> UPS and FedEx would probably be a good bargain too if they were allowed to deliver junk mail
Do you have any evidence that this would be the case?
e.g. you have the average cost the USPS takes to process and deliver an item and you have some evidence that the UPS and FedEx can do much better than that, and that they would still charge less than the USPS.
Also consider what would likely happen if the USPS gets disbanded for whatever reason and UPS and FedEx take over. There will be less pressure to keep prices down (and fairly uniform). When that sort of thing happens in the USA it sure seems that most of the time the people get gouged and have to pay more for less.
There are a number of Indians with the name Habib. This should not be surprising as there are many Indians who are muslims or whose forefathers were muslims.
Just a search for Habib India will give you many Indians with that name e.g.:
1) NX is better than LBX. Even your link says LBX is crap, whereas there are lots of people saying NX is good and works well over low/mid bandwidth high latency links. So you should realize there must be a difference somewhere.
2) Google didn't reinvent anything. They just reimplemented NX stuff.
FWIW the Inuits (Eskimos) have managed to live quite well on a low carb diet (same for other hunter gatherers in places with low carb foods).
So much so that I think after so many generations on low carb diets, the Inuit "breed" of humans is more likely to have big problems with high carb diets (when all you have is a low carb diet, you're not going to kill off people who get mutations that make it harder to deal with carbs). Put them on a diet that includes fries+cola and they'll keel over faster than the average person.
Sure it's a matter of physics, but what a LOT of people miss out is that some people are more efficient than others.
For example, some people just shit out more/less calories than others. Yep many so-called researchers don't measure the calories left in the feces - that's like financial advisers not taking into account differences in tax rates. Or a physicist doing thermodynamic calculations without taking into account heat leaking out.
So they could eat less, exercise the same amount, but still be fatter.
Don't believe me? In one study involving mice, there were fewer calories in the feces of obese mice. In another study, mice without gut bacteria remained slim eating the same stuff and doing the same things, then when they were given gut bacteria from the controls, they gained 60% more body fat on the same diet and apparently no change in activity was observed.
So obesity is not a simple problem to fix and _keep_ fixed.
Yes some people do choose to eat a lot (they just don't care and they like eating). Some have a strong urge to keep eating (much of this is related to bad diets, but not all). But some don't actually eat a lot - they're just more efficient - they fidget less, they waste less in their shit. If you shit out 20% less calories than some skinny guy, given the same food intake and daily activity, you'd probably be fatter than the skinny guy.
Thus saying "eat less, exercise more" is not helpful for many overweight people.
I'm a fairly skinny guy (doctor said I was underweight), if I were told to eat 20% less calories and exercise more to become lighter and keep doing it for the rest of my life to maintain a lighter and healthier weight, it could be pretty hard and I might need some help to do it without feeling miserable and not be malnourished.
Don't think that that's healthy for normal people to do? Studies have shown that for very many animals a 20% reduction in calorie intake = increase in lifespan with no increase in mortality to infectious diseases.
So before you say "eat less" to obese people. Why don't you try it yourself? Eat 20% less calories for health reasons but maintain the same activity. There is at least one researcher trying it on himself (he wants to live longer:) ).
Don't want to go through all that trouble just to live longer and avoid earlier onset of various diseases? Well many fat people are having to go through that trouble.
If some breeds of cows and pigs get fatter much faster than others, there is no reason to believe that this cannot be true for humans.
I'm a skinny guy and a fair bit of it is due to genetics. Some people's bodies when getting more calories will automatically burn them up faster - they can still get fat but it takes more effort.
The problem is people with certain sorts of genes eating the wrong food for them. Sure they can survive on it, but they won't thrive on it.
Milk products give lactose intolerant people problems. So similarly fries and sugar water make some people fat faster than others.
The other big problem is that many people were conditioned by their parents to finish all the food on their plates. No surprise these people have obesity problems when they live in wealthy countries where the restaurants find that they can make more money by charging higher prices for larger servings. Since people are more likely to feel satisfied if they are very full after an expensive meal, compared to being not quite full after a slightly cheaper but still expensive meal.
The standard US restaurant serving can serve two or more people from poorer countries. No surprise then if a US person that can manage that serving ends up weighing about the same as two or more poor people combined. And look at the sizes of the drinks - go work out how much sugar is in one of those huge drinks. If your body has no need for that sugar (for exercise/work) it has to convert that sugar to fat, or excrete it somehow (which means you have sugar in your urine = sign of diabetes), or it stays in the blood = another sign of diabetes.
Lastly, even if it's not a good thing for the people, obesity is not a huge economic problem especially for more socialist countries. Because obese people can still be fairly productive, they consume more (thus spreading the money around) and they die not long after their most productive years, thus costing less in health care (compared to someone who uses health care for one or two more decades and then gets cancer and needs equally expensive treatment before finally succumbing to something expensive after another 10 years).
