will not?? It has already happened! If you have a software which is certified with distribution X, it may or may not run on distribution Y: you have no guarantee, the fragmentation is already here.
And an example of that would be... ?
And what is this "guarantee" that you're talking about?
Features may be ported, but not necessarily in a compatible way: witness how easily the rpm tools have fragmented recently, ok there is now an effort to reunite them, but this example show that licensing compatibility is by now means sufficient to ensure binary compatibility, which is what LSB is about.
So your evidence that the GPL doesn't prevent fragmentation is... the GPL preventing fragmentation.
What you are claiming as "fragmentation" is more correctly known as a "fork".
The GPL encourages forks. That is how different concepts are tested.
People choose distros based on things ranging from "i hate novell" all the way to "it had blue wallpaper".
So? If it works, it works.
How about all these distros agree on something beforehand?
Because that requires something known as "prescience". They have to know BEFORE THEY DO IT which options are best.
This community spirit stuff is supposed to enable people to work together, not go in 50 different directions and hope something sticks to the wall eventually.
Again, when you know the future so well that you can tell everyone the best approach, feel free to build the ultimate, perfect distribution.
Until then, the experimental approach has worked so far.
Secondly, if the user whitelists FaceBook then that would PROBABLY also whitelist the picture/jar that is the exploit which would be downloaded from FaceBook.
Yeah, the security is an issue. At least for right now. It might take a major re-write to kill this exploit. Probably a sandbox where EVERYTHING from a web page would be temporarily stored, then analyzed to see what it was and what the web page reported it as. Probably by digging into the headers of each file and having a setup similar to Apple's for identifying the app that should run a given file.
Let me remind you, my friend, that evolution means SUCCESSFUL ADAPTATION to an environment. What happens when a change (mutation) results in inadaptation? Extinction.
So far, so good.
Evolution refers to a species. But in Linux what we have is not a single species, but a genus (a set of different species): Redhat, Debian, etc. "DNA" recombination is impossible in these. The resulting software would be inoperable.
Huh? I run "bash" on all kinds of distributions. Not to mention Apache. And Samba. It's trivial to run the same code on different distributions.
LSB4, hopefully, will be a further step in the evolution of Linux: The convergence to a single species that will be able to share one single configuration.
If there is to be a stable platform to target with Linux, that crap has to stop. Simple being GPL software means very little toward that goal if distros continue to be arbitrarily different and the situation never really resolves itself.
Sure. You just have to tell everyone what the BEST way is.
No we understand the GPL, but it has very little to do with the subject, namely that regardless of open vs closed, some distros remain incompatible with each other in small but significant ways.
Actually, it has EVERYTHING to do with it.
Each distribution can take whatever path it thinks is BEST and the results will speak for themselves.
If it succeeds, then others can copy the improvements made by it.
It's easy to look backwards and see what you believe to be a straight path of development. But if you look at each point in time, you'll see LOTS of different approaches.
It's impossible to look forward and choose the best path TODAY for development of features that will take 2 years to implement.
Until you can do that, telling distribution X that it is wrong for choosing a path different than distribution Y is beyond silly.
maybe you mean something different, but I'm not sure how your statement relates to this issue.
It relates to his statement that I quoted.
"The reason you need that is because we don't want what happened to Unix to happen to Linux in terms of fragmentation." says Jim Zemlin, executive director of the Linux Foundation.
That shows how clueless he is regarding the history of *nix.
It was the various PROPRIETARY licenses that caused the fragmentation because an improvement made by HP had to be specifically licensed by Sun to be included in Solaris.
But with the GPL, the improvements made in one fork are available to ALL forks.
Therefore, the fragmentation will not happen because if a feature is worth it, it will be ported to the other forks. Without the need to coordinate licenses with HP or Sun or anyone else.
"The reason you need that is because we don't want what happened to Unix to happen to Linux in terms of fragmentation." says Jim Zemlin, executive director of the Linux Foundation.
He needs to read the GPL and understand how it differs from the various PROPRIETARY licenses that caused the *nix fragmentation.
... is there a way that this can project the future and give proactive techniques?
Not really. We already know how machines are cracked.
All this research does is find out what tools are being used today.
And as you can see with the need to constantly download updated "virus signatures", that approach is useless in defending your systems.
To really defend your system, you need to be able to lock down all the executables on your system. And you need a way to verify that those executables stay locked down. And that there is no other way to get an executable to run on your system.
So, who you're next to doesn't hold much water in predicting whether the message is spam.
Yes, it does. Look at the spam zombies on the major ISP networks.
Most corperations expose only one mail server IP address to the world, and some smaller companies have hundred-user systems and only one IP to show for it.
