusions reached.
I dislike your tank analogy. I fail to see how it applies to security. Do you mean to tell me that changing the Open Source credo/dogma from disclosure to "security by obscurity" is going to stop script kiddies? Honestly? Or do you mean that they simply should make the exploits less trivial? Or that security exploits are fine, but DoS utilities are not?
First, the vast majority of these hackers aren't as philosophically attached to Open Source as you, not to mention most of slashdot, appear to be. They're largely different groups, with some overlap in between. So what may motivate slashdot to change their stance, likely will not sufficiently sway most in the security "community".
Secondly, assuming the two groups are one in the same, the Open Source community should not change its stance on something so fundamental as this, based on public perception. It goes against most of what Open Source supposedly stands for--truth before "perception". In my eyes (not that I'm a zealot), it would equivelent to agreeing to sell all source code, yet keep it "open", for the sake of appeasing those for whom Open Source and communism are synonymous.
Thirdly, I don't believe the general public is truely aware of Open Source in this context. There may be a vague recognition of the words:"Linux", "Open Source", and "slashdot", but they don't know its stances on such things. So public perception is essentially a non-issue.
Fourthly, I believe you must distinguish between security (as in files, information, private networks, etc) and denial of service. I, offhand, can't think of too many large sites that target the general public that have been offline for extended periods of time due to hacking. I was not exactly advocating DoS utility creation, thus I will not touch on it.
Last, but not least, I don't believe any actions (against SECURITY exploit publication) by law, the open source "community", or other wise, are going to have a significant, sustained, and positive affect on security for the general public. As I alluded to earlier, I believe there is a substantial argument for the publication of exploits. Put simply, by making the publication of exploits a "no no", you merely drive it underground. The net effect of this is that even the highest security of sites are left to guess at what the hacker community has in terms of exploits (this is especially true with propietary and very much closed source vendors (e.g., Microsoft)). While your "tank" argument (as you percieve it) may come into play here, I must disagree. The same elements that make the internet such a great thing, also have to effect of providing a common ground and forums for hackers, while providing every "hacker" with potential access to every site on the internet--vastly different from the "local" scenario you seem to be describing.
Actions against publication of exploits may have the effect of driving the script kiddies out of town (or rather, just leaving them illequipped), but I'm not even sure if that is necessarily a good thing (as I mentioned earlier in the "seasoning" argument). Such actions may have the effect of just leaving these exploits in the hands of elite professionals. Imagine, say, the KGB (or whatever it is called today) looking to harm United States in 10 years, after the internet is responsible for 50% (extrmely high in my opinion) of our GDP in one way or another. If you assume that your actions were successfull, that you drove all hackers in the US out of business. What are you left with? The same Microsoft. The same universities. The same military networks. Corporate networks. Unphased by the prospect (lack of publication) of exploits, hackings, and the like. So many unseasoned targets, with, what are frankly OBVIOUS exploits. With one or two obvious exploits, they could turn it over on networks automatically--realizing success proportions that today's script kiddies can't even dream of. Giving them access to even 10% of major internet sites, could not only be an extremely valuable intelligence tool, but it could also be an economic and telecommunications weapon.
Though, the KGB attacking may be an extreme and unlikely scenario, it could also be a devastating one. More likely, and somewhat less devastating, would be terrorists and the like using it in somewhat less coordinated attacks. Or industrial theft, espionage, etc. carried out against virgin targets.
By making security an industry, by allowing publication, you do more than just improve the actual design of operating systems and the like. You create a more educated group of security professionals. Who, in turn, create a more aware group of system admins. Who in turn demand more secure software from vendors... The interplay between all these forces and groups does have positive consequences.
Larger, more important sites, are benefitting a great deal from the status quo. In the short run, I fully realize that the current nature of publicication+script kiddies leave the less attended to sites at something of a disadvantage. Many of these "smaller' or less important sites can't afford to worry about security a great deal, they can't afford to check the latest vulnerabilities before they're put in the hands of thousands of script kiddies world wide. For whatever it is a worth though, I believe that the vast majority of vulnerabilities are due to shear negligence of the vendors. Put simply, they couldn't care enough about security to make it a priority. I do believe that, when and if script kiddies ever become THAT much of a problem, the vendors will have to respond by creating higher quality (less hype, spend more time making sure it works, instead of rushing it out the door) and more secure software. If it a reasonably possible (and I believe it is), market forces will dictate to the vendors.
Once upon a time, I was something of a grey hat. I, at one point, wrote modified and wrote numerous programs and scripts that did similar things (thus I refuse to vilify him). I did say that I have some "respect" for him, and that skill was what I was referring to, even though I haven't personally seen the latest jaurez much. That being said, the idea of a distributed DoS attack isn't entirely new. Back in my day (towards the end), there was a program called FAPI (or was it FABI?) written by some folks that I knew. It wasn't quite as sophisticated, but it could have been developed much further, if anyone put the time into it.
The fact of the matter is that there is nothing the cDc (et. al) does, that can't be created independantly by other hackers. Imagine a world in which none of these exploits are disclosed, and also that 99% of sites on the internet run NT4.0. Without disclosure and general public knowledge of these exploits, MS would never act to patch it--it costs a great deal of money. Some may argue that it is not necessary to actually create a trivial exploit that script kiddies can exploit. While this may have some merit (I even agree somewhat with this approach, it depends largely on the circumstances and the vendor), it has been shown with MS (and a few others), time and time again, that they'll simply dismiss a vulnerability as "theoretical", or even "impossible", unless you make it known that you're going to create an exploit for it--and have demonstrated your abilities to make it a reality before.
What we have today with open disclosure, is a system where operating systems, vendors, and sysadmins become somewhat seasoned and hardened to attack because of this kind of disclosure.
Somwhat more debatably: Although script kiddies may be a pain in the ass, and their motives are selfish and childish, they do (collectively) ironically serve a function of sorts. Without script kiddies, it would be much easier to shrug off the importance of these flaws; it would potentially allow for a terrorist group, foreign government, or even a group of criminals to do serious economic damage in a wide-spread, highly coordinated, and professional attack. Remember that the independant acts of a million script kiddies all doing their own thing, is likely not nearly as dangerous as the coordinated efforts of a professional organization (not to mention that the professional organization could do it by suprise, virtually overnight)
That being said, to clear up any confusion, I don't believe the internet is, at this point at least, terribly significant to our ACTUAL economy (GDP...as opposed to the imaginary one the press and politicans love to talk about). Even the actions of terrorists are not going to have all that great an impact (in my "other" scenario)--just that they'd have a greater impact were it not for disclosure. (Although, with corporate networks today being connected to the internet in various fashions, there is potential of significant information loss through the internet)
I don't want to paint Mixter in the same light as the script kiddies who launched the attack. However, it is ludicrous to compare his DoS programs with the likes of, what I would call, "true" security professionals (e.g. cDc, l0pht, Solar Design, etc.). What he did, was make a bigger, better, and badder-ass gun for the script kiddies. The monkeys could have flooded major sites before Mixter made his presense felt. Mixter merely made it easier for the monkeys, both to execute and get away with.
No rational and reasonably intelligent person would have denied the possibility of this "security problem". The vulnerability to flooding isn't a security flaw per se, that could just be patched if the victims were a little more aware. Unlike l0pht (et. al) he isn't putting pressure on the manufacturers and vendors by releasing his code.
That being said, Mixter didn't do these attacks. He isn't evil, and I have a certain amount of respect for him. I do have problem, though, with portraying his creation of these DoS programs as being intrinsically good, nevermind his motives.
You, my friend, are a member of the "politically correct" Gestapo. While you may not hold all PC views, in this case, you certainly are all too ready to pounce on anything that might discriminate against anything or anyone. Though I disagree with much of JoeSchmoe's proposals, I respect his right to say it. I'll not try to scare any meaningfull discussion away by tossing out words such as "gestapo".
Is the New York Times or the Economist fascist because they don't allow any schmoe write for them? No. Am I fascist because I wish to read something dynamic, more current, and interactice than the Economist (et. al), yet don't have the time to read every flame, troll, and dogmatic post on Slashdot? Because not everyone in this world has anything worthwhile to contribute, moderation and editorial control are necessary.
Trolls are Trolls. When I read a comment,I demand a certain level of effort, coherance, intelligence, and fairness. I don't have to listen to these trolls if I don't want to. Nor should I have to SEE these comments, if it is avoidable.
My problem with JoeSchmoe is that his solutions likely wouldn't be very effective, and might even have the oppositive effect.
I believe the degree of correlation between seniority and quality of posts is nominal. In other words, an individual who posts semi-regularly for a couple months likely isn't a one-time flamer. I would not, however, go beyond that. In my experience the differences between someone with a #xxxx and a #xxxxx ID are barely noticable.