Because: 1) I don't trust either IE or Firefox to be secure enough. 2) I don't use AV software for my machines - AV software is getting crappier nowadays, it's getting harder to tell whether a machine is infected by malware or crappy AV software.
e.g. Lots of things running slower? System instability? Weird/dubious shit happening[1]? Hard to uninstall the crap? All of the previous?
BTW both Symantec and McAfee recently agreed to settle charges that they automatically charged customers software subscription renewal fees without their permission.
From a _technical_ viewpoint Linux is just as insecure as Windows, if not more so.
Even though it was exploited on windows there's NOTHING technically preventing it from being exploited on Linux. And keep in mind Firefox is not normally part of the default install of windows but it's in the default install for most Desktop Linux distros.
At least Vista and Windows 7 have IE sandboxed out of the box. Neither ubuntu nor opensuse have firefox sandboxed by default yet. I have made some suggestions to both Ubuntu and Opensuse on how to improve their stuff, maybe they'll get to them in 5 years time. Maybe never.
As I said, flowers aren't as common as shit. And if what you think are flowers look, smell, feel and behave like shit, they're not flowers.
You want to go on believing they're all the same - shit, flowers etc, that's up to you.
If what I said makes you feel uncomfortable because maybe you smell a hint of shit about you, take heart, because flowers can smell a bit of shit when there's so much shit around them.
BUT if it's really hard to tell the difference between you and shit, then in practice you are shit. That's the truth whether you like it or not.
Flowers can spring from shit given the right seeds, and flowers can be turned into shit.
Yes everything decays in the end, but even though I'm shit, it's often nice to be doing my crap under a bunch of flowers;).
They just change the stuff a bit and then resubmit it to get a few more years. Repeat ad nauseam.
The patent system is broken.
1) Trivial stuff get patented because there is no way the examiners can keep up with everything. 2) It doesn't really speed up progress.
For example: AMD comes up with something, but they infringe on Intel and vice versa so they have to spend resources cross licensing.
Now, if you're some small company that comes up with something new in the same field, and you don't have as much "patent ammo" as AMD or Intel, you can't build anything without infringing. BUT what you can do however is sit "twiddling your thumbs" while waiting to sue AMD, Intel, VIA if they infringe.
Heck in practice you don't even have to come up with something really new, you just have to patent obvious "next step" stuff - stuff as inventive as "100 methods of cracking eggs to make an omelette", and then sue people who try to make omelettes.
Whoopee, that sure encourages progress eh? Not.
It's fucked up.
If you want to encourage innovation and progress, it's better to give out Prizes for Innovation. A bit like Nobel Prizes. You could have many prizes a year and different categories of prizes - maybe one where "experts in the field" are judges and another with "members of the public" as judges (a bit like the Hugo Awards and Nebula awards). To be eligible for the prize you have to apply (pay a fee) to have your invention registered. If there's prior art, it's rejected. If only later they realize there's prior art that the examiners didn't know of at the time, that just makes you ineligible for the prize (whether you should get a partial refund or not, I'll leave that to others to work out).
As they say hindsight is 20/20: 1) It's easier in _hindsight_ to see that an invention was good, than for someone to see that a patent application deserves to be approved (instead of just rubberstamping stuff). 2) If the invention was indeed good, but just way ahead of it's time (only becomes amazingly useful 30 years later), the inventor could still get a Prize 30 years later. That's not true for patents (of course as mentioned you could constantly tweak your patents though and thus "refresh" them - but only the rich can afford to do that).
> Every year I've read about it, the order from first to last compromised has been Windows, Mac, and Linux.
Which year? And which pwn2own contest are you talking about?
In 2006, there was no pwn to own cansecwest contest. In 2007, it was mac first, but only macs were prizes;).
In 2008, it was mac first again (out of OSX, Ubuntu and Vista) on day 2 (nobody managed to pwn anything under the day one rules), and vista only on day 3 (due to adobe flash exploit).
Day 1 rules = remote exploit - no user interaction Day 2 rules = default client apps Day 3 rules = popular 3rd party apps.
In 2009, it was safari on OSX first again, on day 1, followed by IE8 on Win7, followed by safari on OSX again, followed by firefox on Win7 (however multiple platforms were actually vulnerable to nils' attack[1]). All in day 1.
Rules: Day 1: Default install no additional plugins. User goes to link. Day 2: flash, java,.net, quicktime. User goes to link. Day 3: popular apps such as acrobat reader... User goes to link
And Charlie Miller one of the pwners says OSX is easier:
"It's really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows."
"For the amount of time he spent to do what he did on IE and Firefox, he could have found and exploited five or 10 Safari bugs. With the way they're paying $5,000 for every verifiable bug, he could have spent that same time and resources and make $25,000 or $30,000 easily just by going after Safari on Mac."
They don't always keep getting booted out. And if they ever need extra staff it might not be too hard for them to convince the best of their team to join them from a crappy place that's become even crappier.