Now do the math about whether there are more home users on the big ISP networks or whether there are more companies running their own email servers.
If you're getting spam, 99.9%+ of the time it will be from a cracked machine on a home system easily identified as such.
Likewise, 99.9%+ of the legitimate email will not be coming from an ISP's home user block. If it is coming from that ISP's block, it will come from their mail servers.
Predictive goes both ways. Identifying what is probably good and identifying what is probably bad.
So if this isn't predictive, what is? Would you rather they develop an algorithm that identifies blacklist-worthy addresses before they make their first attack?
Ummmm, yes. If you can identify them BEFORE they make their first attack then that would qualify as "predictive".
It captures the fact that "true" attackers mostly attack "true" (that is, weak or high profile) targets, whereas those targets are mostly attacked by "true" attackers.
Not in my experience. The attacks are usually automated scripts running on zombies that randomly scan address (or search their immediate networks) looking for known vulnerabilities.
Thus some isolated attack by a never-before-detected attacker on a never-before-attacked target has very little predictive potential in the eyes of the algorithm, whereas even just a few attacks by a never-before-seen attacker on several oft-attacked targets raises a huge red flag.
That is the opposite of how their system was described. They looked for matches amongst IP addresses and then "predicted" that if your example machine one firewall it should be blacklisted for the other firewalls that closely matched that list.
Now a real predictive system would look more factors.
#1. Who was attacking.
#2. How did the attacker(s) gain access to the machines used in the attack.
#3. What other machines are vulnerable to #2 that are available to #1.
Example - Spam zombies often appear in ranges of home addresses from the large ISP's. So machines in those ranges are given an increased score in SpamAssassin. Whether they have ever sent spam before or not. See #1 and #2 and #3.
Then they look for matches in attacking IP addresses between the logs...
And if any IP addresses appear in log A (which is very similar to log B)... then those IP addresses are "predicted" as being possible to attack the firewall from which log B was obtained.
Fuck parental controls. If you believe that your children are not old enough to "surf" on their own, then just put the computer next to you while your children use it.
I know some of you cynics think that there is no hope and that the courts are corrupt or run by nincompoops, but you know I don't agree with you.
The problem is that the patent troll gets to pick the court. Which means that they can slant it any way they want to. From judges that are pro-patents to judges that have no idea what the issue is and don't feel like educating themselves.
There are good judges out there. There are bad judges out there.
The trolls get to choose which ones they want to have their cases decided by.
"chaos with great planning skills"
on
Batman Discussion
·
· Score: 1
EXACTLY!!!
And that is the problem I have with that character. He knows TOO much and his plans work TOO perfectly.
He has limited resources (and many of those resources are hostile to him) yet he always has the exact manpower needed at the exact point it is needed with the exact equipment needed.
How many of his plans would have completely failed if just ONE person acted intelligently or even selflessly? Or, at the bare minimum, with basic suspicion about KNOWN criminals?
No. It was the 70's slasher flix all over again. No matter how slow the monster moves when chasing the victim, when the victim turns a corner, the monster will be right in front of her.
Send email to xyz: "Dood, wanna join the party? It's, like, gonna be awesome!!!"
Yep.
Send SMS to xyz: "Hey, chk ur email"
Yep.
Then send the vmail to xyz: "Have your checked your SMS?"
Nope. More like: "uhh hh hhh uh dood? I uh hh huh h mmmmmmm wanted to callyouabouttheparty and uh uh uh uh the party is...."
Repeat for about 10 minutes.
I HATE voice-mail because almost no one knows how to leave a message CORRECTLY.
Correct method: "Hi! This is *name* at *call back number* and I wanted to talk to you about *subject*. Once again, this is *name* at *call back number* calling about *subject*. Bye!"
Incorrect method 1: "Hi! This is *name*. Call me." Unless you are the girlfriend/boyfriend. Then it is allowable.
Incorrect method 2: "Hi! About the thing that blah blah blah blah blah *ten minutes pass* blah blah blah bl" Cut off by message limit timer.
I prefer email and text because it takes MORE effort to type in excess material than voice-mail does.
When the seemingly invulnerable to low-yield nuclear weapons monster kept coming back back back coming back coming back.
A villain with a past provides depth to the character. Otherwise, you end up with a two-dimensional caricature.
And that was what this movie skirted dangerously close to. The omniscient villain who exists only to give the hero someone to defeat.
Which was fine for the Halloween series. The Friday the 13th series. The Nightmare on Elm Street series. Etc.
And writing them takes no skill.
That was the weakest part of the story.
on
Batman Discussion
·
· Score: 1
And they seem to have thought so, also.
