We pay for our schools through property taxes, so every few years the school system has to go begging to the local residents for their budget, which amounts to a property tax increase, and we vote on it in local elections. Sometimes it passes, sometimes it doesn't. When it doesn't, they scrub the budget, and frequently threaten to eliminate sports or music or whatever appeals most to the tax base. Eventually a budget and funding pass. But the process ain't pretty. Right now schedules in the middle school look like they were put together by a butcher, I suspect because they were working with what they could get for teachers and facilities.
Actually, the question about GPL with respect to China isn't so much whether they respect it, as whether they inspire other nations to follow suit.
I look for China to turn into a 400lb gorilla to the US, especially as we'll have emasculated ourselves by outsourcing as China reaches into its strength. Oh, and *some* sufficient level of modernization. Don't forget, they can have backwaters bigger than the US and Europe put together, and still field more modern base than both put together. China is BIG.
I won't argue about reliablilty of floppies, but I thought it was because mine were old. I bought new ones for the kids. I'll have to ask them about front-panel USB at school. (but I doubt they have it.)
is that AOL moved to sending out CDs a long time ago, so our free floppy source is all gone.
(Actually, that's only *half* humor.)
More seriously, I recently bought floppies for my kids to take data to and from school. Schools seldom have *new* equipment, CDRWs are finicky for older drives, and as someone else said, you hate to burn a CDR for memtest86. Kids' reports are smaller than that, even with multisession. KISS.
Now many Slashdotters will claim it's extremely bad news, for exactly the same reason.
My take... If you really disbelieve in NASA and the Shuttle that much, ANYTHING that happens is irrelevant. Because the only thing that will make you happy is shutting down NASA completely, because you have no faith in any of their manned space initiatives.
Watching Slashdotters discuss space is about like seeing the same thing on sci.space.tech. EVERY launch proposal is TERRIBLE, to the others. The only difference is that NASA's is twice as terrible to all of them.
If you really feel that way, NASA is irrelevant and never will become so. Abolishing NASA will do nothing to put money in your pet proposal, either. Keep watching the X-Prize. Remember that even after the X-Prize is won, orbit is 25X harder to do, energetically speaking.
Someone would be working harder to investigate why no-bid contracts were let to the Vice-President's former company. IMHO, the "Only Haliburten is big enough to do that kind of stuff," excuse doesn't really wash.
Nobody saw 9/11 coming... Nobody in the government was even looking that direction! No wonder nobody put the pieces together, the pieces weren't on the table. After Inauguration day in 2001, the focus of the US left the Middle East and moved to Missle Defense and the ABM treaty. It was as palpable as seeing the focus of the Eye of Sauron move at the end of Return of the King.
Faulty intelligence - oops. The year before the War in Iraq, it there was reporting that the Administration was shopping for Intelligence that would support it's desire for War. At the time, it was also well-reported that CIA evidence didn't support invasion. Stunning that the CIA ended up taking the fall.
President Bush's National Guard records have 'disappeared', as well as any opportunity to establish whether he really was or was not AWOL that year of Alabama service prior to early discharge.
The Vice President held closed-door sessions to establish a National Energy Policy, with no public records. "Candid opinions" aside, this is part of national policy, it affects all of us, and we have NO visibility into the process, or even the players.
Speaking of the Cloak of Secrecy, when you spread that Cloak around the government, it goes all the way to the bottom. It's not enough to trust the Man at the Top, you have to trust EVERYONE under him - right down to the guards at Abu Graib. The Constitution attempted to create a government where you could trust the process, so that if the people were not trustworthy, there would be checks and balances.
Finally, if it were a "liberal media"....
It wouldn't have hounded Al Gore into oblivion, while giving a giving G.W. Bush a pass on his very limited qualifications. Bush was a 1.5 term governor - less than 6 years on public service.
It wouldn't have hounded Bill Clinton for 7.5 years of his presidency, and said nothing as a 7.5 year "fishing expedition" began over a measly $200,000 real estate *loss*. Lewinsky was inexcusable, but it hadn't even happened when the fishing expedition began, or went through it's first several morphs.
It wouldn't now be giving Kerry short-shrift on getting his message out, while forgiving above Bush administration issues. The ONLY time I've heard Kerry sound interesting or impressive was the acceptance speech on C-SPAN - the one time I've heard more than two sentences out of his own mouth without some form of extraction or editorializing.
