Does any commercial add-on security software for Windows allow state-based checks yet?
Windows server services are fine inside your LAN, if you have a Linux, BSD or commercial Unix-based gateway. Otherwise, any online transaction is like running through a pickpocket convention with your money hanging out of your pockets.
That's a bit like banning alcohol to keep people from driving drunk.
It's more like wiring breathalyzers to the vehicles' ignition systems as a service to drivers, because both are restricted in specific scenarios, not "banned" which means totally prohibited. At a four-course dinner, you don't have the option of a separate drink with each course then driving yourself [probably, depending on body weight, blah, blah]. In a theater, don't use your phone. At all. If being without any of its functions -- phone, TXT, video camera, PDA, whatever -- is onerous to somebody, going to the cinema is not an unalienable human right and waiting for the DVD release is not cruel or unusual punishment.
What if there's a fire?
Then some heat will be released while some carbon-containing matter will combine with oxygen and be converted to CO2 and H2O, and probably significant quantities of CO, except in the rare case of complete combustion. Seriously, I don't know why you think the possibility of a fire would make it OK to leave on your cell phone. If there's a fire in the theater, you depend on their alarm system to work either way so that shouldn't be what you mean. Let's see. Do you mean, what if there's a fire at home, where you left your kids? If you left them with a trustworthy babysitter, the house will still be just as destroyed, and your kids will still be just as safely rescued, when you return after the movie. If you can't leave them out of contact for two hours you can't leave them at home while you go to the movies. Should have used condoms if you can't handle that.
A doctor with an emergency who knows how to stand up and walk out when he gets a call?
If he got through medical school, he can find his way around Netflix.
The FISA court was designed only for conversations- communications surveillance where one party was and American citizen-US person.
The statute you cited explicitly excludes such.
(1) Notwithstanding any other law, the President, through the Attorney General, may authorize electronic surveillance without a court order under this subchapter to acquire foreign intelligence information for periods of up to one year if the Attorney General certifies in writing under oath that--
...
(B) there is no substantial likelihood that the surveillance will acquire the contents of any communication to which a United States person is a party; and ...
(b) Applications for a court order under this subchapter are authorized if the President has, by written authorization, empowered the Attorney General to approve applications to the court having jurisdiction under section 1803 of this title, and a judge to whom an application is made may, notwithstanding any other law, grant an order, in conformity with section 1805 of this title, approving electronic surveillance of a foreign power or an agent of a foreign power for the purpose of obtaining foreign intelligence information, except that the court shall not have jurisdiction to grant any order approving electronic surveillance directed solely as described in paragraph (1)(A) of subsection (a) of this section unless such surveillance may involve the acquisition of communications of any United States person.
An empty table indicates that we see no relevant changes listed in the classification tables since Jan. 2, 2006. If you suspect that our system may be missing something, please double-check at http://uscode.house.gov/classification/tables.shtml
...
The most recent Classification Table update that we have noticed was Monday, November 3, 2008
I just thought of a much better way to explain this. You don't assume your right to free speech depends on continuous exercise of it, so why do you act like periodically or even habitually seeking its opposite [ publicity or attention ] diminishes anybody else's right to privacy? Only because it's somebody else's right being violated and not yours.
My basic objection is based on my understanding of the stock market as the exchange of partial ownership of companies. If this Paulson fund is going to the biggest losers on Wall Street then it isn't an economic plan, it's corporate welfare based on alimony standards as described by Chris Rock: what they've become accustomed to, with no requirement to earn anything. Also, a mortgage lender who approved an overly generous loan and a Wall Street trader who invested in securities filled with such loans have both failed, professionally. I'm not satisfied that struggling national banks are, as Paulson assumes, competent distributors of wealth according to merit, especially considering that local and regional banks are doing just fine, thank you. The borrowers ["liar loans" are the exception that illustrate the problem, not the rule] are expected by free market theory to do what they did, to seek the largest and most luxurious house the market offers at the price they can afford. It's the job of mortgage lenders to correctly evaluate borrowers' credit-worthiness based on accurate information, so encouraging borrowers to input false, inflated incomes of course is also professional failure on the lenders' part, not the borrowers'. Borrowers did their "jobs" in a market that Congress inflated, against the advice of their top finance professional, whom they called "Maestro" for his expertise. According to all the rhetoric of the decision-makers over the past eight years, money is the reward for achievement. Now, the same people are taking money as their rightful reward, for failure. Which brings me to the punch line of the same Chris Rock routine, "I've become accustomed to some things, myself..."