....anyhow, I've got other ideas for moderation, but I don't have time to get into it now...hasta =)
"If the topic of discussion is a Jon Katz interview, then his idiocy (or lack thereof) and his bad grammar are certainly on-topic."
Katz is the topic here. That is what, I believe, the particular poster was commenting on originally.
Furthermore, even if Katz is not the topic, and his article is about, say, "geeks", Katz's grammar (not to mention his other "habits") does not suddenly become immaterial. When you consider the fact that :
a) There are limited opportunities for feedback. Email being the only way I can think of.
b) Katz is one of the select few individuals chosen, by the powers that be, to post articles.
c) Katz is an employee and "friend" of the editors--he is entrenched.
d) The powers that be have, in so many words, said "too bad" in numerous emails (the first, and only, line of attack).
e) Katz's highly inflamatory writing, despite his impopularity with many (perhaps even most), might still fatten Slashdot's wallets.
People who dislike Katz may, in fact, be best advised to act much like they have (though I disagree with many particular methods, e.g., "Katz sucks"). I personally believe the best way to handle Katz's position on Slashdot is to post occasionally on Katz's threads, and to try to educate Slashdot Jr's as to how Katz and Slashdot operate. If we users can create some kind of consensus...enough to reach that critical threshold where people just agree to either stop reading slashdot entirely, or just ban Katz, we might prompt the owners to change their approach.
For those who will, inevitably, tell me that I can merely ignore Katz, I say hogwash. Katz does not operate in a vacuum. Or, to borrow and taint a phrase from Martin Buber, "Idiocy anywhere is idiocy everywhere". Though this might prompt many to ring alarmist bells about fascism and the like, it does not make it any less true. Can you honestly tell me, that, when Katz posts an article, it doesn't affect the traffic and the quality of other articles? Can you honestly tell me that the owners don't sit on their asses at the end of the day after posting a Katz article and a few other meaningless articles, and feel satiated (or atleast their wallets fattened)? Tell me, what happens to the quality articles, not to mention the discussion? Katz changes the dynamic of slashdot, it is as simple as that. While some may argue that it is, on the aggregate, for the better, I disagree strongly.
While my only right, when push comes to shove, is to leave slashdot (and maybe even compete against them), I will not do so without a fight. If this is a community, then I take some ownership of it beyond just what I directly hear and what I say. I may not own slashdot, and I might not speak for the community, but it is not much of a community if communication is only one way.
Your points are all valid. However, none of this means that DNA testing is not extremely valuable. In fact, no matter how you figure the odds (within reason). the odds of a person who is WRONGLY suspected being cleared quickly by DNA are likely higher than they are of a person being wrong convicted based on DNA. Knowing what we know through years of experience with DNA, we know that the odds of a false positive are still very slim, even if you factor in human error. If the odds of being wrongly conficted of a crime are a mere one in 36m (or whatever figure you might happen to quote), and DNA proves to be usefull in solving a great many crimes, the question you should also ask is can we afford not to use it? Think of how many people have been cleared by DNA. Think of how many murderers have been convincted and/or arrested before they could kill again. Do you honestly believe that the number of people wrongly convincted (based on DNA) exceeds (or even remotely approaches) the number of people who've been saved? How many people have been wrongly convicted based on DNA? The closest thing, to my knowledge, is this ONE (out of how many million?) guy in the article here, and he was not even convicted. I suspect any lawyer worth his weight could have refuted that, especially if the odds (based on the agreed premises) are as high as most slashdoter's have just purported (e.g., 1:56).
Sure, all things being equal, I would prefer there be no chance of anyone being wrongly convicted; however, the fact of the matter is that we don't live in a perfect world. We were no better off before DNA testing. All we've ever been able to gaurantee in the courts is due process. There has always been (and likely always will be, to some degree) human error and prejudice involved in any trial. DNA, despite its flaws, brings us that much further away from those kinds of errors...
If you believe that I am a slashdot sycophant, then you really should search and read my past posts. I'm a student of finance--a soon to be entreprenuer--a capitalist. I'm highly skeptical of the Open Source movement, to say the least. This is not to say, however, that MS doesn't have serious flaws--most of which would not exist if the market were a little different. I believe the software industry is immature, and, that, time will mend these issues.
That being said, I might argue that some of the recent pressures behind Linux's (and other Open Sourceish products) recent popularity is symptomic of a reversal process (just a hint of it). Though Open Source is not the answer per se (and I doubt it ever will be), it indicates that at least some customers and businesses are growing tired of MS's (et. al) antics, considering alternative solutions, and "Open source" software is, unfortunately, one of the few alternatives that still stands. It has little to do with the fact that Linux is "free"; many have come to realize that software isn't an end unto itself--it is a means to an end, merely a tool to be used. It is a tool that doesn't wear out, and hence doesn't need to be upgraded every year. As a result, software can, and should, become more STABLE and CONSISTENT. This allows companies to cut down in costs in many ways. Not only do they not need to buy new software and licenses, but they don't need to upgrade computers so frequently either. In addition, this kind of stability allows the employee to become more familiar with his OS/Applications, further cutting support costs and improving efficiency. Likewise, a more stable feature set would allow the software the time to develop such that it actually performs as it is supposed to (every tried embedding documents often? mail merge? Connecting to a windows network (netbios) over dialup and TCP/IP...)
Most companies care little about how much MS (et. al) sells their software and licenses for (even though they're overpriced by most any measure). Nor do they care if the software is propietary (not "free"), for its own sake. It is the secondary and tertiary costs (e.g., support, HW upgrade, employee efficiency, etc.), some of which I mentioned earlier, that cost them dearly. Though most companies have not yet reached the point where they refuse to buy MS, there is definetly significant discontent emerging. Maybe not this year....maybe not next year, but Microsoft can't keep pumping out their same shit indefinetly...
I've used/supported/configured/etc many of the ultra light (~1 inch thick, ~3pounds) Dell laptops at work and otherwise (e.g. Lattitude LS, Lattitude LT, etc.), and they're all very nice. While I doubt any of them have 3d acceleration as of yet, most people who buy those kind of laptops don't use them for 3d video games. Though I'd love to see a gfx card in an ultra light machine that can at least par, say, Voodoo2. =)
If MS's product history is any indicator, there WILL be too many bugs that aren't nigly in the least (not that you ever actually said anything to the contrary). The lack of quality in the industry never ceases to amaze me, particularly Microsoft, and especially their operating systems...
Considering that Katz is a professional (at least in theory), it is entirely reasonable to demand more of him than just mere intelligible work. Proper grammar has evolved, atleast in part, to improve readability and coherance. Katz's poor grammar detracts from his "work". When you consider that writing ability is all Katz truly has to contribute to the community (e.g., not legal, scientific, financial, medical, etc.), it is hard to justify his existence here. [Even though Katz might fatten Slashdot Inc.'s coffers].
that the deal is quid pro quo. Though he doesn't directly work for them, they promote each other, in an odd way. You must remember that virtually every Katz post generates traffic, even if the majority of readers hate him. This traffic inturn generates revenues for slashdot. Though I think promoting a hack like Katz might ultimately harm slashdot in the long run, that is another story.
Katz profits from his slashdot articles, because it promotes his name amongst the internet crowd. Also other sites and journalists may very well quote him because of his recognition. In addition, when it comes time to sell his books he can steer hundreds of slashdot jr.'s and newage types with his influence. Not only does this help pad out his otherwise nominal sales, but i'm convinced it sends a signal of sorts to his publisher. Unlike most other hacks, he has found a way to create a significant amount of sales and interest the first couple days the book hits the shelves using slashdot and other forums. This likely prompts the publisher to promote the book, and make it more visible...prompting more sales.
In short, Katz is a hack that appeals to kiddies and long hairs. As much as I despise him, i must give him some credit for figuring out a way to set himself apart from his kind.
Well I don't believe LinuxOne has been underwritten as of yet, atleast I haven't found anything that would indicate that. Traditionally the underwriters do not bear that kind of liability. In fact, there is language to the effect that the issuer indemnifies the underwriter(s) for liability arising out of omissions or misrepresentations for which the issuer had responsibility.
Now if it can be proven that the underwriting firm had direct knowledge that the firm is a fraud, that might be a different issue. In general though, the onus is not on the investment banks to run around and make sure that everything the issuer says is true.
In regards to their risk, it depends how LinuxOne is taken public. The only route is not through underwriting, rather the risk can be shifted to the issuer through what is known as a "best effort" agreement in which they essentially just act as a broker, not to mention a few others. Even in the case of underwriting though, the underwriters don't necessarily bear signficant risk--even if the issuing company is a bad egg. As long as the bank sells the issue before the market realizes its mistake, they're in the clear. Which is quite likely as long as there is Linux hype in the short term. Especially when the issues are normally significantly discounted and mostly devoid of Day-Traderesque red hot pricing (which the possibly fraudulent owners might be hoping/depending on).
