There are plugins/extensions/hacks to allow everything you listed to work exactly as you described already. Just Google it.
I have had a unified variation of Joomla/phpbb/wiki/gallery all running as independent systems for a couple of years now. It is a fairly minor leap to add any of it to anything.
Shit, I violated that patent 10 times yesterday before my first cup of coffee and did not even know it. Good thing I am judgment proof (i.e. very small bank account).
For instance my local office server that is not really connected to the internet, and has no local users besides myself that can access it directly. So, to use this exploit on it would involve one extra step. A step over my dead body. Thus, not in a panic to go patch this anytime soon.
I am really more concerned about the up time of my beer cooler.
This is easily used as a remote exploit from the looks of it. Someone correct me if I am wrong here. Some of the new linux users are likly getting the impression you need to be physically sitting at the machine.
Say you have virtual server somewhere as is common to most low end VPS hosting companies with linux running on it with a reseller account. What is there a few million of these or more around the World likly?
You have given clients ssh access to use sftp. So, they have limited local user rights, if they are not properly jailed.
In theory then this is part of a remote exploit on certain systems that will give elevated privileges.
If you pick a bleeding edge distro like Ubuntu, that is what you get.
There is a reason server distros red hat and the like, are super "outdated" by Ubuntu user standards. They are patched regularly, security fixes are added, perhaps some hardware support, but it is patching a static target rather than the flavor of the month kernel, drivers, and every other thing including patching the kitchen sink. Pick a conservative distro if you want stability.
Everyone has to learn in the hard way sooner or later, myself included. Thus, why I don't use windows anymore.
I lived in a town in Central America for a while. I met a guy living there that was openly going around bragging to everyone he was an escaped murder from Texas. Through some other more reliable people with contacts I asked around, and they confirmed it was true. The U.S. embassy and the FBI knew he was there, and told him as long as he did not try to return to the U.S. they would not go after him.
In Nevada something like 80% of the people picked up on out of State warrants are just released after a few days because the other States do not want to pay to have them sent back. That is inside the U.S. Having someone picked up and extradited from outside the U.S. only happens in the highest profile crimes.
Writing from the tip of South America with a current ping time of around 250 - 300 ms to my server in the San Jose in the middle of the night I can tell you it matters. I have to run a server in the States for my clients in the Northern hemisphere, and a Server in South America for my office in the southern hemisphere because latency and quality of connections between them matters even for a relatively small and light computing I do in my biz. It is a problem for me with just a few web and email servers, anyone doing serious heavy lifting it would really matter. Connections inside both countries are good, it is the connections between the countries that are crap.
After 10 years of doing IT work in developing countries (Latin America to China), I would say less than 1% of the Internet connected World I have seen is really on your super "internet" even at the corporate level. Outside high density new urban areas, very very few people have ever seen more more than even a 4 mb connection consistently, and most of the Internet connected World still happens on less than a 1mb. By that I mean it does not exist. It is not a matter of money (although that helps), it simply does not exist. It will be another 5 - 10 years at least or more.
yea, that would be why the NSA is moving a data / translation center there. Those tards can not even speak English, just every other language in the World.
As a stock holder of google and card carrying hater of all things MS, I would be pretty pissed to wake up and find I owned 68% of MS instead of Google.
Black labs I am convinced where bread to be the stupidest animal possible. Not because they are black, but because they where bread to jump in to freezing water, retrieve a duck, and like it. Any animal that will wag its tail after that and want to do it again is fairly dumb.
Again another instance of why there needs to be some organizational standards and not just coding standards to the structure of FOSS projects. Every time I bring this up on Slash, I get my head bit off; but with all the noobs suddenly finding FOSS and jumping in to start and run projects it is becoming an increasing problem in FOSS. I suspect because those with the experience are progressively spread thinner. Every week there is another story on slash about some project or another where the top guys went AWOL and everyone is stuck. You just have to look around the FOSS landscape for similar examples.
Downstream and sometimes upstream providers and users depend on the stability and health of the projects to make decisions about their own projects. Companies and just end users need to be able to determine that a project is not going to implode in making decisisons.
We need a standardization process for evaluating how FOSS projects function. A FOSS ISO organizational certification or something to allow us to evaluate entire chains of software and the projects they depend on for projects internal stability, and not just the quality of the code produced.
I do appreciate the survival of the fittest / wild west mentality and how it produces superior code, but FOSS in general is maturing and the internal organization of FOSS projects can not be ignored for much longer. I am not saying we stop that, but as any particular FOSS project becomes critical to the eco-system, we should have some standards to designate what is and is not a reliable source of code or programs. Start with a simple grading and review system that evaluates the stability of the organizations behind any particular project.