Scroll down to the bottom, and scan the list of names of their "Key Customers." Although GHS funding does not all come from military projects, so many of their "Key Customers" are military contractors that I doubt they'd be where they are today without military contracts and I stand by my previous statement: I funded that already and I don't welcome their second pass at my money.
What do you think about military outsourcing, generally? I know this isn't how it currently works, but my opinion is that GHS is welcome to provide this "Integrity-178B" product free of charge to net taxpayers like me, and cover their costs with their contracts with net tax recipients Raytheon, Lockheed Martin, etc. And the national defense should never have been privatized.
Integrity for Avionics, the product you think you own, is simply a trimmed down version of Integrity, which is used in medical devices, industrial robotics, and other stuff like that.
After reading the product docs...
The what?
The OS, which was first deployed in the B1B bomber in 1997, today runs in military and commercial aircraft, including the F-16, F-22, and F-35 military jets, and the Airbus 380 and Boeing 787 airplanes.
The information available suggests that the first deployment was its original purpose, and probable source of original funding. If the military did not subsidize the start of this company and the development of this product, then of course what I've said doesn't hold. But neither of you have provided any other sources of information yet. I've gotten my information from the article. What's the URL of your source?
I have yet to see a vista commercial that talks about the technical merits of the operating system, because your average user doesn't understand or care about indexed search or file systems etc.
I'm thinking of the functional comparisons of common tasks in the "I'm a Mac" ads, and I disagree that user indifference is the reason Vista commercials don't examine technical merits. My "average user" does care about indexed search and file systems, if those are useful, meaning that "performance gains" show up in the tasks the end user is already doing, as opposed to introducing a new task, no matter how fast it is. They don't care to take 30 hours poring through KBs and white papers for the marginal performance gains Microsoft typically offers from whatever is their newest, shiniest "innovation."
I think I see now. If you're just suspicious of any "Illinois politician" I really have no counterargument because I never lived there. About President Obama specifically, I'm optimistic so far but I won't try to tell anybody he's above critique. Thanks for clarifying.
It's easy to install a cell network of your own. Hell, Sprint sells 4-person personal cell towers in their stores in the US. So instead of "jamming" the frequencies, make a localized cell network that simply black-holes the unauthorized calls.
Even easier would be the Faraday Cage suggestion of mcgrew somewehere else in this thread. Provided that the building has wired phones, anybody who should have access will and zero effort has to go into restricting access.
Can we expect anyone who followed a warrantless wiretap from the Bush administration to also be fired then? I mean, they violated our privacy as well.
I'm not employed by Verizon or NSA, but I did TiVo many of the Senate interviews of Alberto Gonzales on this matter, and based on what little data Senators Specter and Leahy were able to pry from that weasel, it seems that if any Verizon employee participated in any way on a wiretap, it would be little more than flipping a switch. Also, I'm not sure that Verizon should have any role in ascertaining the difference between a legitimate wiretap request and a warrantless one. Landlines work on two wires, and cell phone signals are not encrypted. If this is so complex for the NSA that they need Verizon's assistance to tap a call, we have lost at espionage.
He voted in favor of the FISA bill w/ Telco immunity last year.
He worked pretty hard against it and voted "Yea" apologetically, explaining that he thought that bill was the lesser of the evils on our menu, at that moment.
Privacy rights advocates didn't send other Senators enough verbose facsimile petitions and we didn't hold enough traffic-stopping protests to say we worked as hard against telecomm immunity as Senator Obama did. At least, with him in the White House, we can hope that he will sign the bill that repeals telecomm immunity, as soon as the Congress gets it to his desk.
Granted, but many != all, and those who do wish to exercise their right to privacy don't deserve to have it compromised by spotlight chasers just because they have the same employer or profession. Even those who do enjoy the attention in public have the right to privacy in their own homes and a supermarket is not primarily a social gathering place, therefore it's not an appropriate location for paparazzi to assume that celebrities are available for comment.
He's tied to lots and lots of politicians of both parties, including Senator/President-Elect Obama.
And does the fact that Rezko knew a lot of politicians and therefore was already in Obama's social circle imply that their brief dealing made Obama more suspect, or less?
In Illinois the term "corrupt politician" is redundant. The last Democrat Governor to be defeated by a Republican went to prison, and the last Republican Governor to be defeated by a Democrat is still in prison.