Bottom Line: Don't depend on these investment banks to filter out the slimy issues.
I suppose if you define "suit" as merely being someone who isn't like most slashdotters (e.g., a financial person, doctor, lawyer, etc.), then you might say that. If that was true, then I and many others would be considered a suit too. However, the word "suit" describes a lot more than just a job description, for me atleast. Such as indifference, a certain mentality...incestous, flock like, lack of willingness to really drive at the fundamental issues, aloofness, etc.
But even if "suit" doesn't necessarily carry these associations for you, he is 180degrees off from the typical personality in the financial community. Please don't assume that suits (or even Joe Schmoes) are just a few lessons/hours away from being able to make practical use of Linux--never mind preferring it.
Powerpoint, though not ingeniously designed, was purposely built for whipping up presentations--it is easy to use and quick. Not only does HTML (manually) take more time to learn how to use it efficiently, but also the per presentation time is significantly greater than what it takes to whipup, say, a 20 page presentation. Though I suppose the efficicies of a better designed presentation might make HTML desirable for someone who is presenting the same material over and over (e.g., a salesman), enough to make them willing to spend the extra time at it. I doubt HTML's practicality for embeeding and altering spreadsheets and the like. In any case, your typical "suit", even if he were computer literate, would be petrified of his presentation failing while doing something so different than the rest (HTML).
He ain't no suit, for whatever that means. Though I suppose the definition and connotations of the word "suit" can vary somewhat, it certainly involves more than just having the computing IQ of an Ape (which this guy certainly doesn't have). Beyond his relative adeptness with computers, there are some other non-suit like qualities to him. For example, he dropped Powerpoint for HTML and a browser? Think about what this says about this guy. He is willing to diverge from the rest of the herd (powerpoint) -- definetly not a "suit" like quality. In addition, he has the time (real or percieved) to not only learn HTML sufficiently, but also to use it instead of Powerpoint. While I hardly think Powerpoint is a particularly good product, it is certainly faster for your quicky presentation. Again, if you're going to generalize, "suits" value time; a "suit" would not waste time in HTML. More time/value points: He uses vi (while it's a great text editor for those who have the time to learn it, it ain't a suit tool). He doesn't seem to mind, or atleast makes no mention of, having to track down and download all of these various programs (e.g., vmware, IglooFTP, Klynx, etc.), nor the compilitation/installation processes. He is obviously familiar with slashdot, enough to refer to it as "/.". I could go on, but you get the point...
While my intent is not to deride him or the person who posted, lets be real here. There is little value to his article. He doesn't speak for the financial community in general or "suits". Nor does he attest to Joe Schmoe's view of Linux. What he might have been able to do, he did not do. He did not provide slashdot with a window into how his comrades, the "suits", would or have (not?) approached Linux. Instead, we got a not particularly well written commentary of an individual with a professional job outside of computing (perhaps not your typical slashdotter), yet he has time to burn, and nothing to lose. The mere fact that he finds Linux acceptable doesn't mean most will. We (you) can't pat ourselves on the back for doing a great job. Being both a student of finance (not a suit) and working in and around IT and technology, I can tell you that Linux/Open Source has miles and miles to go.
The only thing a reasonable person could draw from this, is in regards to professional (e.g., Doctor, Lawyer, Financial people, etc.) people's possible use of applications--there are some applications out there that they can theoretically use (not true even 2 years ago)--he found them sufficient. Though having tried using most of them extensively, I disagree with much of it.
While PA isn't exactly the most high tech or startup friendly state, your statements are simply wrong. Besides the pharamsuetical industry, there are many biotech firms here. I happen to work for one, though, like many, it is incorporated in DE.
It is a shame that high speed access isn't more affordable. This is more due to regulation than anything else. However, having been involved with a number of high-tech startups (e.g., not Dot-Coms) I can tell you that high speed net access is a not a significant issue for most.
That being said PA (particularly Philly) has lots of problems, but Net Access ain't top on the list. Tax issues? yes. Attracting/retaining quality employees? Yes. The general apathy/no-can-do attititude? Yes. Problems attracting capital? Yes. Inefficient/troublesome state and city governments? Yes. Old boys club type attitude? Yes. In order to compete with the West Coast (e.g., Seattle, Silicon Valley, etc), PA is going to need to tackle these issues first.
And just because someone duck walks and quotes the Mein Kampf doesn't mean they're necessarily Nazis either; that doesn't mean they deserve much better.
Anyhow, in regards to education, I agree with you that standards are slipping across the board, and that it is unacceptable. However, the slippage that you see at private schools and good suburban schools is of a vastly different nature (and cause) than what is typified in most inner-city public schools. The source of the problem in private school is more a slow perversion from what an education is considered to be; instead of an outright loss of control (like many public schools). Most students graduating from private school have a decent shot at getting into a good college. They atleast conform to certain CURRENT social expectations (e.g., acceptable reading, writing, etc), that allow them to land professional jobs.
Having been to numerous private schools (I've made a few moves), and being very familiar with many more, I can tell you that you're overstating the problem at private schools. First off, most children at private school don't have that kind of money, not to where even 5% of the parents are making significant donations. While I have seen a few cases of private schools extending slack to students of particularly wealthy students who donate, there is normally some sob story (BS) to accompany it, and it's relatively rare. I would not say it is a systemic problem by any means.
In addition, i'd be the first to tell you that private school students are not exceptionally smart (on average, "genetically"). However, I will say that students' intelligence is essentially distributed the same way it is in the public schools. What sets these students apart from public school is not innate intelligence, it is their education system, and their approach to it. The approach i'm referring to is a certain desire to succeed, atleast within that particular framework (e.g., getting an A, for whatever that means). In other words, they're "upwardly mobile" or "professionally oriented".
Most inner city (yes, yes, I know) public schools have problems through and through. From teaching, to administration, to discipline, etc. Thus when I hear Clinton get up on a podium, and tell us that we need computers in the class room or the inner city (etc.) children are going to get "left behind", I get a little bit annoyed. These same kids already are being left behind, throwing computers at them isn't going to make them read and write any better. Unfortunately, until they acquire these basic skills, computers are entirely besides the point.
Anyhow, that caffeine is wearing off, pardon me if I'm somewhat incoherant/non-linear sounding at this hour. Good night;)
PS: I live just outside Philly,
Where are these "closing" Catholic schools? In any case, their dollar/student ratio is much lower than public school. The Catholic schools can't merely raise tuition such that their dollar / head ratio could even approach that of public school.
What do you expect at a small private liberal arts school in suburbia? I'm partially kidding. Still, I hardly think they're particularly representative of the "average" or "better" private school student. Even if 90% of such schools are private school students. =)
Are you going to tell me that the entire public school system has to be mediocre on the aggregate, merely because they can't be selective? What about Europe (though I do realize they're less "forgiving" in many ways than American education, atleast if you want to follow a particular path)? Japan? You'd have to ignore their success. What about American public schools of yesterday? Why are our averages slipping? I don't buy that our children are just getting dumber. Nor do I believe Americans to be any dumber other nations.
In regards to private schools, most are not nearly as selective as is widely percieved. Granted, many private schools are somewhat selective, atleast when it comes to remedial students. To write it off their success to the natural intelligence of the students is a mistake. Furthermore, it would be difficult to claim that the private schools have a lock on "intelligent" students--or even most of them. Quite the contrary infact, when it comes to "natural intelligence", the best at private schools are no better than the best at public school. Also, there are selective public schools. The charter schools are selective, yet they've only had limited success.
On the other hand, I do think the fact that public schools have to find seats for all students is a contributing factor. But it is not a sufficient excuse. It is the way the public schools react to these children that compounds the problem. If a kid is acting up, you kick him out of the class. You do what you need to do, but it's not fair to allow a couple bad eggs to drag the entire class. I realize that the teachers and the adminstration have their hands tied to some degree, but that is part of the problem.
I personally feel that cause of the majority of the "bad" / "dumb" children is more the result of developmental problems (nuture, not nature) than it is genetic problems. Furthermore, I think that schools have a hell of a lot more say about this than they're given credit. If you allow students to fall hopelessly behind and graduate them perpetually, regardless of their learning the material or not, they're going to be hopelessly behind come 10th grade (I believe maybe even permanently). I believe most of these kids can be sufficiently educated before they reach that point though. Again, I'd refer you to most of Western Europe, Japan, and even those few good public schools in American suburbia (though you can argue their parents are "better" influences).
In any case, the public schools have many different problems to contend with. I do not believe more funding is a solution to these problems. Likewise, if these children can't handle even the most basic of an education, I don't see how anyone can reasonably expect them to be productive with computers. I'm not an "expert", for whatever that is worth, but I know this much to be true....