There are very many problems with being a good manager. Like I said, it's not easy to be a good manager:).
You can say that your job was on the line for all you want, but if you behave like a crappy manager - promising the same bullshit deadlines and so on, tell me how can people tell the difference between you and a crappy manager? Not so easy right?
And is "everyone was doing it too!" an excuse worthy of a good manager?
If I have a "good" flashlight that somehow never shines in the darkness for various reasons, what's the difference between it and a broken flashlight? The "good" one works when it's nice and bright? That's not so useful eh?;).
FWIW not all organizations require you to promise bullshit deadlines. Missed deadlines and broken promises make upper management look bad too.
When upper management is really that bad and nobody (with the power to change things) cares, there's not much you can do other than do your best and look for a job some place less dysfunctional, when they finally kick you out or you leave before that.
Not all upper management is crap, but good and competent people aren't that common.
There are Big Bosses who appreciate people who try to tell them the truth and provide them accurate info - whether unpleasant, inconvenient or not. It's still their call in the end. Then there are those who are just parasites roaming from host to host, often bringing along their equally parasitic friends.
In most companies you can get by with being a mediocre manager.
It's hard to be a good manager but a good middle manager is very valuable to a company (even if not valued by it;) ).
For example, say the manager is managing a project and a team of programmers.
1) When the Big Bosses ask the manager - hey when will the project be finished?
A crappy manager might just pull a date out of thin air and give that to the Big Bosses. A mediocre manager might ask the programmers, and then give the resulting date to the bosses without any processing or safety margins. Whereas a good manager would know which programmers tend to underestimate and which overestimate, come up with the Manager's actual expected date, and then add a big safety margin and then give that to the bosses.
A good manager will need to keep up with stuff enough to know when someone might be bullshitting him (and perhaps countercheck it with someone/a source he can trust).
2) Stuff happens and the manager has some misc extra stuff to do and assigns it to the team.
With a crappy manager, if the date was near ridiculous in the first place, some of the team might just start spending time preparing to leave (the top programmers can be quite re-employable). The project might then fail. With a mediocre manager, it means the team have to put in extra hours. Savvy members of the team would now start padding their future estimates by a LOT (instead of just a bit), if they haven't been doing that already. Future projects would be estimated to take X years rather than X months, or the mediocre manager would have to start pulling figures out of thin air and hoping for the best:).
With a good manager, no changes. If the team starts trusting the manager's management skills more, they can start giving him/her less padded estimates.
People might say a top programmer is 10 to 100x more productive than an average programmer, but in the hands of a crappy/mediocre manager, the top programmer might be using his extra productivity doing more fun stuff like contributing to open source projects, writing some cool game, or just plain slacking off.
So with a good manager the productivity of a team can actually be far higher. Same team, different levels of productivity. Because the good middle manager can actually _manage_ the team and the bosses.
3) The bosses might then say, "hey can't you get stuff done earlier? We have to make an announcement to the press etc by Date XYZ, otherwise we'd look bad in comparison to the competitors."
A crappy manager would just push the date earlier and give that to the bosses. A mediocre manager might do the same. A good manager would negotiate (could we just announce the product rather than _release_ the product?) or see what he can get in return, for example in future he'd say to the bosses "Hey the team is overloaded already, we can't give them more stuff unless you want the project to slip".
If the big bosses are also good, after a while they will trust the good manager too - e.g. they can believe him when he says stuff can be done and by X, or it can't be done.
Whereas in the other cases, they'll just have to make stuff up and hope their Golden Parachute is well packed (as you can see, Golden Parachute packing skills are very important to Big Bosses;) ).
Note: most coders are crap. There'll be a few not so bad ones (not worthy of "DailyWTF";) ). So most of them can barely be competent with existing stuff much less keep up with the latest tech.
So being a good manager is a bit like playing an RTS well, when: 1) you can't micromanage too much or you start having problems with your troops. 2) your troops are not that consistent, or reliable. 3) Most of your troops are crap, you have to figure out "which can do what", and which ones are just being lazy.
A good manager is very valuable (whether middle or upper management). An organization can do great things when it has good top management, good middle management and not too bad "grunts":).
There is already this security mode, it's called running stuff as a different user. The browsers would be running as different (limited/restricted) users.
The operating system enforces the separation. If you find a problem with the separation, then that's a huge bug in the OS. Ever since the 1960/70s users in proper multi-user O/Ses cannot access each others files, data and processes, unless the permissions are explicitly granted.
The browser executables are only writable by the admin/system. So they won't be changed unless there is a "local/remote root" exploit.
The cookies, bookmarks etc are separate and different - since they are browsers on different accounts.
Try it. Create multiple _limited_ users (and reduce their access further if you want).
Give your main account access to the files of those limited users (otherwise you wouldn't be able to access the downloads etc with your main account, or copy in uploads).
Then in your main account create multiple shortcuts with:
Replace _WWW_USER_X with the different created users.