And a vague implication of a conflict of interest in one deal with Rezko is all the dirt found even near Obama's work in such a criminal place. The facts do not support your analysis. No, being on a school board with Bill Ayers and attending some social function at his house does not count for anything. The only actual association that legitimately looked even slightly suspicious was Rezko, and significantly more than half of voters decided that was less suspicious than John McCain's association with Richard Bruce Cheney.
The disadvantages are:
* Any black-hat who hadn't noticed the problem now knows about it and can write an exploit.
I would expect black-hats to have scripts already laying around for such a battleship-sized hole, and not need to be told because their existing network of zombie machines would be so likely to catch that, but I don't know, I am not a black-hat. I do see your point that Friday press releases are bad form though. Unless the vulnerability has been exploited and not identified by the authors, my first reaction is that it probably could have waited until Monday.
Then again, vulnerabilities that are ignored or denied are already matters of record, so maybe it's better to keep all proprietary software houses "on their toes" to the maximum degree possible, just based on the evidence that without oversight, they'll do absolutely nothing to protect customers' property rights from theft during online transactions. After all, SSL is not some obscure package in use on only two abandoned workstations that somebody just didn't remember to unplug from a defunct warehouse in the 1970's. It is used a lot, and expected to at least require a few million clock cycles to defeat. No, a lot of users don't know "how difficult" 64-bit or 128-bit encryption is to defeat, in clock cycles, they just expect they're substantially safer with it than without it. Claiming to support SSL but then not encrypting data sent to an https URL seems pretty damned amateurish. That ought to have been caught in house, and if HK believes Zimbra users are already vulnerable, and the main effect of his announcement is to cure users' ignorance of the danger they're in already, then I can understand why he decided not to wait until Monday as a courtesy to Yahoo! The text of his post obviously contains a lot of intentional sarcasm, to a dev team that I agree is clearly not even trying. Or they're employed by a proprietary software house but counting on free QA workers for every aspect of development, not just usability. Either way, I hope HK gets his T-shirt.
Then again, maybe the Yahoo! Zimbra team made that behavior intentionally, only for 127.0.0.1 and/or localhost.localdomain, just to phish for aggressive testers and first thing tomorrow morning, the joke's on HK. But Ockham and I suspect they just screwed up.
Not even. Pardon me. What I meant to say is that it might seem weird to judge the first post "redundant" until you consider the definition of a nerd to be one who "has nothing better to do" than do whatever we do, right. Assuming that standard of attention to detail is prevalent here, a first post can truly be redundant if it's been said before about the same subject. This is most commonly used for disinformation that's been debunked, especially debunked prominently on/. A re-run of MythBusters can be fun, so I wouldn't use a derogatory term like "redundant." But if they start to routinely re-tread myths they've already covered, without a good explanation of what they thought they might have missed the first time, and if what they missed the first time didn't really call their first verdict into question, then I would use the pejorative "redundant." So when/.ers come back with statements that have already been disproved they do get modded "redundant." I'm not sure without checking what the regs say about that, but it does happen.
To avoid inadvertent offense, I don't know that any of that is true of the FP. If that question has even been discussed on/. I don't recall it. To explain how a first post can be redundant, I chose an extreme case, which oh, by the way, is also hypothetical.
This is certainly a step up from transmitting the information in the clear, since the attacker must switch from being passive to active, but with all of the DNS security problems, it would be fairly trivial for a malicious attacker to grab a large number of Yahoo! accounts (be it for phishing or spaming[sic]).
Then again, maybe that "redundant" mod was intended for the summary, by a moderator with low aim.
And no, it's not a bad thing. But it does mean a changing business model.
I would add that it's a change in the direction of textbook laissez-faire capitalism, meaning towards practical realization of the academic abstractions behind theories of free markets as efficient distributors of wealth. The OP has observed that the Open Source model requires suppliers to continue producing, not to write a program once -- then, as the eloquent first post put it, sit on the duff collecting royalties for nothing.
Adam Smith's idealized competition is pretty well summarized as an open source independent contractor.
It was not a statute at all, it was just Anonymous Coward's (TM) sales pitch in the guise of legal counsel. From the first article:
An e-discovery lawyer, who asked not to be named because his employer (a firm you probably have heard of) doesn't want him speaking to the press, explained the basic legal requirements surrounding email and document retention to The Standard. "If litigation is anticipated, the party has a duty to preserve potentially relevant documents," he said.