Normally I do not like to make sweeping generalizations. However, when I hear people utter loaded phrases (e.g., "governor ridge once again tries to give a tax break to the rich while keeping up pretences...") like that, I will give them a little taste of their own medicine. In other words, when someone resorts to that kind of language they are classifying themselves. If he merely disagreed with the Ridge's actions I would not attack him.
So sue me, I use colloquial language on slashdot. *Gasp*. Speaking of black pots, "alot", eh?
Certainly you wouldn't try and argue the results of public education in urban settings (though not exclusively urban) isn't a problem at all. Would you? You might debate the cause of the problem, but not the existence of the problem itself.
As it happens to be, I know a few school administrators and teachers in a few large cities, namely, Seattle, Philadelphia, and LA. Most all would, and have, agreed with me. Furthermore, look at the damn statistics. The problem is self-evident to virtually anyone that knows what an education is, and is remotely familiar with the system. In addition, the teachers themselves have suprisingly mediocre test scores.
Do I believe in Free Teachers? No. But I ask you this: Why is it that Catholic schools do a better job, under just about any measure, with significantly less money per head, in the same neighboorhoods, with essentially the same group of students? They pay their teachers less. They don't have a zillion and one adminstrators and counselors running around eating up resources. They don't have these impossible unions to deal with--so they're free from having to mandate things like teaching degrees (not to be confused with a real college education).
To be perfectly honest, I spent most of my childhood in private school (though not all). I can tell you with absolute certainty that these teachers got paid far less than any public school teacher. This is true at all the private schools too, even the most "elite" (e.g., Andover, Exeter, Lakeside, Episcopal Academy, etc.). Yet these private schools generally attract and retain higher quality faculty. They don't require silly teaching degrees. Instead, they have teachers with mostly meaningful 4 year degrees at good schools. It's not about the money. In addition, it is a little known fact that most of these schools actually spend just (sometimes slightly more) as much per student than public schools.
At one particular private school that I attended, we had worse facilities than many public schools, and certainly fewer computers. In addition, we also had less money per head (it was a growing school, without these secondary sources of financing that many schools enjoy). Guess what? We did every bit as well as the "elite" schools when it came down to it--certainly far better than the public schools. Many alumni are also working in the high tech sector and software industries. Call me old fashion, but I believe that a student who is educated traditionally (without any emphasis on computers) is far better equipped for the "information age" than these students at schools that pay a great deal of attention to these latest technologies, while neglecting the fundamentals. One reason for this is that, as we all know well, technology changes every day. You'll never be able to teach students the exact system that they'll be using 10+ years later. Instead, you should try to equip them with the tools to learn, like the ability to read a manual, the ability to think critically, the ability to teach yourself, etc.
Over the years, I've come to the conclusion that money is not the answer for the public school system's ailments. You might try to argue that these private schools simply have more "professional" parents. It does not explain the success of the kids on scholarships at private schools. Nor does that explain the Catholic schools, even though their success isn't quite on par with the private (non-parochial) schools--it is still worlds better than public schools (to avert any flames, this does not include many of these wealthy suburban public schools). I've seen too much money wasted (In fact, I've already heard a few about wasted computer money from my friends at these schools). My concern is less my own wallet, than it is simply the fact that in worrying about computers excessively they inevitably get that much further from a solution.
Why must you left wing types always polarize issues as the "rich" and the "poor". You fail to realize that there are a whole lot more shades in between. In any case, %6 is %6. The "rich" that you speak about are hardly going to get up in arms paying 240 dollars on a 4000 dollar machine, particularly when you consider that those individuals likely to buy a high end machine, and pay a premium for the latest and greatest are likely to have significantly more disposable income than the "poor". You might question the governor's thought process here, but it's unfair to banter about those kind of words.
Furthermore, I tire of all this crap about "computers in the classroom". When most of these inner city kids can't even read and write half decently, why are you worrying about whether or not they have computers? What about getting decent teachers first? Merely throwing money at the issue is not going to solve it. If anything, it distracts from the real problem.
Slashdot Mirror
attempt to be honest. I mean, gasp, the horror of it all. As I said before, I know full well that women have the ability to focus. My mom is extremely extremely successful, much of this success is derived from her ability to focus and see things through. However, it IS a fundamentally different kind of focus. She is not by any means a nerd. She is able to at one moment, solve significant problems that her engineers at her company can't solve, while simultaneously dealing with other problems (e.g., tiffs between engineering and sales, personal problems, financial, etc.)
In short, my mom is, in my opinion, at the top of her game as an engineer and entrepreneur. She is what many women aren't, because of a great deal of SOCIAL (read: nuture) problems. I fully recognize that UNNECESSARY social problems play a large role in keeping women out of certain fields (though many women PLAY THEMSELVES into that roll, to the constant annoyance of successful women such as my mother). None of this is to say, however, that men and women are created exactly equal, except for physical attributes.
While it is true that the priorities of men also change after having a child, there is a world of difference. Men, for whatever reason, don't assume the same roles in bringing up a child as a women does. Very few men feel compelled to quit their jobs, or substancially reduce their hours for a couple year--that is a fact. You might argue much of it is social (although I think there are some chemical differences there), but that does not mean it does not play a key role on career paths. I know of a number of law firms, for instance, that have trouble retaining women--they just can't put in the kind of hours that is demanded of them, and do, what they could regard, as a proper parenting job. In talking to some of these female lawyers, I discovered that they were quite happy at the firm, they just wanted something else. Many were soon snatched up by corporations to act as corporate counsil, a job that requires fewer insane hours. I, too, know a few of these corporations, they consider themselves all too lucky to be able to hire a person that is much more qualified than any male in a similar role.
Did I say I have "proof"? Did I say that I expect everyone to swallow it whole? No. Nor can you claim that your social influences are proof either. I think that both social and chemical differences play a role, social more than chemical (atleast in non-nerdy fields, e.g., law, medicine (although many med schools have more women enrolled than men), business, etc.
Am I saying that women shouldn't enroll in programs such as engineering? No, not by a long shot. If they are happy with it, more power too them. In fact, that's exactly what my sisters are studying in college, and I support them entirely. The fact of the matter is that my mother outperformed nearly every man in her field, if my mother can do it, my sisters can do it. I think a better balance of men and women in engineering could even improve the field in general (although the means to achieve this I question sometimes) But that does not mean that I ever expect my sisters to behave the same way that thousands of young men have, through different cultures, through the decades. I don't confuse the ability to get things done, with the ability to lose sight of everything but ONE thing--in my experience, that is very much of a male attribute. Put simply, women are capable of doing the same job in engineering; it is the underlying motivations and approach that I question.
I'll be the first to tell you that women ARE plenty capable. I know this from first hand experience, as my mom is a Phd. in EE (top in her class) with several highly successfull startup companies and patents. She is honestly the all-round smartest person I've ever known...not "genius"...but I think most "genius" isn't really genius at all. (On somewhat of a side note, she put herself through all of this literally alone as a women, far worse than most of today's women have to contend with. e.g. Professors telling her in the beginning of the semester that they didn't believe her (women) capable of doing the work...only later to eat crow and then some)
I'm not going to tell you that there aren't some unfair social expectations out there--there are. However, it is equally naive to say that men and women are wired the same. I think there are also certain maternal obligation and desires that can't be ignored--men don't really face it. This is not to say that women should be home and barefoot (or any similar bullshit), but rather that many professional women start out in demanding fields, discover later in life, after graduating from grad school, law school, or what have you, that they want to raise children. This frequently requires a change of priorities...atleast for awhile...which means their ULTIMATE career paths are going to be altered.
I do believe there are fundamental genetic (nature, not nuture) differences between men and women. While I can't pinpoint them all...as that tends to be a rather risky proposition. I've seen plenty enough evidence of it, to say that the differences between men and women in the sciences is more than just social and upbringing. When is the last time you've seen a women lock themselves up in a room, and obsess about something to the exclusion of all else (e.g., body odor, hair, social life, etc) until they solve it, or come up empty handed? We see plenty of male geeks/techies do this in large numbers. Yet, I'm hardpressed, despite my experience, to think of a single women like this in anything (not just computers...)
Though just a single observation (not necessarily true across the board, although I intuit it to be so), the differences between my mother and father typify the differences between the two highly skilled respective element of the sexes. My father, too, was an engineer. Though not as degree'd, he was, by all accounts, the best in his field. As an engineer, he was better than even my mom...atleast in several important areas. One major difference I noticed about my father was that he was very much of the nerd or geek that I mentioned before (who will focus on something with such determination, that the rest of the world is just irrelevant). He loved his technology for the sake of technology. I can't say this about my mom. She loved technology for the sake of delivering a product...of helping people...or some greater end, other than her immediate edification. While my mom also has the ability to see any problem through, it just aint the same. There isn't that one track mind....the kind of mind which I've seen amongst many of the top scientists of today and the past.
