Sorry, I thought the basis for Cyanogen was to get away from all the bloat and privacy concerns. Now they're displaying a phone with Google Apps onboard? Unless it comes Pre-rooted or with a "remove this shit" button no thanks...
So what you're saying is that both of these professions as practiced are perverse? I can agree with that because both have no value in society although it could be argued that to have a society you have to have law and order. That being the case you could get away with about 90% of the lawyers out there who do nothing but look for opportunities to enrich themselves, like the latest batch of quick 30 second infomercials on Testosterone or the GM recalls. Marketing creates demand for things that we could honestly do without and leads to the profession of Spin Doctors who by all measure should have their requisite members chained to the rusting hulk of the titanic.
I'm sure any financial institution has already done a vulnerability assessment for this risk and acted accordingly. If not you'll see a few more CSOs and CIOs out on the street shortly.
Well they just successfully fended off the http://www.dallasnews.com/busi... >"Park-It" motion in court today. With that it just seems they have the deaths and the repairs to deal with.
Companies like these are trying to take a page out of the software industry playbook. Nice Try but I doubt if I buy a Chevy in the future it will eliminate their liability should the ignition fail while driving it or I happen to use a $10 off oil change coupon at one of their dealerships. Likewise if General Mills says you can't sue them because you like them on Facebook or use a coupon won't protect them should you get poisoned from a box of Cheerios.
This whole idea is unnecessary if the wireless carriers would just set up a database of stolen IMEI information. And while ESNs can be wiped, if a questionable ESN is discovered, like all zeros you can block the phone from being provisioned. If you did that stolen cell phones would be worth zero and we wouldn't have to introduce another tool that can be used by governments to lock us out of communicating. With mobile traffic increasing faster than any other sector on the Internet, this gives the governments of the world an effective Internet Kill Switch.
This is a useless analogy. Code Quality is a function of both skill and the stewardship of the team supporting the code. Tools help as well but you can write some elegant, high quality code regardless of the language chosen. You can also write some real shit too but ultimately how many defects a piece of software has comes down to the design and testing that goes along with it. Some bodies of work get rigorous testing and it's not like OpenSSL's recent problem wasn't about deficient design it was about a faulty implementation. Faulty implementations in logic happen all the time and there are some bugs that just take awhile to become known. I mean even with test driven development and tools for code analysis probably couldn't have found this particular issue but considering how long it was in the code base without somebody questioning it goes back to not only stewardship by the team but the rest of the world who are using the code. If anything this situation points out that FOSS can have vulnerabilities just like proprietary software however the advantage is that with FOSS you can get it fixed much more quickly and because other people can see the implementation it can become scrutinized by folks outside the team that develops and maintains it.
In the case of Heartbleed the system works. A problem was found, it was fixed it's now just a matter of rolling out the fix and regressions are put into place to help insure that it doesn't happen again. The repercussions of what it means is that another gaping hole in our privacy was closed and that "bad guys" may have stolen data, rollout the fix ASAP. Your guess is as good as mine as to what was stolen is a matter of research and conjecture at this point. I doubt that the bad guys will tell us what they gained by exploiting it. Let's also be sure that until the systems with the bug are patched, they're vulnerable so cleanup on aisle 5.
To be honest it's a bit naive if we all assume that FOSS software that handles security doesn't have potential vulnerabilities. Likewise it's also naive to assume that proprietary code has it licked as well given the revelations of NSA spying for the past year. Given that there are numerous nefarious companies that sell vulnerabilities to anybody who can pay for it, that means unless you're buying them you probably will never know what is exposed until somebody trips over it. What this means for everybody that you can depend on is when those vulnerability-selling companies are out of business can assume that your software is free of the easier to exploit vulnerabilities; governments will always use all their tools to get intelligence including subverting standards and paying off companies who can give them access to what they want.
It will be easier to fix SCOTUS than the constitution. Considering the 27th amendment is the most recently ratified in 1992. It also holds the distinction of taking 202 years to become ratified after being submitted in 1789. Of course it deals with congressional pay and not anything of real import to average citizens.
I've heard it gets cold at night too, is that true? Also sometimes during the year we get this white cold stuff on the ground usually associated with more winds. It can go on for months but then it goes away mysteriously and it gets hot. Can you explain that please?
What you haven't seen the trend in this ridiculous studies that point out what's already common knowledge? Every week there's a new study that just fosters a "Duh!" comment from me about the results and this is no different. Yesterday however the news leaked "new knowledge" of a study that casual smoking pot changes brain chemistry, altering those areas dealing with motivation and emotion. Duh! I guess the researchers never watched the movie "Ted?"