Playing safe does indeed indicate good record-keeping. I'm still not a lawyer, but that seems like reasonable enough legal advice. However, he has more to say.
"An employee retention program with no organization or coordination is effectively incapable of compliance," he continued, "barring an act of God, or luck akin to picking every game right in an NCAA pool. Apple's retention policy is negligent."
Do you mean "negligent" in the legal sense, or the colloquial? Because, you know, now that you're being cited as an e-discovery lawyer, the inclination will be to assume that everything you say is your legal opinion or best counsel based on the sum of relevant statute and precedent.
Consider this scenario: Employees could have emails from five years ago that become "potentially relevant", but because there was no policy in place regarding e-documents, those records could easily become destroyed -- making it potentially impossible for a plaintiff to make a case from internal documents.
That could only be a problem under an ex post facto law, in my opinion. I am still not a lawyer, so if I'm right [meaning his advice is not so hot], we now have a good idea why "his employer (a firm you probably have heard of) doesn't want him speaking to the press."
However, Apple claims in the Psystar document that its policy is fine because once the company anticipated litigation:
[Apple] identified a group of employees who could potentially have documents relevant to the issues reasonably evident in this action. Apple then provided those individuals with a document retention notice which included a request for the retention of any relevant documents.
Psystar's antitrust claim has been dismissed, but Apple is currently involved in many other cases. Apple's weak e-discovery practices could very well come back to haunt the company.
That is of course possible, but "could very well" normally implies high probability, and that is not supported by the facts given in this article. Obviously, he has a product to sell, but I would have come away with a more favorable impression of e-discovery software if he had said something more like, "if the evidence against you is as weak as the evidence against Apple in this case, you don't need a data retention policy any better than Apple's. However," I would continue if I was trying to sell some e-discovery software, "in case of better-organized litigation against you than this case, a more comprehensive data retention policy might be in your best interest." See, instead of making my sales pitch on a case that, taken on its own, indicates that my product is unimportant, I would acknowledge that my product was not important in this case, but suggest that it is not wise to assume that every case will be so easy. I think my approach appeals less to the customer's fear, and more to the careful consideration that will need to be evident in an approved purchase request.
It's probably more to say "if you think you will get busted you're not allowed to start removing things", not "you can't remove anything because some day in a time far far away someone may want to look you up."
You assume noble intent at your own risk. I give you credit for paraphrasing in a manner that would be fairly reasonable, but the statute under discussion should be written at least that well. I will not be a lawyer, but I believe that in law school, students are taught that good statutes are written to be minimally subject to interpretation. Besides, the statue imposes a burden of proof of one's innocence, no matter how innocuously one tries to phrase any legal mandate to have any evidence of anything. Any statute requiring having evidence means that absent any proof, just by lacking evidence defendants are guilty of an infraction. Corporations are the worst criminals around, and sloppy statutes, even one's ostensibly intended to persecute businesses, just waste everybody's time and retard the pursuit of actual justice. The same laws that apply among people ought to apply when some of the people violating assault, fraud, theft or other laws, happen to be doing so on the job.
I second the recommendation above of a liberal arts education. And for similar reasons, if this student solicited my opinion, my advice would be to audit classes in as many interesting disciplines as possible, even if they're just barely, vaguely interesting. Until you scratch the surface enough to know what you don't know about econometrics, you don't know enough to assume it's boring. Especially in a university or liberal arts college with a wide selection, you won't know if you like it until you try it, and you can dramatically reduce the risk of getting to your third year, then realizing you don't actually care one way or the other about what you're studying except as a means to a salary. Salaries are nice of course, but it's worth sitting on a few lectures, non-graded, to boost the likelihood that you can enjoy your work as well.
To the OP, I would just say, take note of the part in bold. No good ever came from unsolicited advice.
Marketable skills you can learn and expand in the military should include programming. But since they've chosen to outsource some of its core duties to Blackwater, it's not at all surprising that they don't make their own software. Just wrong.
Slashdot Mirror
Does any commercial add-on security software for Windows allow state-based checks yet?
Windows server services are fine inside your LAN, if you have a Linux, BSD or commercial Unix-based gateway. Otherwise, any online transaction is like running through a pickpocket convention with your money hanging out of your pockets.
That's a bit like banning alcohol to keep people from driving drunk.
