You mean the one that Netcraft claims is running IIS 5.0 on FreeBSD (at IP address 207.68.172.239)? You don't suppose that the problem could be with netcraft's algorithms, maybe?
The Solaris back end was also retired about two years ago. It's true that the back end hasn't migrated to Exchange, and possibly never will, but that has nothing to do with whether the back end database runs on Windows.
Actually, just last month, Michal Zalewski ran a trivial HTML monkey attack against most of the browsers out there. IE didn't have any problem with it, but he found many probably exploitable issues with all of the others.
Which doesn't change the fact that needless javascript is bad. It is.
I won't touch IIS ever, in fact we have Win2k3 systems running apache because of vendor mandates.
You do realize that IIS 6 has yet to have a remote access vulnerability reported, even though it's 2+ years old, but that Apache has had many in the last year? (Apache 2.0.x, Apache 1.3.x, IIS 6.)
If the same class of people are doing opencvs then should we assume that the only safe environment to run opencvs will be OpenBSD, until otherwise proven?
Yes, actually. If you run OpenCVS on Linus, there will be exploits in your base platform that can be exposed through anything, including OpenCVS.
As to your crack about C, there are a number of ways of avoiding writing buffer overflows in C without losing the power and flexibility of pointer arithmetic. You can use a canary system like propolice or the visual studio canaries. You can run a syntactic lint along with an annotation library to add provability and correctness to your code. You can run on an architecture which supports read-but-no-execute memory. Do any one of these, and you won't have buffer overruns.
Remember, in the two years since it has been released, IIS 6.0 has not had a single remote execution vulnerability confirmed against it. Securia, in fact, can only list three total vulnerabilities, one of which is widely believed to be incorrect. Not a single BO -- and I assure you that IIS is entirely written in C++, and is a constant target of attackers everywhere.
Actually, their track record on OpenSSH and OpenSSL is downright stunning. They've had one security issue in the last three years, and it wasn't a buffer overrun, but a very subtle design error.
But don't let the facts get in the way of a good bit of GPL and language snob demagoguery. That's no fun.
Working 80 hours a week is detrimental to your health
That's a common misconception.
A worker who puts in 80 hours a week under duress is going to suffer terrible harm from retaining the job. That case doesn't always apply. A worker putting 80 hours a week because the work is "wonderful, but stressful" generally won't. That worker is being paid to have fun at work -- not having work extorted from him or her.
(That doesn't mean that workaholics won't also suffer harm, but only that they don't suffer the same kind of harm. Workaholics are at greater risk of family problems and the associated health threats due to those, as well as to rapid declines after retirement. They do pay a price; it's just different.)
We have overtime laws to protect both sets of workers. If an employer abuses its position to extort its workers as EA has, then it should cost the employer money. Period. There's no justification for any excuses.
Because the liquid water would then serve as an insulator on top of the solid water, rather than the other way around. In most lakes, the solid water at the bottom would never thaw once frozen. The climate would gradually cool; Earth would wind up as an ice planet with a cold climate and narrow water-belt instead of a water planet with a greenhouse climate and two small ice caps.
Yes, exactly -- the consumers in Canada are the provincial HIPs, which have an interest in cost-effective medicine, as well as in effective treatments.
An effective market may use intermediaries and brokers. I use a broker to buy cars, because they aren't interested in the car, per se, but rather in getting the best possible price for me.
Re:Mixed feeling
on
HIV Vaccine
·
· Score: 4, Insightful
Sorry, but that just isn't true. The truth is that identical drugs, made on identical lines, cost more in the US than they do in Canada. Why? Simple: the prices in Canada are negotiated by customers who have the time to study the actual costs of production, and who aren't desperately begging for the treatment right now. The result is drug prices which are genuinely negotiated between producer and consumer, rather that prices set by a producer with no feedback from a market.
That is to say, the lower prices in Canada are due to exactly what most opponents of socialized medicine claim to support: a working market with multiple, informed customers.
Yes, of course -- but the usual death stroke takes a long time to be delivered, precisely because injury is so dangerous. There are three basic predation stategies: lethal surprise attack by the very largest predators (tigers, for instance), exhaustion through herding (dogs and wolves in tundra environments), and incremental disabling of a cornered target (most predators).
The first only works for very large animals and birds -- smaller predators experience too much air resistance when falling to be able to aquire enough kinetic energy to snap a spine. Notice that even the smallest raptors (merlins) are quite large as birds go. The second strategy, exhaustion, requires a predator which is capable of running for a very long time. Very few predators can actually employ that strategy: the only ones are wild dogs, wolves, hyenas, and humans. Once tired, all except humans surround their prey and take turns attacking it from the flanks and rear, gradually disabling it. The third strategy is the most common -- a single predator corners a single prey animal, and wears it down over time. It's a pretty nasty way to die.