We don't but that goes with any product out there. The difference is software has things like License Agreements and Terms of Service most of which give the software vendor no liability whatsoever for their product if it fails to perform. Imagine if you bought a car with a License Agreement that said "you have a license to use this vehicle however we assume no liability for it's use or damages caused by or within the vehicle." In the case of software vendors when problems are found they shrug their shoulders and introduce a patch or fix. If the software is no longer supported, they'll just direct you to their professional services folks and sign you up for custom support or the sales department to get you to buy their latest offerings.
Another aspect of vulnerabilities like this isn't from a security but also a safety perspective. Bad software has killed people. Read "Fatal Defect." It's an older book but it's a fascinating study of bad software design that's actually killed people.
There are companies that sell vulnerabilities to anybody with deep enough pockets. They're looking at software constantly to find exploits and I wouldn't be surprised if open source wasn't on the menu for them as well. I think open source does lead to quicker fixes once they're discovered by white hats out there unlike closed source models where a company has a vested interest in not disclosing exposures while either muddling through a fix. Case in point, the fact that Oracle knew about the zero day vulnerabilities in Java for months before addressing them. The problem is that businesses and developers seem to shrug that off rather than saying it's not acceptable and other companies just follow the same pattern. In the case of Oracle it didn't hurt them much at all and validates their lousy business practice on addressing vulnerabilities. Just looking now, in early summer 2012 when the news hit, their stock sank to $25.61/share and it just hit $42 on 4/2. So in under two years that's an almost 64% increase in their stock price.
It's the bigger seat and room you get in First/Business. Those make a difference if you have to fly long distances (7+ hours) week in and week out. Try it sometime to see what I mean.
Well you had to live during the whole TMI episode to understand the panic it created. Sadly it was a turning point for nuclear power in this country. After that Jimmy Carter pulled the permits for all proposed nuclear plants and stopped the TVA for example in their tracks on 4 plants that were in progress. He and his buds in congress the bureaucratic nightmare that is now the DOE. That kind of knee-jerk reaction pushed investors away and you have to look around and see that. Until 2013 there has been no ground-breaking on new plants since 1977, the same year as TMI. So if you want to see how one administration can doom an industry in this country, look at TMI and the ripple effects. TMI was minor but the public became afraid and movies like the "The China Syndrome" didn't help either. These plants were built on investments mostly through bonds or by the Federal Government in the case of the TVA and investors want safe returns on their money and because of TMI, nuclear became a pariah in the US. Look at the whole Yucca Mountain situation if you need a refresher course on how jammed up things can become.
I won't argue that nuclear power is cheaper overall, in most cases it isn't. It is efficient given the size/complexity of the plant and the output it produces. It's cleaner than coal or burning gas on many levels. It is a political football and if you look at the closing of San Onofre you can see that everybody including DC based ass-clowns want to get into the act. I used to surf at San Onofre beach right next to the plant and it was always great because the water was warmer from the cooling water released back into the ocean near offshore. It was fine then, it'd be fine now but politics is politics as they say.
That's why authoritarian/autocratic societies will be able to expand the use of nuclear power faster than democracies and while we may push for solar nuclear is in the same boat as to why we don't consider large hydro projects either in this country because a) we've pretty much exhausted most of aquifer systems necessary for large scale hydro b) environmental impact studies take decades and we might hurt the fish (see snail darter for a reference) c) tree-hugging morons who are the same idiots against nuclear power. These folks still tool around in pre-1980s VW vans for example and vacation at Burning Man. Sure we can do more wind power but now we kill bald eagles, hawks and other birds so that's bad oh wait, what about more solar? Yeah, with nearly 100% imported technology we give away our engineering skills, money and competitive advantage to nations ultimately selling us out now and for future generations.
One thing I can agree with with the IPCC is that human activity is fucking up the planet but we live here and in order to live in the confines of our modern society that requires energy. Ultimately energy choices will dictate, as they always have, what nations/regions of the planet will be successful and thrive while others will either wither into pre-industrial decay or keep being places where they mine conflict diamonds and other resources for those successful nations who take an aggressive approach to energy production.
Exactly... Not to mention that depending on where you live your kid has a higher chance of death from a drive-by shooting or random stabbing than a vaccination shot.
It's the blond and tits thing. For some strange reason these seem to hold mysterious powers over people. Frankly she's a retarded douchebag but then again so are about 90% of the celebrities out there.
Slashdot Mirror
Sorry, I thought the basis for Cyanogen was to get away from all the bloat and privacy concerns. Now they're displaying a phone with Google Apps onboard? Unless it comes Pre-rooted or with a "remove this shit" button no thanks...
So what you're saying is that both of these professions as practiced are perverse? I can agree with that because both have no value in society although it could be argued that to have a society you have to have law and order. That being the case you could get away with about 90% of the lawyers out there who do nothing but look for opportunities to enrich themselves, like the latest batch of quick 30 second infomercials on Testosterone or the GM recalls. Marketing creates demand for things that we could honestly do without and leads to the profession of Spin Doctors who by all measure should have their requisite members chained to the rusting hulk of the titanic.