It's more like wiring breathalyzers to the vehicles' ignition systems as a service to drivers, because both are restricted in specific scenarios, not "banned" which means totally prohibited. At a four-course dinner, you don't have the option of a separate drink with each course then driving yourself [probably, depending on body weight, blah, blah]. In a theater, don't use your phone. At all. If being without any of its functions -- phone, TXT, video camera, PDA, whatever -- is onerous to somebody, going to the cinema is not an unalienable human right and waiting for the DVD release is not cruel or unusual punishment.
What if there's a fire?
Then some heat will be released while some carbon-containing matter will combine with oxygen and be converted to CO2 and H2O, and probably significant quantities of CO, except in the rare case of complete combustion. Seriously, I don't know why you think the possibility of a fire would make it OK to leave on your cell phone. If there's a fire in the theater, you depend on their alarm system to work either way so that shouldn't be what you mean. Let's see. Do you mean, what if there's a fire at home, where you left your kids? If you left them with a trustworthy babysitter, the house will still be just as destroyed, and your kids will still be just as safely rescued, when you return after the movie. If you can't leave them out of contact for two hours you can't leave them at home while you go to the movies. Should have used condoms if you can't handle that.
A doctor with an emergency who knows how to stand up and walk out when he gets a call?
If he got through medical school, he can find his way around Netflix.
The FISA court was designed only for conversations- communications surveillance where one party was and American citizen-US person.
The statute you cited explicitly excludes such.
(1) Notwithstanding any other law, the President, through the Attorney General, may authorize electronic surveillance without a court order under this subchapter to acquire foreign intelligence information for periods of up to one year if the Attorney General certifies in writing under oath that--
...
...
(B) there is no substantial likelihood that the surveillance will acquire the contents of any communication to which a United States person is a party; and
(b) Applications for a court order under this subchapter are authorized if the President has, by written authorization, empowered the Attorney General to approve applications to the court having jurisdiction under section 1803 of this title, and a judge to whom an application is made may, notwithstanding any other law, grant an order, in conformity with section 1805 of this title, approving electronic surveillance of a foreign power or an agent of a foreign power for the purpose of obtaining foreign intelligence information, except that the court shall not have jurisdiction to grant any order approving electronic surveillance directed solely as described in paragraph (1)(A) of subsection (a) of this section unless such surveillance may involve the acquisition of communications of any United States person.
I omitted a lot for brevity. None of what I omitted alters the meaning of the parts I included.
The link "How Current Is This" led to a page which didn't tell me anything about the date of the original draft of the statute. I only saw two references to dates there, Jan 2, 2006 & Monday, November 3, 2008.
An empty table indicates that we see no relevant changes listed in the classification tables since Jan. 2, 2006. If you suspect that our system may be missing something, please double-check at http://uscode.house.gov/classification/tables.shtml
...
The most recent Classification Table update that we have noticed was Monday, November 3, 2008
I just thought of a much better way to explain this. You don't assume your right to free speech depends on continuous exercise of it, so why do you act like periodically or even habitually seeking its opposite [ publicity or attention ] diminishes anybody else's right to privacy? Only because it's somebody else's right being violated and not yours.
My basic objection is based on my understanding of the stock market as the exchange of partial ownership of companies. If this Paulson fund is going to the biggest losers on Wall Street then it isn't an economic plan, it's corporate welfare based on alimony standards as described by Chris Rock: what they've become accustomed to, with no requirement to earn anything. Also, a mortgage lender who approved an overly generous loan and a Wall Street trader who invested in securities filled with such loans have both failed, professionally. I'm not satisfied that struggling national banks are, as Paulson assumes, competent distributors of wealth according to merit, especially considering that local and regional banks are doing just fine, thank you. The borrowers ["liar loans" are the exception that illustrate the problem, not the rule] are expected by free market theory to do what they did, to seek the largest and most luxurious house the market offers at the price they can afford. It's the job of mortgage lenders to correctly evaluate borrowers' credit-worthiness based on accurate information, so encouraging borrowers to input false, inflated incomes of course is also professional failure on the lenders' part, not the borrowers'. Borrowers did their "jobs" in a market that Congress inflated, against the advice of their top finance professional, whom they called "Maestro" for his expertise. According to all the rhetoric of the decision-makers over the past eight years, money is the reward for achievement. Now, the same people are taking money as their rightful reward, for failure. Which brings me to the punch line of the same Chris Rock routine, "I've become accustomed to some things, myself ..."