Which is why they had Alfred go on about Burma and the jewels and the bandit. Seeing as how we aren't going to waste back-story on Joker... here's back-story on someone who isn't even appearing in the movie.
On the plus side, I really liked how Joker kept changing the story on how he got the scars. I just wish they had given him a few more BELIEVABLE stories about it.
You BELIEVED the maniac?!?
on
Batman Discussion
·
· Score: 2, Interesting
So the insane killer guy tells you that the detonator will blow up the OTHER boat. That you would be SAFE?!?
And you fucking BELIEVED him?
THAT was the problem I saw with that scene. Wouldn't the Joker do something more... Joker'ish? Like have the detonator blow up YOUR boat? Or BOTH boats?
Back when it was WinNT vs NetWare, Microsoft was happy to allow "piracy" because Novell servers automatically checked licensing and would shut down if you tried to use the same license twice.
Slashdot Mirror
And an example of that would be ... ?
And what is this "guarantee" that you're talking about?
So your evidence that the GPL doesn't prevent fragmentation is ... the GPL preventing fragmentation.
What you are claiming as "fragmentation" is more correctly known as a "fork".
The GPL encourages forks. That is how different concepts are tested.
So? If it works, it works.
Because that requires something known as "prescience". They have to know BEFORE THEY DO IT which options are best.
Again, when you know the future so well that you can tell everyone the best approach, feel free to build the ultimate, perfect distribution.
Until then, the experimental approach has worked so far.
First off, what idiot mod'ed you "Troll"?
Secondly, if the user whitelists FaceBook then that would PROBABLY also whitelist the picture/jar that is the exploit which would be downloaded from FaceBook.
Yeah, the security is an issue. At least for right now. It might take a major re-write to kill this exploit. Probably a sandbox where EVERYTHING from a web page would be temporarily stored, then analyzed to see what it was and what the web page reported it as. Probably by digging into the headers of each file and having a setup similar to Apple's for identifying the app that should run a given file.
So far, so good.
Huh? I run "bash" on all kinds of distributions. Not to mention Apache. And Samba. It's trivial to run the same code on different distributions.
Again, Apache, Samba, bash, etc.
We're already there.
The GPL rocks.
Sure. You just have to tell everyone what the BEST way is.
Actually, it has EVERYTHING to do with it.
Each distribution can take whatever path it thinks is BEST and the results will speak for themselves.
If it succeeds, then others can copy the improvements made by it.
It's easy to look backwards and see what you believe to be a straight path of development. But if you look at each point in time, you'll see LOTS of different approaches.
It's impossible to look forward and choose the best path TODAY for development of features that will take 2 years to implement.
Until you can do that, telling distribution X that it is wrong for choosing a path different than distribution Y is beyond silly.
So some people who don't understand the GPL mod'ed me down. Imaging my surprise.
It relates to his statement that I quoted.
That shows how clueless he is regarding the history of *nix.
It was the various PROPRIETARY licenses that caused the fragmentation because an improvement made by HP had to be specifically licensed by Sun to be included in Solaris.
But with the GPL, the improvements made in one fork are available to ALL forks.
Therefore, the fragmentation will not happen because if a feature is worth it, it will be ported to the other forks. Without the need to coordinate licenses with HP or Sun or anyone else.
The GPL rocks.
He needs to read the GPL and understand how it differs from the various PROPRIETARY licenses that caused the *nix fragmentation.
The problems with lasers is that the need to punch through the armour in the time they can stay on target.
#1. Spin them. If the laser cannot hit the same spot for X fragments of a second then it cannot burn through (unless you get a bigger laser).
#2. For when the enemy gets a bigger laser, you coat the missile in a nice insulator. Something like carbon.
So now the laser has to punch through the carbon armour before the missile rotates new armour into sight.
Not really. We already know how machines are cracked.
All this research does is find out what tools are being used today.
And as you can see with the need to constantly download updated "virus signatures", that approach is useless in defending your systems.
To really defend your system, you need to be able to lock down all the executables on your system. And you need a way to verify that those executables stay locked down. And that there is no other way to get an executable to run on your system.
Yes, it does. Look at the spam zombies on the major ISP networks.
Now do the math about whether there are more home users on the big ISP networks or whether there are more companies running their own email servers.
If you're getting spam, 99.9%+ of the time it will be from a cracked machine on a home system easily identified as such.
Likewise, 99.9%+ of the legitimate email will not be coming from an ISP's home user block. If it is coming from that ISP's block, it will come from their mail servers.
Predictive goes both ways. Identifying what is probably good and identifying what is probably bad.
Ummmm, yes. If you can identify them BEFORE they make their first attack then that would qualify as "predictive".