Give the shortcuts different icons.
Note that/savecred isn't a big security hole here since you are saving the credentials of limited users that have less access than your main account.
To test: from the browser "open file" or "save as" you'll find that you can't save stuff to your main user account folders or the other browser accounts. Another thing you might notice is that if the browser opens files (pdfs, wmvs, mp3s) the opening application will also be running as the browser user (which is a good thing in security terms).
The usability problem is distinguishing the browser instances from each other since they tend to look the same. But the Links bars and other toolbars will be different. Plus for me one IE instance makes the "click" sound when you click on links, another one doesn't, and then yet another browser instance is running firefox instead.
There are also little things like if you rename files/folders in a File Dialog, the notifications don't get to the browser so it still displays the out of date file list, you'd have to press F5 to explicitly update.
IE7/8 on Vista makes this sort of thing simpler and more accessible to users. That's why despite what the Linux fanatics say, Vista has actually better security than "Desktop Linux" from a technical perspective - no Linux popular distro is configured by default to sandbox browsers using SELinux or AppArmor[1].
Vista sucks in other ways though;).
Keep in mind this is not bulletproof because there may be things like exploitable bugs in the graphics drivers, but the attackers know there are millions of easier users+systems to attack, so it's unlikely they'd bother using those for now.
To me the big problem with Catholicism is it adds so many potential and _unnecessary_ problems or stumbling blocks for its adherents.
Examples: The veneration of Mary. The praying to the saints. Yes some Catholics understand that differently, but so many stumble into something that resembles polytheism. Indulgences. The vows of celibacy. Sure celibacy is fine (and so is marriage), but they made it into a _requirement_ that priests must have.
The chastity/celibacy of Christ is sometimes used as justification but Jesus and others have referred to himself as the Bridegroom, and there going to be a wedding, so since he's not married yet, he has to be celibate.
We already have enough trouble with the really necessary stuff (following Jesus), why add extra unnecessary stuff that causes problems in so many cases?
You can create multiple user accounts. With Windows XP you can use Tweak UI to control what accounts show in the default XP login screen.
Then log in as your main (non-admin) user, and use browsers running as the different users for different things. For example, you have different browsers for bank stuff, shopping, normal browsing (google, slashdot etc), and less trusted browsing (which is set to be the "default browser" - what launches when you click on a link in an email etc).
Let the main user have access to the download directories of those browsers and that's pretty much it.
There's a bit of hassle since you'd have to copy files to be able to upload them to facebook/gmail etc, but that's also a feature in terms of security - only the files you want to upload get uploaded (you can delete them after that). Note: on XP if you run main user as userX, and browser as userY, if userX has a network share mounted, userY does not automatically get the same access to it. This might be considered inconvenient, but this is a good thing in terms of security.
It still won't be popular with people who want to click and install, but it's certainly safer.
You could use virtual machines, but do note that running stuff in a virtual machine is safer in some ways it could be more dangerous in other ways - because there have been security flaws with virtualization stuff and some of the virtualization bits would have full system privileges.
More details: The problem you'll find is firefox is braindead, you can't run multiple instances of firefox in windows with different user accounts. So you'd have to have one firefox instance in a "subaccount", and multiple IE instances using different "subaccounts".
When I tried to get Chrome to run as a different user it just wouldn't work. So no Chrome for me.
Are those federal judges?
> no bar code, no machine printed labels, just hand-printed (or handwritten cursive) labels. That takes quite a bit more processing.
;).
But is that processing done by humans or by computers?
If it's really done by computers, I guess the USPS's system will have little trouble breaking most captchas.
If it's done by humans, then it should end up in a form easy for the computers to handle (e.g. similar problem to what FedEx and UPS have).
Maybe they scan some stuff and send it to the NSA/CIA/FBI
> UPS and FedEx would probably be a good bargain too if they were allowed to deliver junk mail
Do you have any evidence that this would be the case?
e.g. you have the average cost the USPS takes to process and deliver an item and you have some evidence that the UPS and FedEx can do much better than that, and that they would still charge less than the USPS.
Also consider what would likely happen if the USPS gets disbanded for whatever reason and UPS and FedEx take over. There will be less pressure to keep prices down (and fairly uniform). When that sort of thing happens in the USA it sure seems that most of the time the people get gouged and have to pay more for less.
There are a number of Indians with the name Habib. This should not be surprising as there are many Indians who are muslims or whose forefathers were muslims.
Just a search for Habib India will give you many Indians with that name e.g.:
http://en.wikipedia.org/wiki/Habib_Tanvir
1) NX is better than LBX. Even your link says LBX is crap, whereas there are lots of people saying NX is good and works well over low/mid bandwidth high latency links. So you should realize there must be a difference somewhere.
2) Google didn't reinvent anything. They just reimplemented NX stuff.
FWIW the Inuits (Eskimos) have managed to live quite well on a low carb diet (same for other hunter gatherers in places with low carb foods).