Scroll down to the bottom, and scan the list of names of their "Key Customers." Although GHS funding does not all come from military projects, so many of their "Key Customers" are military contractors that I doubt they'd be where they are today without military contracts and I stand by my previous statement: I funded that already and I don't welcome their second pass at my money.
What do you think about military outsourcing, generally? I know this isn't how it currently works, but my opinion is that GHS is welcome to provide this "Integrity-178B" product free of charge to net taxpayers like me, and cover their costs with their contracts with net tax recipients Raytheon, Lockheed Martin, etc. And the national defense should never have been privatized.
Integrity for Avionics, the product you think you own, is simply a trimmed down version of Integrity, which is used in medical devices, industrial robotics, and other stuff like that.
After reading the product docs...
The what?
The OS, which was first deployed in the B1B bomber in 1997, today runs in military and commercial aircraft, including the F-16, F-22, and F-35 military jets, and the Airbus 380 and Boeing 787 airplanes.
The information available suggests that the first deployment was its original purpose, and probable source of original funding. If the military did not subsidize the start of this company and the development of this product, then of course what I've said doesn't hold. But neither of you have provided any other sources of information yet. I've gotten my information from the article. What's the URL of your source?
I have yet to see a vista commercial that talks about the technical merits of the operating system, because your average user doesn't understand or care about indexed search or file systems etc.
I'm thinking of the functional comparisons of common tasks in the "I'm a Mac" ads, and I disagree that user indifference is the reason Vista commercials don't examine technical merits. My "average user" does care about indexed search and file systems, if those are useful, meaning that "performance gains" show up in the tasks the end user is already doing, as opposed to introducing a new task, no matter how fast it is. They don't care to take 30 hours poring through KBs and white papers for the marginal performance gains Microsoft typically offers from whatever is their newest, shiniest "innovation."
I think I see now. If you're just suspicious of any "Illinois politician" I really have no counterargument because I never lived there. About President Obama specifically, I'm optimistic so far but I won't try to tell anybody he's above critique. Thanks for clarifying.
Theaters could coat the theater walls with aluminum to legally block signals. I wish they would.
But politically, it makes too much sense and doesn't cost enough. Maybe when an honest Illinois politician becomes President.
It's easy to install a cell network of your own. Hell, Sprint sells 4-person personal cell towers in their stores in the US. So instead of "jamming" the frequencies, make a localized cell network that simply black-holes the unauthorized calls.
Even easier would be the Faraday Cage suggestion of mcgrew somewehere else in this thread. Provided that the building has wired phones, anybody who should have access will and zero effort has to go into restricting access.
Security 101: default deny policies.
Can we expect anyone who followed a warrantless wiretap from the Bush administration to also be fired then? I mean, they violated our privacy as well.
I'm not employed by Verizon or NSA, but I did TiVo many of the Senate interviews of Alberto Gonzales on this matter, and based on what little data Senators Specter and Leahy were able to pry from that weasel, it seems that if any Verizon employee participated in any way on a wiretap, it would be little more than flipping a switch. Also, I'm not sure that Verizon should have any role in ascertaining the difference between a legitimate wiretap request and a warrantless one. Landlines work on two wires, and cell phone signals are not encrypted. If this is so complex for the NSA that they need Verizon's assistance to tap a call, we have lost at espionage.
He voted in favor of the FISA bill w/ Telco immunity last year.
He worked pretty hard against it and voted "Yea" apologetically, explaining that he thought that bill was the lesser of the evils on our menu, at that moment.
Privacy rights advocates didn't send other Senators enough verbose facsimile petitions and we didn't hold enough traffic-stopping protests to say we worked as hard against telecomm immunity as Senator Obama did. At least, with him in the White House, we can hope that he will sign the bill that repeals telecomm immunity, as soon as the Congress gets it to his desk.
That's the way many celebrities like it.
Granted, but many != all, and those who do wish to exercise their right to privacy don't deserve to have it compromised by spotlight chasers just because they have the same employer or profession. Even those who do enjoy the attention in public have the right to privacy in their own homes and a supermarket is not primarily a social gathering place, therefore it's not an appropriate location for paparazzi to assume that celebrities are available for comment.
He's tied to lots and lots of politicians of both parties, including Senator/President-Elect Obama.
And does the fact that Rezko knew a lot of politicians and therefore was already in Obama's social circle imply that their brief dealing made Obama more suspect, or less?