Not in my experience. The attacks are usually automated scripts running on zombies that randomly scan address (or search their immediate networks) looking for known vulnerabilities.
That is the opposite of how their system was described. They looked for matches amongst IP addresses and then "predicted" that if your example machine one firewall it should be blacklisted for the other firewalls that closely matched that list.
Now a real predictive system would look more factors.
#1. Who was attacking.
#2. How did the attacker(s) gain access to the machines used in the attack.
#3. What other machines are vulnerable to #2 that are available to #1.
Example - Spam zombies often appear in ranges of home addresses from the large ISP's. So machines in those ranges are given an increased score in SpamAssassin. Whether they have ever sent spam before or not. See #1 and #2 and #3.
They take X firewall logs ...
Then they look for matches in attacking IP addresses between the logs ...
And if any IP addresses appear in log A (which is very similar to log B) ... then those IP addresses are "predicted" as being possible to attack the firewall from which log B was obtained.
Logical - yes.
Predictive - no.
Fuck parental controls. If you believe that your children are not old enough to "surf" on their own, then just put the computer next to you while your children use it.
"Parenting" - it doesn't end at birth.
The problem is that the patent troll gets to pick the court. Which means that they can slant it any way they want to. From judges that are pro-patents to judges that have no idea what the issue is and don't feel like educating themselves.
There are good judges out there. There are bad judges out there.
The trolls get to choose which ones they want to have their cases decided by.
EXACTLY!!!
And that is the problem I have with that character. He knows TOO much and his plans work TOO perfectly.
He has limited resources (and many of those resources are hostile to him) yet he always has the exact manpower needed at the exact point it is needed with the exact equipment needed.
How many of his plans would have completely failed if just ONE person acted intelligently or even selflessly? Or, at the bare minimum, with basic suspicion about KNOWN criminals?
No. It was the 70's slasher flix all over again. No matter how slow the monster moves when chasing the victim, when the victim turns a corner, the monster will be right in front of her.
Yep.
Yep.
Nope. More like: ...."
"uhh hh hhh uh dood? I uh hh huh h mmmmmmm wanted to callyouabouttheparty and uh uh uh uh the party is
Repeat for about 10 minutes.
I HATE voice-mail because almost no one knows how to leave a message CORRECTLY.
Correct method:
"Hi! This is *name* at *call back number* and I wanted to talk to you about *subject*. Once again, this is *name* at *call back number* calling about *subject*. Bye!"
Incorrect method 1:
"Hi! This is *name*. Call me."
Unless you are the girlfriend/boyfriend. Then it is allowable.
Incorrect method 2:
"Hi! About the thing that blah blah blah blah blah *ten minutes pass* blah blah blah bl" Cut off by message limit timer.
I prefer email and text because it takes MORE effort to type in excess material than voice-mail does.
When the seemingly invulnerable to low-yield nuclear weapons monster kept coming back back back coming back coming back.
A villain with a past provides depth to the character. Otherwise, you end up with a two-dimensional caricature.
And that was what this movie skirted dangerously close to. The omniscient villain who exists only to give the hero someone to defeat.
Which was fine for the Halloween series. The Friday the 13th series. The Nightmare on Elm Street series. Etc.
And writing them takes no skill.
And they seem to have thought so, also.
Which is why they had Alfred go on about Burma and the jewels and the bandit. Seeing as how we aren't going to waste back-story on Joker ... here's back-story on someone who isn't even appearing in the movie.
On the plus side, I really liked how Joker kept changing the story on how he got the scars. I just wish they had given him a few more BELIEVABLE stories about it.
So the insane killer guy tells you that the detonator will blow up the OTHER boat. That you would be SAFE?!?
And you fucking BELIEVED him?
THAT was the problem I saw with that scene. Wouldn't the Joker do something more ... Joker'ish? Like have the detonator blow up YOUR boat? Or BOTH boats?
I cannot wait until Web 3.5 gets here and we can tag articles with sound clips.
So many things I would have done
But clouds got in my way
Don't forget that every so often some "analyst" will predict that "voice recognition" will replace whatever input method you currently use.
Still hasn't happened.
Not just MS Office.
Back when it was WinNT vs NetWare, Microsoft was happy to allow "piracy" because Novell servers automatically checked licensing and would shut down if you tried to use the same license twice.
They don't do anything amazing with the images. They just attempt to reverse what is known about how the source site modifies the images.
With enough machines aimed at the problem, it becomes simple to brute-force it and then share the information amongst the other machines.
Remember, the CAPTCHA's are limited in that they still have to be understandable to humans.
Put 1,000 computers on the problem and allow them to share information from their successes ... and you've cracked a CAPTCHA implementation.
And there are hundreds of thousands of zombies out there.