It would seem that if you can say profile someone by the way they type, this would just make it easier to ID people by the way they use their keyboard.
Great for invasion of privacy uses, but also might make for new types of biometric security. If you are logged in to a session, and some other person starts using your keyboard the computer to could just lock you out.
Now, if we can just figure out how to secure Windows somehow.
I think this is wonderful. The more absurd no limits patents that are issued, the sooner it will reach the proper critical mass (mess) we need for the whole patent system to properly implode on itself. At some point it is going to become obvious that better than 50% of the patents are invalid for one reason or another, the other 50% where just useless; and, the whole mess is just holding back innovation and stifling profits. Even MS might wake up one morning and discover that they the patent system is costing them too much money and waisting too much of their resources, and no idiot in their right mind would actually pay them for most of their patent portfolio.
I think you are on to something as a legal argument here:
The open source license and the source code is the warranty. Essentially it is full disclosure and the responsibility of the user to evaluate the suitability of its use in a given situation. It is the 'if I screwed up making this software, here is the code for you to find, fix, or improve' warranty 'but I did not build it for any particular user and thus we are not in some sort of implied contract'.
For example, if you buy a car and get in a car accident, the end user has very little to stand on legally if he did not know how to drive a car.
Now, a company say like Red Hat that provides the service of installing and maintaining that software on the behalf of some other user might have some sort of liability depending on their contract for not fully evaluating or keeping up with whatever.
The question is can that unique ID be sufficiently linked to say a certain country (country codes or similar) to say wire to an bomb or target a national for kidnapping just because their passport or other documents got scanned as they passed?
There are real world safety implications. It is not about the information, it is about how the information is obtainable / delivered.
That is why every time the U.S. goes to war again after being out for a few years, we go through a rapid replacement of officers at the top. Piece time officers that got promoted for storming their desk, rarely make good leaders in combat because they do not adapt well.
Slashdot Mirror
So, is this suppose to be Googles first attempt at sort of online ajax desktop?
There are plugins/extensions/hacks to allow everything you listed to work exactly as you described already. Just Google it.
I have had a unified variation of Joomla/phpbb/wiki/gallery all running as independent systems for a couple of years now. It is a fairly minor leap to add any of it to anything.
It is the end of patents as we know it, and I feel fine.
Everyone sing along now.
It is the end of patents as we know it, ....
Shit, I violated that patent 10 times yesterday before my first cup of coffee and did not even know it. Good thing I am judgment proof (i.e. very small bank account).
What about abortion?
A medical procedure. That would the test of just how bias they are.
Depends what you do with your box.
For instance my local office server that is not really connected to the internet, and has no local users besides myself that can access it directly. So, to use this exploit on it would involve one extra step. A step over my dead body. Thus, not in a panic to go patch this anytime soon.
I am really more concerned about the up time of my beer cooler.
This is easily used as a remote exploit from the looks of it. Someone correct me if I am wrong here. Some of the new linux users are likly getting the impression you need to be physically sitting at the machine.
Say you have virtual server somewhere as is common to most low end VPS hosting companies with linux running on it with a reseller account. What is there a few million of these or more around the World likly?
You have given clients ssh access to use sftp. So, they have limited local user rights, if they are not properly jailed.
In theory then this is part of a remote exploit on certain systems that will give elevated privileges.
Am I right about this?
It is only really a bug or security concern if it interrupts FOSS guys watching porn.
What the hell. The earth is full of bugs. He is can't produce bug free hardware or software either.
If you pick a bleeding edge distro like Ubuntu, that is what you get.
There is a reason server distros red hat and the like, are super "outdated" by Ubuntu user standards. They are patched regularly, security fixes are added, perhaps some hardware support, but it is patching a static target rather than the flavor of the month kernel, drivers, and every other thing including patching the kitchen sink. Pick a conservative distro if you want stability.
Everyone has to learn in the hard way sooner or later, myself included. Thus, why I don't use windows anymore.
yea, especially when they have no intention / ability of paying the money back to law abiding citizens.
I lived in a town in Central America for a while. I met a guy living there that was openly going around bragging to everyone he was an escaped murder from Texas. Through some other more reliable people with contacts I asked around, and they confirmed it was true. The U.S. embassy and the FBI knew he was there, and told him as long as he did not try to return to the U.S. they would not go after him.
In Nevada something like 80% of the people picked up on out of State warrants are just released after a few days because the other States do not want to pay to have them sent back. That is inside the U.S. Having someone picked up and extradited from outside the U.S. only happens in the highest profile crimes.
And there is no law that says immigration has to give a shit.
Really, check it out. There really is no law that says any law enforcement office has to give a shit.