In Illinois the term "corrupt politician" is redundant. The last Democrat Governor to be defeated by a Republican went to prison, and the last Republican Governor to be defeated by a Democrat is still in prison.
And a vague implication of a conflict of interest in one deal with Rezko is all the dirt found even near Obama's work in such a criminal place. The facts do not support your analysis. No, being on a school board with Bill Ayers and attending some social function at his house does not count for anything. The only actual association that legitimately looked even slightly suspicious was Rezko, and significantly more than half of voters decided that was less suspicious than John McCain's association with Richard Bruce Cheney.
The disadvantages are:
* Any black-hat who hadn't noticed the problem now knows about it and can write an exploit.
I would expect black-hats to have scripts already laying around for such a battleship-sized hole, and not need to be told because their existing network of zombie machines would be so likely to catch that, but I don't know, I am not a black-hat. I do see your point that Friday press releases are bad form though. Unless the vulnerability has been exploited and not identified by the authors, my first reaction is that it probably could have waited until Monday.
Then again, vulnerabilities that are ignored or denied are already matters of record, so maybe it's better to keep all proprietary software houses "on their toes" to the maximum degree possible, just based on the evidence that without oversight, they'll do absolutely nothing to protect customers' property rights from theft during online transactions. After all, SSL is not some obscure package in use on only two abandoned workstations that somebody just didn't remember to unplug from a defunct warehouse in the 1970's. It is used a lot, and expected to at least require a few million clock cycles to defeat. No, a lot of users don't know "how difficult" 64-bit or 128-bit encryption is to defeat, in clock cycles, they just expect they're substantially safer with it than without it. Claiming to support SSL but then not encrypting data sent to an https URL seems pretty damned amateurish. That ought to have been caught in house, and if HK believes Zimbra users are already vulnerable, and the main effect of his announcement is to cure users' ignorance of the danger they're in already, then I can understand why he decided not to wait until Monday as a courtesy to Yahoo! The text of his post obviously contains a lot of intentional sarcasm, to a dev team that I agree is clearly not even trying. Or they're employed by a proprietary software house but counting on free QA workers for every aspect of development, not just usability. Either way, I hope HK gets his T-shirt.
Then again, maybe the Yahoo! Zimbra team made that behavior intentionally, only for 127.0.0.1 and/or localhost.localdomain, just to phish for aggressive testers and first thing tomorrow morning, the joke's on HK. But Ockham and I suspect they just screwed up.
The first post is redundant? Odd.
Not even. Pardon me. What I meant to say is that it might seem weird to judge the first post "redundant" until you consider the definition of a nerd to be one who "has nothing better to do" than do whatever we do, right. Assuming that standard of attention to detail is prevalent here, a first post can truly be redundant if it's been said before about the same subject. This is most commonly used for disinformation that's been debunked, especially debunked prominently on /. A re-run of MythBusters can be fun, so I wouldn't use a derogatory term like "redundant." But if they start to routinely re-tread myths they've already covered, without a good explanation of what they thought they might have missed the first time, and if what they missed the first time didn't really call their first verdict into question, then I would use the pejorative "redundant." So when /.ers come back with statements that have already been disproved they do get modded "redundant." I'm not sure without checking what the regs say about that, but it does happen.
/. I don't recall it. To explain how a first post can be redundant, I chose an extreme case, which oh, by the way, is also hypothetical.
To avoid inadvertent offense, I don't know that any of that is true of the FP. If that question has even been discussed on
This is certainly a step up from transmitting the information in the clear, since the attacker must switch from being passive to active, but with all of the DNS security problems, it would be fairly trivial for a malicious attacker to grab a large number of Yahoo! accounts (be it for phishing or spaming[sic]).
Then again, maybe that "redundant" mod was intended for the summary, by a moderator with low aim.
And no, it's not a bad thing. But it does mean a changing business model.
I would add that it's a change in the direction of textbook laissez-faire capitalism, meaning towards practical realization of the academic abstractions behind theories of free markets as efficient distributors of wealth. The OP has observed that the Open Source model requires suppliers to continue producing, not to write a program once -- then, as the eloquent first post put it, sit on the duff collecting royalties for nothing.
Adam Smith's idealized competition is pretty well summarized as an open source independent contractor.
I remember reading that previously on /.
I was wondering whether Colorado law would allow this device. I guess, as long as it's not on the roof?