My point was that predatory attacks aren't quick deaths. Yes, they're as quick as the predator can safely make them, but they are still quite slow and horrible by the standards of how food animals die.
Err -- you go back and watch those documentaries again, OK? Watch a pack of dogs, wolves, or hyenas hamstring and dismember an elk so that it can not fight back. Watch a cat kill a mouse.
Then remember that most predators are only marginally larger than their prey. They disable it, then kill it. Guess what -- if you have claws and teeth, you disable something your own weight by tearing its muscles and ripping its tendons. That is, you rip it apart alive.
"Nature red in tooth and claw" is not just a beautifully peotic turn of phrase. It's the way things really are.
Re:What's the point?
on
Internet Hunting
·
· Score: 3, Insightful
The only difference that I see is that the wild animal has a much nicer life then the caged turkey up until the moment of death.
That's actually rather implausible. The wild animal is likely to suffer from parasitic infections in its vital organs, which would cause chronic discomfort. It is likely to die slowly and painfully of the complications caused by an infection if it isn't lucky enough to be torn apart bit by bit -- while still alive, mind you -- by a predator.
As is the case with humans, wild animals are capable of surviving the extremes of their nominal climates with only available shelter, but exhibit stress responses characteristic of discomfort when placed outside of a small band of temperatures and humidities. Domesticated food animals do not exhibit those stress responses when raised under nominal feedlot conditions. Domestic turkeys, for instance, do not secrete stress hormones when crowded. (Why do we know that? Those hormones slow growth, so agribusiness types have measured exactly the point at which they start showing up in the animals' brains. Farmers under contract to the businesses follow the buidelines they set down.)
Bottom line: well, surprising as it may sound, no, you're wrong. There are a great many good reasons to be vegan, or at least purely vegetarian, but the welfare of animals doesn't actually qualify.
[S]ince people obviously want to avoid the ads, they will then stop watching the show until the ads are reduced to acceptable levels
You're assuming that the current ad levels aren't acceptable -- the fact that people still watch TV shows that to be false. You may stop watching TV, but that's not the point.
Nothing replaces the advertising revenue -- or, at least, nothing replaces it directly. Its value falls sharply. That, in turn, will lead to two classes of things: first, the amount on interstitial advertising on television will rise, and the amount of advertising woven into a show (e.g. as voice-throughs during dialog, as rolling bars at the bottom of the screen, or as product placements) will rise. The total amount of advertising-loaded time during each show will rise.
Actually, most houses in the United States now are cockroach-free. The emergence of transported-bait poisons has essentially wiped out that particular pest in indoor spaces throughout the nation in the past decade.
Perhaps you and the/. editors should start by taking a spelling-right course. Or maybe, you could just run ispell inside emacs? It's M-x $ on my key bindings.
Ethics have nothing to do with antitrust. If SCO's license posed no threat to MS, and Microsoft had reason to know it, then there might be a case. If MS had reason to believe that SCOX might have some valid foundation for suing, no matter how tenuous, or even had some reason to fear that SCO might be able to create a suit aginst MS and pursue it for a long period of time, then the company would have been perfectly within its rights to pay protection to SCOX -- and to refer it to other investment companies, just to get it out of the corporation's hair.
Given that SCOX is the original home of the litigious bastards, that seems to me to be a completely reasonable fear. Better to pay out a few megabucks and be rid of the flea than try to clap it and create a monster. (Think Linspire. Microsoft won every case that counted, but Linspire still wound up the winner.)
The first of these opinions contains a gem of an argument:
The "Mathematical Algorithm" Exception
The Supreme Court has identified three categories of subject matter that are unpatentable, namely "laws of nature, natural phenomena, and abstract ideas." Diehr, 450 U.S. at 185. Of particular relevance to this case, the Court has held that mathematical algorithms are not patentable subject matter to the extent that they are merely abstract ideas. See Diehr, 450 U.S. 175, passim; Parker v. Flook, 437 U.S. 584 (1978); Gottschalk v. Benson, 409 U.S. 63 (1972). In Diehr, the Court explained that certain types of mathematical subject matter, standing alone, represent nothing more than abstract ideas until reduced to some type of practical application, i.e., "a useful, concrete and tangible result." Alappat, 33 F.3d at 1544, 31 USPQ2d at 1557.
Unpatentable mathematical algorithms are identifiable by showing they are merely abstract ideas constituting disembodied concepts or truths that are not "useful." From a practical standpoint, this means that to be patentable an algorithm must be applied in a "useful" way. In Alappat, we held that data, transformed by a machine through a series of mathematical calculations to produce a smooth waveform display on a rasterizer monitor, constituted a practical application of an abstract idea (a mathematical algorithm, formula, or calculation), because it produced "a useful, concrete and tangible result"--the smooth waveform.