Writing from the tip of South America with a current ping time of around 250 - 300 ms to my server in the San Jose in the middle of the night I can tell you it matters. I have to run a server in the States for my clients in the Northern hemisphere, and a Server in South America for my office in the southern hemisphere because latency and quality of connections between them matters even for a relatively small and light computing I do in my biz. It is a problem for me with just a few web and email servers, anyone doing serious heavy lifting it would really matter. Connections inside both countries are good, it is the connections between the countries that are crap.
After 10 years of doing IT work in developing countries (Latin America to China), I would say less than 1% of the Internet connected World I have seen is really on your super "internet" even at the corporate level. Outside high density new urban areas, very very few people have ever seen more more than even a 4 mb connection consistently, and most of the Internet connected World still happens on less than a 1mb. By that I mean it does not exist. It is not a matter of money (although that helps), it simply does not exist. It will be another 5 - 10 years at least or more.
yea, that would be why the NSA is moving a data / translation center there. Those tards can not even speak English, just every other language in the World.
As a stock holder of google and card carrying hater of all things MS, I would be pretty pissed to wake up and find I owned 68% of MS instead of Google.
yea, they can almost buy Google:
MS market cap: 208.15B
Google Market cap: 143.5B
Depending on how the markets are blowing.
Black labs I am convinced where bread to be the stupidest animal possible. Not because they are black, but because they where bread to jump in to freezing water, retrieve a duck, and like it. Any animal that will wag its tail after that and want to do it again is fairly dumb.
Again another instance of why there needs to be some organizational standards and not just coding standards to the structure of FOSS projects. Every time I bring this up on Slash, I get my head bit off; but with all the noobs suddenly finding FOSS and jumping in to start and run projects it is becoming an increasing problem in FOSS. I suspect because those with the experience are progressively spread thinner. Every week there is another story on slash about some project or another where the top guys went AWOL and everyone is stuck. You just have to look around the FOSS landscape for similar examples.
Downstream and sometimes upstream providers and users depend on the stability and health of the projects to make decisions about their own projects. Companies and just end users need to be able to determine that a project is not going to implode in making decisisons.
We need a standardization process for evaluating how FOSS projects function. A FOSS ISO organizational certification or something to allow us to evaluate entire chains of software and the projects they depend on for projects internal stability, and not just the quality of the code produced.
I do appreciate the survival of the fittest / wild west mentality and how it produces superior code, but FOSS in general is maturing and the internal organization of FOSS projects can not be ignored for much longer. I am not saying we stop that, but as any particular FOSS project becomes critical to the eco-system, we should have some standards to designate what is and is not a reliable source of code or programs. Start with a simple grading and review system that evaluates the stability of the organizations behind any particular project.
It would seem that if you can say profile someone by the way they type, this would just make it easier to ID people by the way they use their keyboard.
Great for invasion of privacy uses, but also might make for new types of biometric security. If you are logged in to a session, and some other person starts using your keyboard the computer to could just lock you out.
Now, if we can just figure out how to secure Windows somehow.
I'll patent the patenting of complaining about MS using XML. I'll make an even bigger fortune.
I think this is wonderful. The more absurd no limits patents that are issued, the sooner it will reach the proper critical mass (mess) we need for the whole patent system to properly implode on itself. At some point it is going to become obvious that better than 50% of the patents are invalid for one reason or another, the other 50% where just useless; and, the whole mess is just holding back innovation and stifling profits. Even MS might wake up one morning and discover that they the patent system is costing them too much money and waisting too much of their resources, and no idiot in their right mind would actually pay them for most of their patent portfolio.
I think you are on to something as a legal argument here:
The open source license and the source code is the warranty. Essentially it is full disclosure and the responsibility of the user to evaluate the suitability of its use in a given situation. It is the 'if I screwed up making this software, here is the code for you to find, fix, or improve' warranty 'but I did not build it for any particular user and thus we are not in some sort of implied contract'.
For example, if you buy a car and get in a car accident, the end user has very little to stand on legally if he did not know how to drive a car.
Now, a company say like Red Hat that provides the service of installing and maintaining that software on the behalf of some other user might have some sort of liability depending on their contract for not fully evaluating or keeping up with whatever.
The question is can that unique ID be sufficiently linked to say a certain country (country codes or similar) to say wire to an bomb or target a national for kidnapping just because their passport or other documents got scanned as they passed?
There are real world safety implications. It is not about the information, it is about how the information is obtainable / delivered.
That is why every time the U.S. goes to war again after being out for a few years, we go through a rapid replacement of officers at the top. Piece time officers that got promoted for storming their desk, rarely make good leaders in combat because they do not adapt well.