An e-discovery lawyer, who asked not to be named because his employer (a firm you probably have heard of) doesn't want him speaking to the press, explained the basic legal requirements surrounding email and document retention to The Standard. "If litigation is anticipated, the party has a duty to preserve potentially relevant documents," he said.
Playing safe does indeed indicate good record-keeping. I'm still not a lawyer, but that seems like reasonable enough legal advice. However, he has more to say.
"An employee retention program with no organization or coordination is effectively incapable of compliance," he continued, "barring an act of God, or luck akin to picking every game right in an NCAA pool. Apple's retention policy is negligent."
Do you mean "negligent" in the legal sense, or the colloquial? Because, you know, now that you're being cited as an e-discovery lawyer, the inclination will be to assume that everything you say is your legal opinion or best counsel based on the sum of relevant statute and precedent.
Consider this scenario: Employees could have emails from five years ago that become "potentially relevant", but because there was no policy in place regarding e-documents, those records could easily become destroyed -- making it potentially impossible for a plaintiff to make a case from internal documents.
That could only be a problem under an ex post facto law, in my opinion. I am still not a lawyer, so if I'm right [meaning his advice is not so hot], we now have a good idea why "his employer (a firm you probably have heard of) doesn't want him speaking to the press."
However, Apple claims in the Psystar document that its policy is fine because once the company anticipated litigation:
[Apple] identified a group of employees who could potentially have documents relevant to the issues reasonably evident in this action. Apple then provided those individuals with a document retention notice which included a request for the retention of any relevant documents.
Psystar's antitrust claim has been dismissed, but Apple is currently involved in many other cases. Apple's weak e-discovery practices could very well come back to haunt the company.
That is of course possible, but "could very well" normally implies high probability, and that is not supported by the facts given in this article. Obviously, he has a product to sell, but I would have come away with a more favorable impression of e-discovery software if he had said something more like, "if the evidence against you is as weak as the evidence against Apple in this case, you don't need a data retention policy any better than Apple's. However," I would continue if I was trying to sell some e-discovery software, "in case of better-organized litigation against you than this case, a more comprehensive data retention policy might be in your best interest." See, instead of making my sales pitch on a case that, taken on its own, indicates that my product is unimportant, I would acknowledge that my product was not important in this case, but suggest that it is not wise to assume that every case will be so easy. I think my approach appeals less to the customer's fear, and more to the careful consideration that will need to be evident in an approved purchase request.
It's probably more to say "if you think you will get busted you're not allowed to start removing things", not "you can't remove anything because some day in a time far far away someone may want to look you up."
You assume noble intent at your own risk. I give you credit for paraphrasing in a manner that would be fairly reasonable, but the statute under discussion should be written at least that well. I will not be a lawyer, but I believe that in law school, students are taught that good statutes are written to be minimally subject to interpretation. Besides, the statue imposes a burden of proof of one's innocence, no matter how innocuously one tries to phrase any legal mandate to have any evidence of anything. Any statute requiring having evidence means that absent any proof, just by lacking evidence defendants are guilty of an infraction. Corporations are the worst criminals around, and sloppy statutes, even one's ostensibly intended to persecute businesses, just waste everybody's time and retard the pursuit of actual justice. The same laws that apply among people ought to apply when some of the people violating assault, fraud, theft or other laws, happen to be doing so on the job.
I second the recommendation above of a liberal arts education. And for similar reasons, if this student solicited my opinion, my advice would be to audit classes in as many interesting disciplines as possible, even if they're just barely, vaguely interesting. Until you scratch the surface enough to know what you don't know about econometrics, you don't know enough to assume it's boring. Especially in a university or liberal arts college with a wide selection, you won't know if you like it until you try it, and you can dramatically reduce the risk of getting to your third year, then realizing you don't actually care one way or the other about what you're studying except as a means to a salary. Salaries are nice of course, but it's worth sitting on a few lectures, non-graded, to boost the likelihood that you can enjoy your work as well.
To the OP, I would just say, take note of the part in bold. No good ever came from unsolicited advice.
Marketable skills you can learn and expand in the military should include programming. But since they've chosen to outsource some of its core duties to Blackwater, it's not at all surprising that they don't make their own software. Just wrong.
I suspect that some of the funds I've donated are not being spent as required.
... or if you're going to pay me a lousy hourly wage, have the workstation ready for me to use when I show up on time."
Perfectly reasonable.