Marketing, Lawyers.. all useless.
I'm sure any financial institution has already done a vulnerability assessment for this risk and acted accordingly. If not you'll see a few more CSOs and CIOs out on the street shortly.
If an organization has a routine maintenance policy then there should be no additional cost to apply the OpenSSL fixes for Heartbleed.
This is an outrage! Companies outsourcing jobs overseas! Management is concerned about perception rather than substance!
What fucking decade are we living in here folks?!? This isn't news but it is confirmation that US companies are full of douche bags.
Well they just successfully fended off the http://www.dallasnews.com/busi...
>"Park-It" motion in court today. With that it just seems they have the deaths and the repairs to deal with.
Companies like these are trying to take a page out of the software industry playbook. Nice Try but I doubt if I buy a Chevy in the future it will eliminate their liability should the ignition fail while driving it or I happen to use a $10 off oil change coupon at one of their dealerships. Likewise if General Mills says you can't sue them because you like them on Facebook or use a coupon won't protect them should you get poisoned from a box of Cheerios.
The Dishonerable Discharge release is scheduled for 2016.
This whole idea is unnecessary if the wireless carriers would just set up a database of stolen IMEI information. And while ESNs can be wiped, if a questionable ESN is discovered, like all zeros you can block the phone from being provisioned. If you did that stolen cell phones would be worth zero and we wouldn't have to introduce another tool that can be used by governments to lock us out of communicating. With mobile traffic increasing faster than any other sector on the Internet, this gives the governments of the world an effective Internet Kill Switch.
This is a useless analogy. Code Quality is a function of both skill and the stewardship of the team supporting the code. Tools help as well but you can write some elegant, high quality code regardless of the language chosen. You can also write some real shit too but ultimately how many defects a piece of software has comes down to the design and testing that goes along with it. Some bodies of work get rigorous testing and it's not like OpenSSL's recent problem wasn't about deficient design it was about a faulty implementation. Faulty implementations in logic happen all the time and there are some bugs that just take awhile to become known. I mean even with test driven development and tools for code analysis probably couldn't have found this particular issue but considering how long it was in the code base without somebody questioning it goes back to not only stewardship by the team but the rest of the world who are using the code. If anything this situation points out that FOSS can have vulnerabilities just like proprietary software however the advantage is that with FOSS you can get it fixed much more quickly and because other people can see the implementation it can become scrutinized by folks outside the team that develops and maintains it.
In the case of Heartbleed the system works. A problem was found, it was fixed it's now just a matter of rolling out the fix and regressions are put into place to help insure that it doesn't happen again. The repercussions of what it means is that another gaping hole in our privacy was closed and that "bad guys" may have stolen data, rollout the fix ASAP. Your guess is as good as mine as to what was stolen is a matter of research and conjecture at this point. I doubt that the bad guys will tell us what they gained by exploiting it. Let's also be sure that until the systems with the bug are patched, they're vulnerable so cleanup on aisle 5.
To be honest it's a bit naive if we all assume that FOSS software that handles security doesn't have potential vulnerabilities. Likewise it's also naive to assume that proprietary code has it licked as well given the revelations of NSA spying for the past year. Given that there are numerous nefarious companies that sell vulnerabilities to anybody who can pay for it, that means unless you're buying them you probably will never know what is exposed until somebody trips over it. What this means for everybody that you can depend on is when those vulnerability-selling companies are out of business can assume that your software is free of the easier to exploit vulnerabilities; governments will always use all their tools to get intelligence including subverting standards and paying off companies who can give them access to what they want.
I prefer neighborhood nuclear superiority. It attaches to my garden hose without any special tools.
It will be easier to fix SCOTUS than the constitution. Considering the 27th amendment is the most recently ratified in 1992. It also holds the distinction of taking 202 years to become ratified after being submitted in 1789. Of course it deals with congressional pay and not anything of real import to average citizens.
I've heard it gets cold at night too, is that true? Also sometimes during the year we get this white cold stuff on the ground usually associated with more winds. It can go on for months but then it goes away mysteriously and it gets hot. Can you explain that please?
What you haven't seen the trend in this ridiculous studies that point out what's already common knowledge? Every week there's a new study that just fosters a "Duh!" comment from me about the results and this is no different. Yesterday however the news leaked "new knowledge" of a study that casual smoking pot changes brain chemistry, altering those areas dealing with motivation and emotion. Duh! I guess the researchers never watched the movie "Ted?"
so we are all mutants and possible X-Men
Well I guess that would be better than being an X-Woman like Chaz Bono! I'm getting my money back from 23andme!