And if you don't believe that, look on Slashdot! Others of the European pursuasion have stated that even the American Left is to the Right of Europe's center. We can't see or evaluate slant, because we're all so slanted, ourselves.
You've named one name, and to be honest, I won't dispute that one. (Though others will comment on his "reality distortion field.") There are others I won't dispute, either. Bill Gates may well be in that category, but remember that his salary isn't that high, he's rich because he was on the ground floor, and didn't sell out. One by one, I can agree that some CEOs are worth a lot.
But all of them? Even the ones of failing companies?
Plus we're not talking 40X here. Years back, I heard Eisner's "total annual compensation" placed in the $100,000,000 range. If we guess that the guy serving the mouse-eared ice cream bars made $50,000 per year, that's not 40X, that 2000X. Further, I suspect the $50k estimate is generous.
Bring that back to perspective, I don't know how Eisner's compensation is these days, but Disney is not considered to be doing well - they were a takeover target only a few months back. To bring Jobs back to the picture, the Disney/Pixar debacle is a black eye on the former, not the latter.
Yesterday's paper also mentioned that top-paying CEOs were the ones who outsourced the most. To give a $100,000,000 CEO a 3% raise, (and the CEOs on yesterdays "top" list averaged 46%, but they probably were "only" in the few million range.) you need to eliminate 60 of those $50,000 positions.
I still maintain that for most CEOs, outside of a few shining stars, they're in an overpay-ourselves club.
To add to that point, and sound more capitalistic about it...
That one person's work can be worth more than another's is obvious, IMHO. That it is worth THAT MUCH more (your example is 40X, I'm not going to quibble about numbers) indicates to me that the CEO is grabbing money. I would argue that the CEOs have formed a sort of club, and in that club they can all raise their own pay, and that they have done so completely out of line with what they're producing.
Even failing companies have highly paid CEOs with golden parachutes. If the CEO were worth THAT much, the company wouldn't be failing. Even when a CEO gets dumped, he gets a severance package that exceeds my life's earnings.
Actually, I'm not sure about this one. The case was after all "U.S. vs Microsoft," and it was prosecuted by the Justice Department, and it was over the Antitrust (Smith-Tunney or Sherman?) Act. That sounds criminal to me. Civil suits usually have a different nomenclature about them.
about a Chinese emperor. He wanted to be known as a great patron of the arts and sciences. So he ordered all books and paintings burned. Then he got the artists and scientists to together to rewrite the books and repaint the paintings. That way all of this innovation would date from his reign.
Re:It ends when they get some tech folks in there
on
More Microsoft Patents
·
· Score: 1
Don't feel so smug. As far as I can tell, Europe is following the US down the same silly path.
Greetings from the Far East.
Re:It ends when they get some tech folks in there
on
More Microsoft Patents
·
· Score: 5, Insightful
No. It ends when US IP Law gets to silly that innovation is completely stifled in this country. At that point, real innovation will have moved overseas, and the USPTO will be irrelevant.
(Why should I give more of MY money to one of the richest men on Earth for XP, when it's a dual-boot and Win98SE is just there for the games? Answer: sometime soon I expect games to REQUIRE WinXP, but I'll keep MY money MINE until then.)
How many Firefox/Mozilla users spoof their user agent to look like IE, so they can get into criminal* sites that require only IE?
*Isn't aiding and abetting criminal activity itself a crime, and isn't Microsoft a convicted criminal monopolist *precisely* over the IE bundling issue? So if you enforce an IE-only site isn't that what you are doing?
You appear to have missed julesh's statement. He has reason to believe that Microsoft started from the MIT code. That leaves 4 possibilities:
1: Julesh is wrong, and MS did their own Kerberos from the ground-up, in which case the rest is as you say. 2: MS began with the MIT Kerberos code, but tossed the part where the double-free was, because they had their own tweaks, anyway. Net result, largely the same as (1) above. 3: MS began with the MIT Kerberos code, but didn't touch the part where the double-free is. In this case, they have the same security exposure. 4: MS began with the MIT Kerberos code, found and fixed the double-free, but told nobody. This is what killjoe is talking about.
It's all moot, because most of us will never know. For that matter, I'm not competent to audit code for security, but I'm awfully glad that others are, and publish their results, appropriately.