I'm also equally sure that there are certain qualities that women have that in a long-term career can prove to be equally valuable in certain fields. I also believe women are fundamentally more social creatures than men...which may explain my mom's success in some ways. Very few people have the ability to manage and understand all types of people (particularly geeks and nerds) and also fully comprehend (as opposed to superficially) the underlying technical problem(s).
More observations...look at girls and boys sports between at a very young age. Across many different cultures, the boys and girls start to differentiate themselves significantly, in terms of aggresion, and the like.... In any case, I can only scratch the surface here, but the mere fact that I lack official stats and figures does not mean that men and women are exactly the same mentally.
It is fine and good to say, that, you object to "...handing out the tools to exploit a hole...to anyone that wants it". However, if the act isn't intrinsically bad, then you should to argue exactly why you feel this way. This argument, naturally, involves weighing the costs and the benefits, on both the short term and the long term (aggregated).
As i've said before, i'm an advocate of disclosure. However, that does not mean that I think all, or even most security "pros", are motivated altruistically. In fact, the motive to publish is very much of a self-centered one. I, for a long time, have held the belief that there is something of a symbiotic relationship between script kiddies and the security professionals who create exploits (script kiddy fodder). The professional not only improves his recognition as a security guru, but he also helps drive up demand for his services when the script kiddies, inevitably, start hacking.
That being said, not every act done out of self-interest is NECESSARILY bad in any context (e.g., the entreprenuer). Nor does every act done out of self-interest, with initially negative consequences, have a net bad effect (e.g., the small business that displaces mom-and-pop stores).
Some of the pros follow a path, which I believe, to be optimal. That is, they first generally discuss the exploit and/or email the vendor(s) and ask them to patch it. Then, after a given period of time, or if the vendor(s) refuse to fix the problem, they'll publish an exploit. Unfortunately, many vendors are less than honest when it comes to these issues, so they force the hand of the hacker. In these kinds of cases, I advocate 100%.
Another argument which I have mixed feeling for, is one of KEEPING the security profession alive. This can be supported by arguing that exploits are necessary for both education (of other pros, but also the up-and-coming kiddies). Remember, that many types of exploits work cross-platform with minimal work applied. So that, if I were to create an exploit on, say, Solaris, and email Sun exclusively, the other security professionals would not benefit from my new technique. Nor would the other vendors' systems necessarily be exposed to the same level of scrutiny.
The secondary argument i'll make, is that in order to have a system hardened against truely determined attackers, we need a system where security is deemed to be IMPORTANT. If the only reminder of the importance of security is the more stealthfull/determined hackers (e.g., the oppositive of a script kiddy) that i've referred to, the costs of hiring professionals would be deemed as too steep relative to the apparent unlikelyhood of getting hacked. This is where, i'll say that the symbiotic relationship comes into play...possibly for our benefit...in the long term...
I wish you'd clarify what your position actually is! Are you referring to DoS utilities, or security exploits? I don't advocate, from a positive net effect point of view, the publication of DoS programs, at least not those that are merely designed for massive flooding using well established techniques. However, I am a strong advocate of disclosure. Proper disclosure, to me, means first approaching the vendor(s) and/or discussing the vulnerability from a technical approach. Failing a positive reaction from the vendors (when they can reasonably solve the problem), then publication of an exploit may be in order.
Guns are of entirely different nature. When someone is shot, that is the end--there is no worse crime. Thousands of people have been killed by guns in this country. Empirically speaking, script kiddies have done very little severe damage with security exploits (not DoS scripts).
In releasing guns to the general public, no reasonable person could claim that it results in a positive net effect. It is not possible, for example, to, say, merely apply a new chemical to your clothing that makes it bullet proof. Nor, could you claim that your bullet vulnerability is due to some flaw in your body or your clothing that can merely be patched. Furthermore, We have a strong military--foreign invaders are not going to be deterred by small civilian arms. Anyone who could defeat the US military would defeat US citizens with relative ease, regardless of how many rifles they may have. Additionally, we have a strong police--most people don't need that kind of protection. Yet my arguments for exploits still stand (atleast you refuse to attack them head on). Vendors are forced to take corrective action every day, that, many of them, would not otherwise have taken were it not for the current approach. The larger ISPs are starting to harden themselves to script kiddies, and are, in the process, making it tougher for wide-spread (particularly automated) hacking by other more malicious interests.
To boil this all down for you. Publishing an exploit is not INTRINSICALLY immoral. If you wish to say it is unwise or immoral, you should make an argument that the results of publishing the exploit is. I could see your arguing, perhaps, that, the short-term losses far outweigh my somewhat longer-term and more theoretical benefits. However, I obviously take a very different view, both in the assumptions made (on which these decisions are predicated) and in the conclusions reached.
I dislike your tank analogy. I fail to see how it applies to security. Do you mean to tell me that changing the Open Source credo/dogma from disclosure to "security by obscurity" is going to stop script kiddies? Honestly? Or do you mean that they simply should make the exploits less trivial? Or that security exploits are fine, but DoS utilities are not?
First, the vast majority of these hackers aren't as philosophically attached to Open Source as you, not to mention most of slashdot, appear to be. They're largely different groups, with some overlap in between. So what may motivate slashdot to change their stance, likely will not sufficiently sway most in the security "community".
Secondly, assuming the two groups are one in the same, the Open Source community should not change its stance on something so fundamental as this, based on public perception. It goes against most of what Open Source supposedly stands for--truth before "perception". In my eyes (not that I'm a zealot), it would equivelent to agreeing to sell all source code, yet keep it "open", for the sake of appeasing those for whom Open Source and communism are synonymous.
Thirdly, I don't believe the general public is truely aware of Open Source in this context. There may be a vague recognition of the words:"Linux", "Open Source", and "slashdot", but they don't know its stances on such things. So public perception is essentially a non-issue.
Fourthly, I believe you must distinguish between security (as in files, information, private networks, etc) and denial of service. I, offhand, can't think of too many large sites that target the general public that have been offline for extended periods of time due to hacking. I was not exactly advocating DoS utility creation, thus I will not touch on it.
Last, but not least, I don't believe any actions (against SECURITY exploit publication) by law, the open source "community", or other wise, are going to have a significant, sustained, and positive affect on security for the general public. As I alluded to earlier, I believe there is a substantial argument for the publication of exploits. Put simply, by making the publication of exploits a "no no", you merely drive it underground. The net effect of this is that even the highest security of sites are left to guess at what the hacker community has in terms of exploits (this is especially true with propietary and very much closed source vendors (e.g., Microsoft)). While your "tank" argument (as you percieve it) may come into play here, I must disagree. The same elements that make the internet such a great thing, also have to effect of providing a common ground and forums for hackers, while providing every "hacker" with potential access to every site on the internet--vastly different from the "local" scenario you seem to be describing.
Actions against publication of exploits may have the effect of driving the script kiddies out of town (or rather, just leaving them illequipped), but I'm not even sure if that is necessarily a good thing (as I mentioned earlier in the "seasoning" argument). Such actions may have the effect of just leaving these exploits in the hands of elite professionals. Imagine, say, the KGB (or whatever it is called today) looking to harm United States in 10 years, after the internet is responsible for 50% (extrmely high in my opinion) of our GDP in one way or another. If you assume that your actions were successfull, that you drove all hackers in the US out of business. What are you left with? The same Microsoft. The same universities. The same military networks. Corporate networks. Unphased by the prospect (lack of publication) of exploits, hackings, and the like. So many unseasoned targets, with, what are frankly OBVIOUS exploits. With one or two obvious exploits, they could turn it over on networks automatically--realizing success proportions that today's script kiddies can't even dream of. Giving them access to even 10% of major internet sites, could not only be an extremely valuable intelligence tool, but it could also be an economic and telecommunications weapon.
Though, the KGB attacking may be an extreme and unlikely scenario, it could also be a devastating one. More likely, and somewhat less devastating, would be terrorists and the like using it in somewhat less coordinated attacks. Or industrial theft, espionage, etc. carried out against virgin targets.
By making security an industry, by allowing publication, you do more than just improve the actual design of operating systems and the like. You create a more educated group of security professionals. Who, in turn, create a more aware group of system admins. Who in turn demand more secure software from vendors... The interplay between all these forces and groups does have positive consequences.
Larger, more important sites, are benefitting a great deal from the status quo. In the short run, I fully realize that the current nature of publicication+script kiddies leave the less attended to sites at something of a disadvantage. Many of these "smaller' or less important sites can't afford to worry about security a great deal, they can't afford to check the latest vulnerabilities before they're put in the hands of thousands of script kiddies world wide. For whatever it is a worth though, I believe that the vast majority of vulnerabilities are due to shear negligence of the vendors. Put simply, they couldn't care enough about security to make it a priority. I do believe that, when and if script kiddies ever become THAT much of a problem, the vendors will have to respond by creating higher quality (less hype, spend more time making sure it works, instead of rushing it out the door) and more secure software. If it a reasonably possible (and I believe it is), market forces will dictate to the vendors.