So much so that I think after so many generations on low carb diets, the Inuit "breed" of humans is more likely to have big problems with high carb diets (when all you have is a low carb diet, you're not going to kill off people who get mutations that make it harder to deal with carbs). Put them on a diet that includes fries+cola and they'll keel over faster than the average person.
Sure it's a matter of physics, but what a LOT of people miss out is that some people are more efficient than others.
:) ).
For example, some people just shit out more/less calories than others. Yep many so-called researchers don't measure the calories left in the feces - that's like financial advisers not taking into account differences in tax rates. Or a physicist doing thermodynamic calculations without taking into account heat leaking out.
So they could eat less, exercise the same amount, but still be fatter.
Don't believe me? In one study involving mice, there were fewer calories in the feces of obese mice. In another study, mice without gut bacteria remained slim eating the same stuff and doing the same things, then when they were given gut bacteria from the controls, they gained 60% more body fat on the same diet and apparently no change in activity was observed.
So obesity is not a simple problem to fix and _keep_ fixed.
Yes some people do choose to eat a lot (they just don't care and they like eating). Some have a strong urge to keep eating (much of this is related to bad diets, but not all). But some don't actually eat a lot - they're just more efficient - they fidget less, they waste less in their shit. If you shit out 20% less calories than some skinny guy, given the same food intake and daily activity, you'd probably be fatter than the skinny guy.
Thus saying "eat less, exercise more" is not helpful for many overweight people.
I'm a fairly skinny guy (doctor said I was underweight), if I were told to eat 20% less calories and exercise more to become lighter and keep doing it for the rest of my life to maintain a lighter and healthier weight, it could be pretty hard and I might need some help to do it without feeling miserable and not be malnourished.
Don't think that that's healthy for normal people to do? Studies have shown that for very many animals a 20% reduction in calorie intake = increase in lifespan with no increase in mortality to infectious diseases.
So before you say "eat less" to obese people. Why don't you try it yourself? Eat 20% less calories for health reasons but maintain the same activity. There is at least one researcher trying it on himself (he wants to live longer
Don't want to go through all that trouble just to live longer and avoid earlier onset of various diseases? Well many fat people are having to go through that trouble.
You're forgetting one major factor.
How many calories you excrete e.g. how much is left in the feces.
There can be a significant difference, and that's why some people eat the same amount, exercise the same amount, but still put on the pounds.
If some breeds of cows and pigs get fatter much faster than others, there is no reason to believe that this cannot be true for humans.
I'm a skinny guy and a fair bit of it is due to genetics. Some people's bodies when getting more calories will automatically burn them up faster - they can still get fat but it takes more effort.
The problem is people with certain sorts of genes eating the wrong food for them. Sure they can survive on it, but they won't thrive on it.
Milk products give lactose intolerant people problems. So similarly fries and sugar water make some people fat faster than others.
The other big problem is that many people were conditioned by their parents to finish all the food on their plates. No surprise these people have obesity problems when they live in wealthy countries where the restaurants find that they can make more money by charging higher prices for larger servings. Since people are more likely to feel satisfied if they are very full after an expensive meal, compared to being not quite full after a slightly cheaper but still expensive meal.
The standard US restaurant serving can serve two or more people from poorer countries. No surprise then if a US person that can manage that serving ends up weighing about the same as two or more poor people combined. And look at the sizes of the drinks - go work out how much sugar is in one of those huge drinks. If your body has no need for that sugar (for exercise/work) it has to convert that sugar to fat, or excrete it somehow (which means you have sugar in your urine = sign of diabetes), or it stays in the blood = another sign of diabetes.
Lastly, even if it's not a good thing for the people, obesity is not a huge economic problem especially for more socialist countries. Because obese people can still be fairly productive, they consume more (thus spreading the money around) and they die not long after their most productive years, thus costing less in health care (compared to someone who uses health care for one or two more decades and then gets cancer and needs equally expensive treatment before finally succumbing to something expensive after another 10 years).
Most browsers don't warn you if the certificate has changed even though it has months or even years left before it expires.
IE and Firefox have a dozen or two CAs installed by default. Go look them up. Do you trust that CA in "Elbonia"?
So the attacker just needs to convince or trick any of those CAs to sign the cert and voila, no warnings.
Funny. I believe Compaq bought DEC and HP then bought Compaq (ok they said it was a merger).
I do that anyway.
Because:
1) I don't trust either IE or Firefox to be secure enough.
2) I don't use AV software for my machines - AV software is getting crappier nowadays, it's getting harder to tell whether a machine is infected by malware or crappy AV software.
e.g. Lots of things running slower? System instability? Weird/dubious shit happening[1]? Hard to uninstall the crap? All of the previous?
BTW both Symantec and McAfee recently agreed to settle charges that they automatically charged customers software subscription renewal fees without their permission.
From a _technical_ viewpoint Linux is just as insecure as Windows, if not more so.