This is relevant to the current discussion because of the usual argument that "programs are just systems of algorithms, which aren't patentable". An air conditioner is just a system of natural laws, yet nobody would argue that a novel coolant wouldn't be patentable. The appellate court simply said what should have been obvious all along: systems and machines can be built from atoms, but also from bits. If so, then systems and machines built from bits should enjoy protection, just as those built from atoms do.
No, I'm not. From an economic standpoint, seventeen years is not a significant period of time.
If I create a market, then I've done most of the hard work myself: investigated what customers need, found a solution, written the code (or developed the widget), marketed it, dealt with suppliers and vendors, etc. A patent guarantees that I can reap a reward from that risk, if I'm lucky and the product is a hit, which most products aren't -- for less than half of an average person's professional lifetime. It's not even a rent for a full professional lifetime.
Open source projects and project leaders need not fear closed source patents unless the implementors want to clone interfaces or functionality which closed source companies have worked to establish. I don't see why we should want encourage such freeloading and sabotage. If it's that good, pay for it; otherwise, do without for a decade or so.
Slashdot Mirror
In X soviet russia, china is always positive.
...should it have a Live CD or a Terminally Ill CD?
You mean the one that Netcraft claims is running IIS 5.0 on FreeBSD (at IP address 207.68.172.239)? You don't suppose that the problem could be with netcraft's algorithms, maybe?
The Solaris back end was also retired about two years ago. It's true that the back end hasn't migrated to Exchange, and possibly never will, but that has nothing to do with whether the back end database runs on Windows.
Except that statement is no longer true. The back end migrated to Win 2K about two years ago. All the FreeBSD servers are long gone.
You do realize that Microsoft isn't behind this particular chip, don't you?
Oh, wait, silly me -- that would have required actually reading the article summary on the front page. Never mind.
Actually, just last month, Michal Zalewski ran a trivial HTML monkey attack against most of the browsers out there. IE didn't have any problem with it, but he found many probably exploitable issues with all of the others.
Which doesn't change the fact that needless javascript is bad. It is.
As to your crack about C, there are a number of ways of avoiding writing buffer overflows in C without losing the power and flexibility of pointer arithmetic. You can use a canary system like propolice or the visual studio canaries. You can run a syntactic lint along with an annotation library to add provability and correctness to your code. You can run on an architecture which supports read-but-no-execute memory. Do any one of these, and you won't have buffer overruns.
Remember, in the two years since it has been released, IIS 6.0 has not had a single remote execution vulnerability confirmed against it. Securia, in fact, can only list three total vulnerabilities, one of which is widely believed to be incorrect. Not a single BO -- and I assure you that IIS is entirely written in C++, and is a constant target of attackers everywhere.
Actually, their track record on OpenSSH and OpenSSL is downright stunning. They've had one security issue in the last three years, and it wasn't a buffer overrun, but a very subtle design error.
But don't let the facts get in the way of a good bit of GPL and language snob demagoguery. That's no fun.
A worker who puts in 80 hours a week under duress is going to suffer terrible harm from retaining the job. That case doesn't always apply. A worker putting 80 hours a week because the work is "wonderful, but stressful" generally won't. That worker is being paid to have fun at work -- not having work extorted from him or her.
(That doesn't mean that workaholics won't also suffer harm, but only that they don't suffer the same kind of harm. Workaholics are at greater risk of family problems and the associated health threats due to those, as well as to rapid declines after retirement. They do pay a price; it's just different.)
We have overtime laws to protect both sets of workers. If an employer abuses its position to extort its workers as EA has, then it should cost the employer money. Period. There's no justification for any excuses.
Because the liquid water would then serve as an insulator on top of the solid water, rather than the other way around. In most lakes, the solid water at the bottom would never thaw once frozen. The climate would gradually cool; Earth would wind up as an ice planet with a cold climate and narrow water-belt instead of a water planet with a greenhouse climate and two small ice caps.
No. Fen-phen was a combination of two separate regulated drugs administered in an off-label manner.
Yes, exactly -- the consumers in Canada are the provincial HIPs, which have an interest in cost-effective medicine, as well as in effective treatments.
An effective market may use intermediaries and brokers. I use a broker to buy cars, because they aren't interested in the car, per se, but rather in getting the best possible price for me.
Sorry, but that just isn't true. The truth is that identical drugs, made on identical lines, cost more in the US than they do in Canada. Why? Simple: the prices in Canada are negotiated by customers who have the time to study the actual costs of production, and who aren't desperately begging for the treatment right now. The result is drug prices which are genuinely negotiated between producer and consumer, rather that prices set by a producer with no feedback from a market.