Once upon a time, I was something of a grey hat. I, at one point, wrote modified and wrote numerous programs and scripts that did similar things (thus I refuse to vilify him). I did say that I have some "respect" for him, and that skill was what I was referring to, even though I haven't personally seen the latest jaurez much. That being said, the idea of a distributed DoS attack isn't entirely new. Back in my day (towards the end), there was a program called FAPI (or was it FABI?) written by some folks that I knew. It wasn't quite as sophisticated, but it could have been developed much further, if anyone put the time into it.
The fact of the matter is that there is nothing the cDc (et. al) does, that can't be created independantly by other hackers. Imagine a world in which none of these exploits are disclosed, and also that 99% of sites on the internet run NT4.0. Without disclosure and general public knowledge of these exploits, MS would never act to patch it--it costs a great deal of money. Some may argue that it is not necessary to actually create a trivial exploit that script kiddies can exploit. While this may have some merit (I even agree somewhat with this approach, it depends largely on the circumstances and the vendor), it has been shown with MS (and a few others), time and time again, that they'll simply dismiss a vulnerability as "theoretical", or even "impossible", unless you make it known that you're going to create an exploit for it--and have demonstrated your abilities to make it a reality before.
What we have today with open disclosure, is a system where operating systems, vendors, and sysadmins become somewhat seasoned and hardened to attack because of this kind of disclosure.
Somwhat more debatably: Although script kiddies may be a pain in the ass, and their motives are selfish and childish, they do (collectively) ironically serve a function of sorts. Without script kiddies, it would be much easier to shrug off the importance of these flaws; it would potentially allow for a terrorist group, foreign government, or even a group of criminals to do serious economic damage in a wide-spread, highly coordinated, and professional attack. Remember that the independant acts of a million script kiddies all doing their own thing, is likely not nearly as dangerous as the coordinated efforts of a professional organization (not to mention that the professional organization could do it by suprise, virtually overnight)
That being said, to clear up any confusion, I don't believe the internet is, at this point at least, terribly significant to our ACTUAL economy (GDP...as opposed to the imaginary one the press and politicans love to talk about). Even the actions of terrorists are not going to have all that great an impact (in my "other" scenario)--just that they'd have a greater impact were it not for disclosure. (Although, with corporate networks today being connected to the internet in various fashions, there is potential of significant information loss through the internet)
I don't want to paint Mixter in the same light as the script kiddies who launched the attack. However, it is ludicrous to compare his DoS programs with the likes of, what I would call, "true" security professionals (e.g. cDc, l0pht, Solar Design, etc.). What he did, was make a bigger, better, and badder-ass gun for the script kiddies. The monkeys could have flooded major sites before Mixter made his presense felt. Mixter merely made it easier for the monkeys, both to execute and get away with.
No rational and reasonably intelligent person would have denied the possibility of this "security problem". The vulnerability to flooding isn't a security flaw per se, that could just be patched if the victims were a little more aware. Unlike l0pht (et. al) he isn't putting pressure on the manufacturers and vendors by releasing his code.
That being said, Mixter didn't do these attacks. He isn't evil, and I have a certain amount of respect for him. I do have problem, though, with portraying his creation of these DoS programs as being intrinsically good, nevermind his motives.
You, my friend, are a member of the "politically correct" Gestapo. While you may not hold all PC views, in this case, you certainly are all too ready to pounce on anything that might discriminate against anything or anyone. Though I disagree with much of JoeSchmoe's proposals, I respect his right to say it. I'll not try to scare any meaningfull discussion away by tossing out words such as "gestapo".
Is the New York Times or the Economist fascist because they don't allow any schmoe write for them? No. Am I fascist because I wish to read something dynamic, more current, and interactice than the Economist (et. al), yet don't have the time to read every flame, troll, and dogmatic post on Slashdot? Because not everyone in this world has anything worthwhile to contribute, moderation and editorial control are necessary.
Trolls are Trolls. When I read a comment,I demand a certain level of effort, coherance, intelligence, and fairness. I don't have to listen to these trolls if I don't want to. Nor should I have to SEE these comments, if it is avoidable.
My problem with JoeSchmoe is that his solutions likely wouldn't be very effective, and might even have the oppositive effect.
I believe the degree of correlation between seniority and quality of posts is nominal. In other words, an individual who posts semi-regularly for a couple months likely isn't a one-time flamer. I would not, however, go beyond that. In my experience the differences between someone with a #xxxx and a #xxxxx ID are barely noticable.
....anyhow, I've got other ideas for moderation, but I don't have time to get into it now...hasta =)
"If the topic of discussion is a Jon Katz interview, then his idiocy (or lack thereof) and his bad grammar are certainly on-topic."
Katz is the topic here. That is what, I believe, the particular poster was commenting on originally.
Furthermore, even if Katz is not the topic, and his article is about, say, "geeks", Katz's grammar (not to mention his other "habits") does not suddenly become immaterial. When you consider the fact that :
a) There are limited opportunities for feedback. Email being the only way I can think of.
b) Katz is one of the select few individuals chosen, by the powers that be, to post articles.
c) Katz is an employee and "friend" of the editors--he is entrenched.
d) The powers that be have, in so many words, said "too bad" in numerous emails (the first, and only, line of attack).
e) Katz's highly inflamatory writing, despite his impopularity with many (perhaps even most), might still fatten Slashdot's wallets.
People who dislike Katz may, in fact, be best advised to act much like they have (though I disagree with many particular methods, e.g., "Katz sucks"). I personally believe the best way to handle Katz's position on Slashdot is to post occasionally on Katz's threads, and to try to educate Slashdot Jr's as to how Katz and Slashdot operate. If we users can create some kind of consensus...enough to reach that critical threshold where people just agree to either stop reading slashdot entirely, or just ban Katz, we might prompt the owners to change their approach.
For those who will, inevitably, tell me that I can merely ignore Katz, I say hogwash. Katz does not operate in a vacuum. Or, to borrow and taint a phrase from Martin Buber, "Idiocy anywhere is idiocy everywhere". Though this might prompt many to ring alarmist bells about fascism and the like, it does not make it any less true. Can you honestly tell me, that, when Katz posts an article, it doesn't affect the traffic and the quality of other articles? Can you honestly tell me that the owners don't sit on their asses at the end of the day after posting a Katz article and a few other meaningless articles, and feel satiated (or atleast their wallets fattened)? Tell me, what happens to the quality articles, not to mention the discussion? Katz changes the dynamic of slashdot, it is as simple as that. While some may argue that it is, on the aggregate, for the better, I disagree strongly.
While my only right, when push comes to shove, is to leave slashdot (and maybe even compete against them), I will not do so without a fight. If this is a community, then I take some ownership of it beyond just what I directly hear and what I say. I may not own slashdot, and I might not speak for the community, but it is not much of a community if communication is only one way.
Your points are all valid. However, none of this means that DNA testing is not extremely valuable. In fact, no matter how you figure the odds (within reason). the odds of a person who is WRONGLY suspected being cleared quickly by DNA are likely higher than they are of a person being wrong convicted based on DNA. Knowing what we know through years of experience with DNA, we know that the odds of a false positive are still very slim, even if you factor in human error. If the odds of being wrongly conficted of a crime are a mere one in 36m (or whatever figure you might happen to quote), and DNA proves to be usefull in solving a great many crimes, the question you should also ask is can we afford not to use it? Think of how many people have been cleared by DNA. Think of how many murderers have been convincted and/or arrested before they could kill again. Do you honestly believe that the number of people wrongly convincted (based on DNA) exceeds (or even remotely approaches) the number of people who've been saved? How many people have been wrongly convicted based on DNA? The closest thing, to my knowledge, is this ONE (out of how many million?) guy in the article here, and he was not even convicted. I suspect any lawyer worth his weight could have refuted that, especially if the odds (based on the agreed premises) are as high as most slashdoter's have just purported (e.g., 1:56).
Sure, all things being equal, I would prefer there be no chance of anyone being wrongly convicted; however, the fact of the matter is that we don't live in a perfect world. We were no better off before DNA testing. All we've ever been able to gaurantee in the courts is due process. There has always been (and likely always will be, to some degree) human error and prejudice involved in any trial. DNA, despite its flaws, brings us that much further away from those kinds of errors...
If you believe that I am a slashdot sycophant, then you really should search and read my past posts. I'm a student of finance--a soon to be entreprenuer--a capitalist. I'm highly skeptical of the Open Source movement, to say the least. This is not to say, however, that MS doesn't have serious flaws--most of which would not exist if the market were a little different. I believe the software industry is immature, and, that, time will mend these issues.