We don't but that goes with any product out there. The difference is software has things like License Agreements and Terms of Service most of which give the software vendor no liability whatsoever for their product if it fails to perform. Imagine if you bought a car with a License Agreement that said "you have a license to use this vehicle however we assume no liability for it's use or damages caused by or within the vehicle." In the case of software vendors when problems are found they shrug their shoulders and introduce a patch or fix. If the software is no longer supported, they'll just direct you to their professional services folks and sign you up for custom support or the sales department to get you to buy their latest offerings.
Another aspect of vulnerabilities like this isn't from a security but also a safety perspective. Bad software has killed people. Read "Fatal Defect." It's an older book but it's a fascinating study of bad software design that's actually killed people.
There are companies that sell vulnerabilities to anybody with deep enough pockets. They're looking at software constantly to find exploits and I wouldn't be surprised if open source wasn't on the menu for them as well. I think open source does lead to quicker fixes once they're discovered by white hats out there unlike closed source models where a company has a vested interest in not disclosing exposures while either muddling through a fix. Case in point, the fact that Oracle knew about the zero day vulnerabilities in Java for months before addressing them. The problem is that businesses and developers seem to shrug that off rather than saying it's not acceptable and other companies just follow the same pattern. In the case of Oracle it didn't hurt them much at all and validates their lousy business practice on addressing vulnerabilities. Just looking now, in early summer 2012 when the news hit, their stock sank to $25.61/share and it just hit $42 on 4/2. So in under two years that's an almost 64% increase in their stock price.
We're surrounded by tiny errors in the world. Heck, they're even built into our DNA.
Speak for yourself! I just got my 23andMe report and it says there are no errors, therefore I'm special!
I *was* alive then.
Glad your back from the dead then. Was it covered by your Health Insurance?
It's the bigger seat and room you get in First/Business. Those make a difference if you have to fly long distances (7+ hours) week in and week out.
Try it sometime to see what I mean.
Well you had to live during the whole TMI episode to understand the panic it created. Sadly it was a turning point for nuclear power in this country. After that Jimmy Carter pulled the permits for all proposed nuclear plants and stopped the TVA for example in their tracks on 4 plants that were in progress. He and his buds in congress the bureaucratic nightmare that is now the DOE. That kind of knee-jerk reaction pushed investors away and you have to look around and see that. Until 2013 there has been no ground-breaking on new plants since 1977, the same year as TMI. So if you want to see how one administration can doom an industry in this country, look at TMI and the ripple effects. TMI was minor but the public became afraid and movies like the "The China Syndrome" didn't help either. These plants were built on investments mostly through bonds or by the Federal Government in the case of the TVA and investors want safe returns on their money and because of TMI, nuclear became a pariah in the US. Look at the whole Yucca Mountain situation if you need a refresher course on how jammed up things can become.
I won't argue that nuclear power is cheaper overall, in most cases it isn't. It is efficient given the size/complexity of the plant and the output it produces. It's cleaner than coal or burning gas on many levels. It is a political football and if you look at the closing of San Onofre you can see that everybody including DC based ass-clowns want to get into the act. I used to surf at San Onofre beach right next to the plant and it was always great because the water was warmer from the cooling water released back into the ocean near offshore. It was fine then, it'd be fine now but politics is politics as they say.
That's why authoritarian/autocratic societies will be able to expand the use of nuclear power faster than democracies and while we may push for solar nuclear is in the same boat as to why we don't consider large hydro projects either in this country because a) we've pretty much exhausted most of aquifer systems necessary for large scale hydro b) environmental impact studies take decades and we might hurt the fish (see snail darter for a reference) c) tree-hugging morons who are the same idiots against nuclear power. These folks still tool around in pre-1980s VW vans for example and vacation at Burning Man. Sure we can do more wind power but now we kill bald eagles, hawks and other birds so that's bad oh wait, what about more solar? Yeah, with nearly 100% imported technology we give away our engineering skills, money and competitive advantage to nations ultimately selling us out now and for future generations.
One thing I can agree with with the IPCC is that human activity is fucking up the planet but we live here and in order to live in the confines of our modern society that requires energy. Ultimately energy choices will dictate, as they always have, what nations/regions of the planet will be successful and thrive while others will either wither into pre-industrial decay or keep being places where they mine conflict diamonds and other resources for those successful nations who take an aggressive approach to energy production.
Exactly... Not to mention that depending on where you live your kid has a higher chance of death from a drive-by shooting or random stabbing than a vaccination shot.
It's the blond and tits thing. For some strange reason these seem to hold mysterious powers over people. Frankly she's a retarded douchebag but then again so are about 90% of the celebrities out there.
I'd think there's enough consensus out there to say that there's never been anything of value on Facebook.