That is to say, the lower prices in Canada are due to exactly what most opponents of socialized medicine claim to support: a working market with multiple, informed customers.
Yes, of course -- but the usual death stroke takes a long time to be delivered, precisely because injury is so dangerous. There are three basic predation stategies: lethal surprise attack by the very largest predators (tigers, for instance), exhaustion through herding (dogs and wolves in tundra environments), and incremental disabling of a cornered target (most predators).
The first only works for very large animals and birds -- smaller predators experience too much air resistance when falling to be able to aquire enough kinetic energy to snap a spine. Notice that even the smallest raptors (merlins) are quite large as birds go. The second strategy, exhaustion, requires a predator which is capable of running for a very long time. Very few predators can actually employ that strategy: the only ones are wild dogs, wolves, hyenas, and humans. Once tired, all except humans surround their prey and take turns attacking it from the flanks and rear, gradually disabling it. The third strategy is the most common -- a single predator corners a single prey animal, and wears it down over time. It's a pretty nasty way to die.
My point was that predatory attacks aren't quick deaths. Yes, they're as quick as the predator can safely make them, but they are still quite slow and horrible by the standards of how food animals die.
Err -- you go back and watch those documentaries again, OK? Watch a pack of dogs, wolves, or hyenas hamstring and dismember an elk so that it can not fight back. Watch a cat kill a mouse.
Then remember that most predators are only marginally larger than their prey. They disable it, then kill it. Guess what -- if you have claws and teeth, you disable something your own weight by tearing its muscles and ripping its tendons. That is, you rip it apart alive.
"Nature red in tooth and claw" is not just a beautifully peotic turn of phrase. It's the way things really are.
As is the case with humans, wild animals are capable of surviving the extremes of their nominal climates with only available shelter, but exhibit stress responses characteristic of discomfort when placed outside of a small band of temperatures and humidities. Domesticated food animals do not exhibit those stress responses when raised under nominal feedlot conditions. Domestic turkeys, for instance, do not secrete stress hormones when crowded. (Why do we know that? Those hormones slow growth, so agribusiness types have measured exactly the point at which they start showing up in the animals' brains. Farmers under contract to the businesses follow the buidelines they set down.)
Bottom line: well, surprising as it may sound, no, you're wrong. There are a great many good reasons to be vegan, or at least purely vegetarian, but the welfare of animals doesn't actually qualify.
Nothing replaces the advertising revenue -- or, at least, nothing replaces it directly. Its value falls sharply. That, in turn, will lead to two classes of things: first, the amount on interstitial advertising on television will rise, and the amount of advertising woven into a show (e.g. as voice-throughs during dialog, as rolling bars at the bottom of the screen, or as product placements) will rise. The total amount of advertising-loaded time during each show will rise.
Actually, most houses in the United States now are cockroach-free. The emergence of transported-bait poisons has essentially wiped out that particular pest in indoor spaces throughout the nation in the past decade.
Ethics have nothing to do with antitrust. If SCO's license posed no threat to MS, and Microsoft had reason to know it, then there might be a case. If MS had reason to believe that SCOX might have some valid foundation for suing, no matter how tenuous, or even had some reason to fear that SCO might be able to create a suit aginst MS and pursue it for a long period of time, then the company would have been perfectly within its rights to pay protection to SCOX -- and to refer it to other investment companies, just to get it out of the corporation's hair.
Given that SCOX is the original home of the litigious bastards, that seems to me to be a completely reasonable fear. Better to pay out a few megabucks and be rid of the flea than try to clap it and create a monster. (Think Linspire. Microsoft won every case that counted, but Linspire still wound up the winner.)
This is relevant to the current discussion because of the usual argument that "programs are just systems of algorithms, which aren't patentable". An air conditioner is just a system of natural laws, yet nobody would argue that a novel coolant wouldn't be patentable. The appellate court simply said what should have been obvious all along: systems and machines can be built from atoms, but also from bits. If so, then systems and machines built from bits should enjoy protection, just as those built from atoms do.
No, I'm not. From an economic standpoint, seventeen years is not a significant period of time.
If I create a market, then I've done most of the hard work myself: investigated what customers need, found a solution, written the code (or developed the widget), marketed it, dealt with suppliers and vendors, etc. A patent guarantees that I can reap a reward from that risk, if I'm lucky and the product is a hit, which most products aren't -- for less than half of an average person's professional lifetime. It's not even a rent for a full professional lifetime.
Open source projects and project leaders need not fear closed source patents unless the implementors want to clone interfaces or functionality which closed source companies have worked to establish. I don't see why we should want encourage such freeloading and sabotage. If it's that good, pay for it; otherwise, do without for a decade or so.