That being said, I might argue that some of the recent pressures behind Linux's (and other Open Sourceish products) recent popularity is symptomic of a reversal process (just a hint of it). Though Open Source is not the answer per se (and I doubt it ever will be), it indicates that at least some customers and businesses are growing tired of MS's (et. al) antics, considering alternative solutions, and "Open source" software is, unfortunately, one of the few alternatives that still stands. It has little to do with the fact that Linux is "free"; many have come to realize that software isn't an end unto itself--it is a means to an end, merely a tool to be used. It is a tool that doesn't wear out, and hence doesn't need to be upgraded every year. As a result, software can, and should, become more STABLE and CONSISTENT. This allows companies to cut down in costs in many ways. Not only do they not need to buy new software and licenses, but they don't need to upgrade computers so frequently either. In addition, this kind of stability allows the employee to become more familiar with his OS/Applications, further cutting support costs and improving efficiency. Likewise, a more stable feature set would allow the software the time to develop such that it actually performs as it is supposed to (every tried embedding documents often? mail merge? Connecting to a windows network (netbios) over dialup and TCP/IP...)
Most companies care little about how much MS (et. al) sells their software and licenses for (even though they're overpriced by most any measure). Nor do they care if the software is propietary (not "free"), for its own sake. It is the secondary and tertiary costs (e.g., support, HW upgrade, employee efficiency, etc.), some of which I mentioned earlier, that cost them dearly. Though most companies have not yet reached the point where they refuse to buy MS, there is definetly significant discontent emerging. Maybe not this year....maybe not next year, but Microsoft can't keep pumping out their same shit indefinetly...
I've used/supported/configured/etc many of the ultra light (~1 inch thick, ~3pounds) Dell laptops at work and otherwise (e.g. Lattitude LS, Lattitude LT, etc.), and they're all very nice. While I doubt any of them have 3d acceleration as of yet, most people who buy those kind of laptops don't use them for 3d video games. Though I'd love to see a gfx card in an ultra light machine that can at least par, say, Voodoo2. =)
If MS's product history is any indicator, there WILL be too many bugs that aren't nigly in the least (not that you ever actually said anything to the contrary). The lack of quality in the industry never ceases to amaze me, particularly Microsoft, and especially their operating systems...
Considering that Katz is a professional (at least in theory), it is entirely reasonable to demand more of him than just mere intelligible work. Proper grammar has evolved, atleast in part, to improve readability and coherance. Katz's poor grammar detracts from his "work". When you consider that writing ability is all Katz truly has to contribute to the community (e.g., not legal, scientific, financial, medical, etc.), it is hard to justify his existence here. [Even though Katz might fatten Slashdot Inc.'s coffers].
that the deal is quid pro quo. Though he doesn't directly work for them, they promote each other, in an odd way. You must remember that virtually every Katz post generates traffic, even if the majority of readers hate him. This traffic inturn generates revenues for slashdot. Though I think promoting a hack like Katz might ultimately harm slashdot in the long run, that is another story.
Katz profits from his slashdot articles, because it promotes his name amongst the internet crowd. Also other sites and journalists may very well quote him because of his recognition. In addition, when it comes time to sell his books he can steer hundreds of slashdot jr.'s and newage types with his influence. Not only does this help pad out his otherwise nominal sales, but i'm convinced it sends a signal of sorts to his publisher. Unlike most other hacks, he has found a way to create a significant amount of sales and interest the first couple days the book hits the shelves using slashdot and other forums. This likely prompts the publisher to promote the book, and make it more visible...prompting more sales.
In short, Katz is a hack that appeals to kiddies and long hairs. As much as I despise him, i must give him some credit for figuring out a way to set himself apart from his kind.
Well I don't believe LinuxOne has been underwritten as of yet, atleast I haven't found anything that would indicate that. Traditionally the underwriters do not bear that kind of liability. In fact, there is language to the effect that the issuer indemnifies the underwriter(s) for liability arising out of omissions or misrepresentations for which the issuer had responsibility.
Now if it can be proven that the underwriting firm had direct knowledge that the firm is a fraud, that might be a different issue. In general though, the onus is not on the investment banks to run around and make sure that everything the issuer says is true.
In regards to their risk, it depends how LinuxOne is taken public. The only route is not through underwriting, rather the risk can be shifted to the issuer through what is known as a "best effort" agreement in which they essentially just act as a broker, not to mention a few others. Even in the case of underwriting though, the underwriters don't necessarily bear signficant risk--even if the issuing company is a bad egg. As long as the bank sells the issue before the market realizes its mistake, they're in the clear. Which is quite likely as long as there is Linux hype in the short term. Especially when the issues are normally significantly discounted and mostly devoid of Day-Traderesque red hot pricing (which the possibly fraudulent owners might be hoping/depending on).
Bottom Line: Don't depend on these investment banks to filter out the slimy issues.
Heh, and who might you be? =)
I suppose if you define "suit" as merely being someone who isn't like most slashdotters (e.g., a financial person, doctor, lawyer, etc.), then you might say that. If that was true, then I and many others would be considered a suit too. However, the word "suit" describes a lot more than just a job description, for me atleast. Such as indifference, a certain mentality...incestous, flock like, lack of willingness to really drive at the fundamental issues, aloofness, etc.
But even if "suit" doesn't necessarily carry these associations for you, he is 180degrees off from the typical personality in the financial community. Please don't assume that suits (or even Joe Schmoes) are just a few lessons/hours away from being able to make practical use of Linux--never mind preferring it.
Powerpoint, though not ingeniously designed, was purposely built for whipping up presentations--it is easy to use and quick. Not only does HTML (manually) take more time to learn how to use it efficiently, but also the per presentation time is significantly greater than what it takes to whipup, say, a 20 page presentation. Though I suppose the efficicies of a better designed presentation might make HTML desirable for someone who is presenting the same material over and over (e.g., a salesman), enough to make them willing to spend the extra time at it. I doubt HTML's practicality for embeeding and altering spreadsheets and the like. In any case, your typical "suit", even if he were computer literate, would be petrified of his presentation failing while doing something so different than the rest (HTML).
He ain't no suit, for whatever that means. Though I suppose the definition and connotations of the word "suit" can vary somewhat, it certainly involves more than just having the computing IQ of an Ape (which this guy certainly doesn't have). Beyond his relative adeptness with computers, there are some other non-suit like qualities to him. For example, he dropped Powerpoint for HTML and a browser? Think about what this says about this guy. He is willing to diverge from the rest of the herd (powerpoint) -- definetly not a "suit" like quality. In addition, he has the time (real or percieved) to not only learn HTML sufficiently, but also to use it instead of Powerpoint. While I hardly think Powerpoint is a particularly good product, it is certainly faster for your quicky presentation. Again, if you're going to generalize, "suits" value time; a "suit" would not waste time in HTML. More time/value points: He uses vi (while it's a great text editor for those who have the time to learn it, it ain't a suit tool). He doesn't seem to mind, or atleast makes no mention of, having to track down and download all of these various programs (e.g., vmware, IglooFTP, Klynx, etc.), nor the compilitation/installation processes. He is obviously familiar with slashdot, enough to refer to it as "/.". I could go on, but you get the point...
While my intent is not to deride him or the person who posted, lets be real here. There is little value to his article. He doesn't speak for the financial community in general or "suits". Nor does he attest to Joe Schmoe's view of Linux. What he might have been able to do, he did not do. He did not provide slashdot with a window into how his comrades, the "suits", would or have (not?) approached Linux. Instead, we got a not particularly well written commentary of an individual with a professional job outside of computing (perhaps not your typical slashdotter), yet he has time to burn, and nothing to lose. The mere fact that he finds Linux acceptable doesn't mean most will. We (you) can't pat ourselves on the back for doing a great job. Being both a student of finance (not a suit) and working in and around IT and technology, I can tell you that Linux/Open Source has miles and miles to go.
The only thing a reasonable person could draw from this, is in regards to professional (e.g., Doctor, Lawyer, Financial people, etc.) people's possible use of applications--there are some applications out there that they can theoretically use (not true even 2 years ago)--he found them sufficient. Though having tried using most of them extensively, I disagree with much of it.
While PA isn't exactly the most high tech or startup friendly state, your statements are simply wrong. Besides the pharamsuetical industry, there are many biotech firms here. I happen to work for one, though, like many, it is incorporated in DE.
It is a shame that high speed access isn't more affordable. This is more due to regulation than anything else. However, having been involved with a number of high-tech startups (e.g., not Dot-Coms) I can tell you that high speed net access is a not a significant issue for most.