See the zero-day exploit for Firefox here: http://www.securityfocus.com/bid/34235
Even though it was exploited on windows there's NOTHING technically preventing it from being exploited on Linux. And keep in mind Firefox is not normally part of the default install of windows but it's in the default install for most Desktop Linux distros.
At least Vista and Windows 7 have IE sandboxed out of the box. Neither ubuntu nor opensuse have firefox sandboxed by default yet. I have made some suggestions to both Ubuntu and Opensuse on how to improve their stuff, maybe they'll get to them in 5 years time. Maybe never.
FWIW, I use Windows, Linux and FreeBSD at home.
[1] http://it.slashdot.org/article.pl?sid=09/03/10/139229
http://blogs.howstuffworks.com/2009/03/10/what-is-piftsexe/
http://voices.washingtonpost.com/securityfix/2009/03/symantec_users_complain_of_mys.html
On the contrary. Wake up and smell the shit.
;).
As I said, flowers aren't as common as shit. And if what you think are flowers look, smell, feel and behave like shit, they're not flowers.
You want to go on believing they're all the same - shit, flowers etc, that's up to you.
If what I said makes you feel uncomfortable because maybe you smell a hint of shit about you, take heart, because flowers can smell a bit of shit when there's so much shit around them.
BUT if it's really hard to tell the difference between you and shit, then in practice you are shit. That's the truth whether you like it or not.
Flowers can spring from shit given the right seeds, and flowers can be turned into shit.
Yes everything decays in the end, but even though I'm shit, it's often nice to be doing my crap under a bunch of flowers
They just change the stuff a bit and then resubmit it to get a few more years. Repeat ad nauseam.
The patent system is broken.
1) Trivial stuff get patented because there is no way the examiners can keep up with everything.
2) It doesn't really speed up progress.
For example: AMD comes up with something, but they infringe on Intel and vice versa so they have to spend resources cross licensing.
Now, if you're some small company that comes up with something new in the same field, and you don't have as much "patent ammo" as AMD or Intel, you can't build anything without infringing. BUT what you can do however is sit "twiddling your thumbs" while waiting to sue AMD, Intel, VIA if they infringe.
Heck in practice you don't even have to come up with something really new, you just have to patent obvious "next step" stuff - stuff as inventive as "100 methods of cracking eggs to make an omelette", and then sue people who try to make omelettes.
Whoopee, that sure encourages progress eh? Not.
It's fucked up.
If you want to encourage innovation and progress, it's better to give out Prizes for Innovation. A bit like Nobel Prizes. You could have many prizes a year and different categories of prizes - maybe one where "experts in the field" are judges and another with "members of the public" as judges (a bit like the Hugo Awards and Nebula awards). To be eligible for the prize you have to apply (pay a fee) to have your invention registered. If there's prior art, it's rejected. If only later they realize there's prior art that the examiners didn't know of at the time, that just makes you ineligible for the prize (whether you should get a partial refund or not, I'll leave that to others to work out).
As they say hindsight is 20/20:
1) It's easier in _hindsight_ to see that an invention was good, than for someone to see that a patent application deserves to be approved (instead of just rubberstamping stuff).
2) If the invention was indeed good, but just way ahead of it's time (only becomes amazingly useful 30 years later), the inventor could still get a Prize 30 years later. That's not true for patents (of course as mentioned you could constantly tweak your patents though and thus "refresh" them - but only the rich can afford to do that).
> Every year I've read about it, the order from first to last compromised has been Windows, Mac, and Linux.
Which year? And which pwn2own contest are you talking about?
In 2006, there was no pwn to own cansecwest contest. ;).
In 2007, it was mac first, but only macs were prizes
In 2008, it was mac first again (out of OSX, Ubuntu and Vista) on day 2 (nobody managed to pwn anything under the day one rules), and vista only on day 3 (due to adobe flash exploit).
http://dvlabs.tippingpoint.com/blog/2008/03/27/day-two-of-cansecwest-pwn-to-own---we-have-our-first-official-winner-with-picture?info=EXLINK
Day 1 rules = remote exploit - no user interaction
Day 2 rules = default client apps
Day 3 rules = popular 3rd party apps.
In 2009, it was safari on OSX first again, on day 1, followed by IE8 on Win7, followed by safari on OSX again, followed by firefox on Win7 (however multiple platforms were actually vulnerable to nils' attack[1]). All in day 1.
http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits
http://blogs.zdnet.com/security/?p=2917
http://blogs.zdnet.com/security/?p=2934
[1] http://www.securityfocus.com/bid/34235
Rules: .net, quicktime. User goes to link. ... User goes to link
Day 1: Default install no additional plugins. User goes to link.
Day 2: flash, java,
Day 3: popular apps such as acrobat reader
And Charlie Miller one of the pwners says OSX is easier:
http://blogs.zdnet.com/security/?p=2941
"It's really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows."
"For the amount of time he spent to do what he did on IE and Firefox, he could have found and exploited five or 10 Safari bugs. With the way they're paying $5,000 for every verifiable bug, he could have spent that same time and resources and make $25,000 or $30,000 easily just by going after Safari on Mac."
It does not have to be perfectly safe.
It just has to be safer or as safe.
They don't always keep getting booted out. And if they ever need extra staff it might not be too hard for them to convince the best of their team to join them from a crappy place that's become even crappier.
There are very many problems with being a good manager. Like I said, it's not easy to be a good manager :).
;).
You can say that your job was on the line for all you want, but if you behave like a crappy manager - promising the same bullshit deadlines and so on, tell me how can people tell the difference between you and a crappy manager? Not so easy right?
And is "everyone was doing it too!" an excuse worthy of a good manager?
If I have a "good" flashlight that somehow never shines in the darkness for various reasons, what's the difference between it and a broken flashlight? The "good" one works when it's nice and bright? That's not so useful eh?
FWIW not all organizations require you to promise bullshit deadlines. Missed deadlines and broken promises make upper management look bad too.
When upper management is really that bad and nobody (with the power to change things) cares, there's not much you can do other than do your best and look for a job some place less dysfunctional, when they finally kick you out or you leave before that.
Not all upper management is crap, but good and competent people aren't that common.
There are Big Bosses who appreciate people who try to tell them the truth and provide them accurate info - whether unpleasant, inconvenient or not. It's still their call in the end. Then there are those who are just parasites roaming from host to host, often bringing along their equally parasitic friends.
In most companies you can get by with being a mediocre manager.
;) ).
:).
;) ).
;) ). So most of them can barely be competent with existing stuff much less keep up with the latest tech.
:).
It's hard to be a good manager but a good middle manager is very valuable to a company (even if not valued by it
For example, say the manager is managing a project and a team of programmers.
1) When the Big Bosses ask the manager - hey when will the project be finished?
A crappy manager might just pull a date out of thin air and give that to the Big Bosses.
A mediocre manager might ask the programmers, and then give the resulting date to the bosses without any processing or safety margins.
Whereas a good manager would know which programmers tend to underestimate and which overestimate, come up with the Manager's actual expected date, and then add a big safety margin and then give that to the bosses.
A good manager will need to keep up with stuff enough to know when someone might be bullshitting him (and perhaps countercheck it with someone/a source he can trust).
2) Stuff happens and the manager has some misc extra stuff to do and assigns it to the team.
With a crappy manager, if the date was near ridiculous in the first place, some of the team might just start spending time preparing to leave (the top programmers can be quite re-employable). The project might then fail.
With a mediocre manager, it means the team have to put in extra hours. Savvy members of the team would now start padding their future estimates by a LOT (instead of just a bit), if they haven't been doing that already. Future projects would be estimated to take X years rather than X months, or the mediocre manager would have to start pulling figures out of thin air and hoping for the best
With a good manager, no changes. If the team starts trusting the manager's management skills more, they can start giving him/her less padded estimates.
People might say a top programmer is 10 to 100x more productive than an average programmer, but in the hands of a crappy/mediocre manager, the top programmer might be using his extra productivity doing more fun stuff like contributing to open source projects, writing some cool game, or just plain slacking off.
So with a good manager the productivity of a team can actually be far higher. Same team, different levels of productivity. Because the good middle manager can actually _manage_ the team and the bosses.
3) The bosses might then say, "hey can't you get stuff done earlier? We have to make an announcement to the press etc by Date XYZ, otherwise we'd look bad in comparison to the competitors."
A crappy manager would just push the date earlier and give that to the bosses.
A mediocre manager might do the same.
A good manager would negotiate (could we just announce the product rather than _release_ the product?) or see what he can get in return, for example in future he'd say to the bosses "Hey the team is overloaded already, we can't give them more stuff unless you want the project to slip".
If the big bosses are also good, after a while they will trust the good manager too - e.g. they can believe him when he says stuff can be done and by X, or it can't be done.
Whereas in the other cases, they'll just have to make stuff up and hope their Golden Parachute is well packed (as you can see, Golden Parachute packing skills are very important to Big Bosses
Note: most coders are crap. There'll be a few not so bad ones (not worthy of "DailyWTF"
So being a good manager is a bit like playing an RTS well, when:
1) you can't micromanage too much or you start having problems with your troops.
2) your troops are not that consistent, or reliable.
3) Most of your troops are crap, you have to figure out "which can do what", and which ones are just being lazy.
A good manager is very valuable (whether middle or upper management). An organization can do great things when it has good top management, good middle management and not too bad "grunts"
There is already this security mode, it's called running stuff as a different user. The browsers would be running as different (limited/restricted) users.
The operating system enforces the separation. If you find a problem with the separation, then that's a huge bug in the OS. Ever since the 1960/70s users in proper multi-user O/Ses cannot access each others files, data and processes, unless the permissions are explicitly granted.