That being said PA (particularly Philly) has lots of problems, but Net Access ain't top on the list. Tax issues? yes. Attracting/retaining quality employees? Yes. The general apathy/no-can-do attititude? Yes. Problems attracting capital? Yes. Inefficient/troublesome state and city governments? Yes. Old boys club type attitude? Yes. In order to compete with the West Coast (e.g., Seattle, Silicon Valley, etc), PA is going to need to tackle these issues first.
And just because someone duck walks and quotes the Mein Kampf doesn't mean they're necessarily Nazis either; that doesn't mean they deserve much better.
;)
Anyhow, in regards to education, I agree with you that standards are slipping across the board, and that it is unacceptable. However, the slippage that you see at private schools and good suburban schools is of a vastly different nature (and cause) than what is typified in most inner-city public schools. The source of the problem in private school is more a slow perversion from what an education is considered to be; instead of an outright loss of control (like many public schools). Most students graduating from private school have a decent shot at getting into a good college. They atleast conform to certain CURRENT social expectations (e.g., acceptable reading, writing, etc), that allow them to land professional jobs.
Having been to numerous private schools (I've made a few moves), and being very familiar with many more, I can tell you that you're overstating the problem at private schools. First off, most children at private school don't have that kind of money, not to where even 5% of the parents are making significant donations. While I have seen a few cases of private schools extending slack to students of particularly wealthy students who donate, there is normally some sob story (BS) to accompany it, and it's relatively rare. I would not say it is a systemic problem by any means.
In addition, i'd be the first to tell you that private school students are not exceptionally smart (on average, "genetically"). However, I will say that students' intelligence is essentially distributed the same way it is in the public schools. What sets these students apart from public school is not innate intelligence, it is their education system, and their approach to it. The approach i'm referring to is a certain desire to succeed, atleast within that particular framework (e.g., getting an A, for whatever that means). In other words, they're "upwardly mobile" or "professionally oriented".
Most inner city (yes, yes, I know) public schools have problems through and through. From teaching, to administration, to discipline, etc. Thus when I hear Clinton get up on a podium, and tell us that we need computers in the class room or the inner city (etc.) children are going to get "left behind", I get a little bit annoyed. These same kids already are being left behind, throwing computers at them isn't going to make them read and write any better. Unfortunately, until they acquire these basic skills, computers are entirely besides the point.
Anyhow, that caffeine is wearing off, pardon me if I'm somewhat incoherant/non-linear sounding at this hour. Good night
PS:
I live just outside Philly,
Where are these "closing" Catholic schools? In any case, their dollar/student ratio is much lower than public school. The Catholic schools can't merely raise tuition such that their dollar / head ratio could even approach that of public school.
What do you expect at a small private liberal arts school in suburbia? I'm partially kidding. Still, I hardly think they're particularly representative of the "average" or "better" private school student. Even if 90% of such schools are private school students. =)
Are you going to tell me that the entire public school system has to be mediocre on the aggregate, merely because they can't be selective? What about Europe (though I do realize they're less "forgiving" in many ways than American education, atleast if you want to follow a particular path)? Japan? You'd have to ignore their success. What about American public schools of yesterday? Why are our averages slipping? I don't buy that our children are just getting dumber. Nor do I believe Americans to be any dumber other nations.
In regards to private schools, most are not nearly as selective as is widely percieved. Granted, many private schools are somewhat selective, atleast when it comes to remedial students. To write it off their success to the natural intelligence of the students is a mistake. Furthermore, it would be difficult to claim that the private schools have a lock on "intelligent" students--or even most of them. Quite the contrary infact, when it comes to "natural intelligence", the best at private schools are no better than the best at public school. Also, there are selective public schools. The charter schools are selective, yet they've only had limited success.
On the other hand, I do think the fact that public schools have to find seats for all students is a contributing factor. But it is not a sufficient excuse. It is the way the public schools react to these children that compounds the problem. If a kid is acting up, you kick him out of the class. You do what you need to do, but it's not fair to allow a couple bad eggs to drag the entire class. I realize that the teachers and the adminstration have their hands tied to some degree, but that is part of the problem.
I personally feel that cause of the majority of the "bad" / "dumb" children is more the result of developmental problems (nuture, not nature) than it is genetic problems. Furthermore, I think that schools have a hell of a lot more say about this than they're given credit. If you allow students to fall hopelessly behind and graduate them perpetually, regardless of their learning the material or not, they're going to be hopelessly behind come 10th grade (I believe maybe even permanently). I believe most of these kids can be sufficiently educated before they reach that point though. Again, I'd refer you to most of Western Europe, Japan, and even those few good public schools in American suburbia (though you can argue their parents are "better" influences).
In any case, the public schools have many different problems to contend with. I do not believe more funding is a solution to these problems. Likewise, if these children can't handle even the most basic of an education, I don't see how anyone can reasonably expect them to be productive with computers. I'm not an "expert", for whatever that is worth, but I know this much to be true....
Normally I do not like to make sweeping generalizations. However, when I hear people utter loaded phrases (e.g., "governor ridge once again tries to give a tax break to the rich while keeping up pretences...") like that, I will give them a little taste of their own medicine. In other words, when someone resorts to that kind of language they are classifying themselves. If he merely disagreed with the Ridge's actions I would not attack him.
So sue me, I use colloquial language on slashdot. *Gasp*. Speaking of black pots, "alot", eh?
Certainly you wouldn't try and argue the results of public education in urban settings (though not exclusively urban) isn't a problem at all. Would you? You might debate the cause of the problem, but not the existence of the problem itself.
As it happens to be, I know a few school administrators and teachers in a few large cities, namely, Seattle, Philadelphia, and LA. Most all would, and have, agreed with me. Furthermore, look at the damn statistics. The problem is self-evident to virtually anyone that knows what an education is, and is remotely familiar with the system. In addition, the teachers themselves have suprisingly mediocre test scores.
Do I believe in Free Teachers? No. But I ask you this: Why is it that Catholic schools do a better job, under just about any measure, with significantly less money per head, in the same neighboorhoods, with essentially the same group of students? They pay their teachers less. They don't have a zillion and one adminstrators and counselors running around eating up resources. They don't have these impossible unions to deal with--so they're free from having to mandate things like teaching degrees (not to be confused with a real college education).
To be perfectly honest, I spent most of my childhood in private school (though not all). I can tell you with absolute certainty that these teachers got paid far less than any public school teacher. This is true at all the private schools too, even the most "elite" (e.g., Andover, Exeter, Lakeside, Episcopal Academy, etc.). Yet these private schools generally attract and retain higher quality faculty. They don't require silly teaching degrees. Instead, they have teachers with mostly meaningful 4 year degrees at good schools. It's not about the money. In addition, it is a little known fact that most of these schools actually spend just (sometimes slightly more) as much per student than public schools.
At one particular private school that I attended, we had worse facilities than many public schools, and certainly fewer computers. In addition, we also had less money per head (it was a growing school, without these secondary sources of financing that many schools enjoy). Guess what? We did every bit as well as the "elite" schools when it came down to it--certainly far better than the public schools. Many alumni are also working in the high tech sector and software industries. Call me old fashion, but I believe that a student who is educated traditionally (without any emphasis on computers) is far better equipped for the "information age" than these students at schools that pay a great deal of attention to these latest technologies, while neglecting the fundamentals. One reason for this is that, as we all know well, technology changes every day. You'll never be able to teach students the exact system that they'll be using 10+ years later. Instead, you should try to equip them with the tools to learn, like the ability to read a manual, the ability to think critically, the ability to teach yourself, etc.
Over the years, I've come to the conclusion that money is not the answer for the public school system's ailments. You might try to argue that these private schools simply have more "professional" parents. It does not explain the success of the kids on scholarships at private schools. Nor does that explain the Catholic schools, even though their success isn't quite on par with the private (non-parochial) schools--it is still worlds better than public schools (to avert any flames, this does not include many of these wealthy suburban public schools). I've seen too much money wasted (In fact, I've already heard a few about wasted computer money from my friends at these schools). My concern is less my own wallet, than it is simply the fact that in worrying about computers excessively they inevitably get that much further from a solution.
Why must you left wing types always polarize issues as the "rich" and the "poor". You fail to realize that there are a whole lot more shades in between. In any case, %6 is %6. The "rich" that you speak about are hardly going to get up in arms paying 240 dollars on a 4000 dollar machine, particularly when you consider that those individuals likely to buy a high end machine, and pay a premium for the latest and greatest are likely to have significantly more disposable income than the "poor". You might question the governor's thought process here, but it's unfair to banter about those kind of words.
Furthermore, I tire of all this crap about "computers in the classroom". When most of these inner city kids can't even read and write half decently, why are you worrying about whether or not they have computers? What about getting decent teachers first? Merely throwing money at the issue is not going to solve it. If anything, it distracts from the real problem.