The browser executables are only writable by the admin/system. So they won't be changed unless there is a "local/remote root" exploit.
The cookies, bookmarks etc are separate and different - since they are browsers on different accounts.
Try it. Create multiple _limited_ users (and reduce their access further if you want).
Give your main account access to the files of those limited users (otherwise you wouldn't be able to access the downloads etc with your main account, or copy in uploads).
Then in your main account create multiple shortcuts with:
C:\WINDOWS\system32\runas.exe /savecred /profile /user:core\_WWW_USER_X "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
Replace _WWW_USER_X with the different created users.
Give the shortcuts different icons.
Note that /savecred isn't a big security hole here since you are saving the credentials of limited users that have less access than your main account.
To test: from the browser "open file" or "save as" you'll find that you can't save stuff to your main user account folders or the other browser accounts. Another thing you might notice is that if the browser opens files (pdfs, wmvs, mp3s) the opening application will also be running as the browser user (which is a good thing in security terms).
The usability problem is distinguishing the browser instances from each other since they tend to look the same. But the Links bars and other toolbars will be different. Plus for me one IE instance makes the "click" sound when you click on links, another one doesn't, and then yet another browser instance is running firefox instead.
There are also little things like if you rename files/folders in a File Dialog, the notifications don't get to the browser so it still displays the out of date file list, you'd have to press F5 to explicitly update.
IE7/8 on Vista makes this sort of thing simpler and more accessible to users. That's why despite what the Linux fanatics say, Vista has actually better security than "Desktop Linux" from a technical perspective - no Linux popular distro is configured by default to sandbox browsers using SELinux or AppArmor[1].
Vista sucks in other ways though ;).
Keep in mind this is not bulletproof because there may be things like exploitable bugs in the graphics drivers, but the attackers know there are millions of easier users+systems to attack, so it's unlikely they'd bother using those for now.
[1] This is about as far as OpenSuse has got: http://en.opensuse.org/AppArmored_FireFox
Similar for ubuntu: https://bugs.launchpad.net/ubuntu/+source/firefox-3.5/+bug/382917
Which is nothing in practice.
To me the big problem with Catholicism is it adds so many potential and _unnecessary_ problems or stumbling blocks for its adherents.
Examples:
The veneration of Mary.
The praying to the saints. Yes some Catholics understand that differently, but so many stumble into something that resembles polytheism.
Indulgences.
The vows of celibacy. Sure celibacy is fine (and so is marriage), but they made it into a _requirement_ that priests must have.
The chastity/celibacy of Christ is sometimes used as justification but Jesus and others have referred to himself as the Bridegroom, and there going to be a wedding, so since he's not married yet, he has to be celibate.
We already have enough trouble with the really necessary stuff (following Jesus), why add extra unnecessary stuff that causes problems in so many cases?
> Or, when the user does a bank transaction, act as a MITM and when a user does a small transfer,
Like I said, use different browsers for different things. Stick to doing bank stuff with a browser that's dedicated for $$$ stuff.
You don't have to run everything in one browser whether it's sandboxed or not.
You can launch multiple instances of IE running as different users.
You can create multiple user accounts. With Windows XP you can use Tweak UI to control what accounts show in the default XP login screen.
Then log in as your main (non-admin) user, and use browsers running as the different users for different things. For example, you have different browsers for bank stuff, shopping, normal browsing (google, slashdot etc), and less trusted browsing (which is set to be the "default browser" - what launches when you click on a link in an email etc).
Let the main user have access to the download directories of those browsers and that's pretty much it.
There's a bit of hassle since you'd have to copy files to be able to upload them to facebook/gmail etc, but that's also a feature in terms of security - only the files you want to upload get uploaded (you can delete them after that). Note: on XP if you run main user as userX, and browser as userY, if userX has a network share mounted, userY does not automatically get the same access to it. This might be considered inconvenient, but this is a good thing in terms of security.
It still won't be popular with people who want to click and install, but it's certainly safer.
You could use virtual machines, but do note that running stuff in a virtual machine is safer in some ways it could be more dangerous in other ways - because there have been security flaws with virtualization stuff and some of the virtualization bits would have full system privileges.
More details:
The problem you'll find is firefox is braindead, you can't run multiple instances of firefox in windows with different user accounts. So you'd have to have one firefox instance in a "subaccount", and multiple IE instances using different "subaccounts".
When I tried to get Chrome to run as a different user it just wouldn't work. So no Chrome for me.
Maybe I should have written "an arm or a head" instead? I thought that would have been a bit too obvious.
Try 6 kilowatts / 45 kph and you'll get:
(6 kilowatts) / (45 kph) = 480 newtons
e.g. if 6 kilowatts only gets you to a max speed of 45 kph that means there's 480 newtons of resistance/drag.
FWIW, I tried 6.40869141 terabytes in library of congress (and also libraries of congress), and Google didn't help with that.