Windows Kerberos is a different implementation, so it shouldn't be affected.
OTOH, as far as I can tell, MIT Kerberos is NOT under the GPL. A little quick searching and I can't really tell what license it is under, except perhaps MIT's own license. In that same look, I didn't see redistribution/modification provisions, so I have no way to know if it's more like GPL or BSD.
So perhaps Windows Kerberos really IS based on MIT. I just don't know, and don't know how to find out. As for the implementation-dependent security of Windows Kerberos, we just don't know about that, either. Furthermore, without signing some sort of potentially-restrictive NDA, or reverse-engineering the code, it may well be unknowable. So maybe it's more secure, maybe it isn't.
That's the point about Open Source. We know there's a flaw in the MIT implementation. We also know that there are fixes out, already.
I've been fooling with the whole Kerberos/SASL/LDAP thing, and for the moment that means using Heimdal, because MIT isn't thread-safe. I guess newer SASL can have thread-safe locks wrapped around the Kerberos calls, but I've already got Heimdal installed.
Heimdal can also store its keys in LDAP, kind of a Worm Ourboros. In ways it seems a little frightening, because another program has the keys to your keys, but I've seen others state that this opens up good capabilities. I need to read more. I need more time.
Re:Microsoft. Software patents. Mono
on
Ballmer on Linux
·
· Score: 1
To answer you and anonymous the same way...
Maybe MS couldn't win in court. But the threat of a suit, and a pending suit can both be about as bad as a suit. Careful public relations can make it look as if OSS is 'cheapo cloners' and MS is the injured party, at least long enough to cut off Novell's air supply. (to use a phrase) Justice has little to do with it.
Re:O.S. vs proprietary source vs infringement
on
Ballmer on Linux
·
· Score: 1
Probably noy, but in the past they've kept potentially illegal contract terms, such as per-cpu-like licensing terms illegal with just such a mechanism.
O.S. vs proprietary source vs infringement
on
Ballmer on Linux
·
· Score: 1
Far easier to discover infringement in Open Source software. No doubt if you were to discover it in Microsoft (or any other proprietary) source, you'd be under some sort of NDA that included a gag order expressly forbidding you from disclosing patent infringement.
Microsoft. Software patents. Mono
on
Ballmer on Linux
·
· Score: 4, Interesting
Mono scares the living daylights out of me.
Given the triviality and obviousness of patents being issued today, there's practically no way Mono can be non-infringing. Yet it's even more dangerous to check for it, because then you get into a triple-indemnity situation. Letting Mono burrow its way into Linux culture, software, infrastructure, and support is ASKING for trouble a few years down the road. It's putting a giant SUE ME sign out.
Besides, "Microsoft done right" isn't aiming that high. We could do better.
We pay for our schools through property taxes, so every few years the school system has to go begging to the local residents for their budget, which amounts to a property tax increase, and we vote on it in local elections. Sometimes it passes, sometimes it doesn't. When it doesn't, they scrub the budget, and frequently threaten to eliminate sports or music or whatever appeals most to the tax base. Eventually a budget and funding pass. But the process ain't pretty. Right now schedules in the middle school look like they were put together by a butcher, I suspect because they were working with what they could get for teachers and facilities.
Actually, the question about GPL with respect to China isn't so much whether they respect it, as whether they inspire other nations to follow suit.
I look for China to turn into a 400lb gorilla to the US, especially as we'll have emasculated ourselves by outsourcing as China reaches into its strength. Oh, and *some* sufficient level of modernization. Don't forget, they can have backwaters bigger than the US and Europe put together, and still field more modern base than both put together. China is BIG.
I guess your bond levies pass, don't they?
I won't argue about reliablilty of floppies, but I thought it was because mine were old. I bought new ones for the kids. I'll have to ask them about front-panel USB at school. (but I doubt they have it.)
Assume for a moment that China *doesn't* need Microsoft, and that Red Flag Linux takes off.
Will China respect the GPL?
is that AOL moved to sending out CDs a long time ago, so our free floppy source is all gone.
(Actually, that's only *half* humor.)
More seriously, I recently bought floppies for my kids to take data to and from school. Schools seldom have *new* equipment, CDRWs are finicky for older drives, and as someone else said, you hate to burn a CDR for memtest86. Kids' reports are smaller than that, even with multisession. KISS.
Now many Slashdotters will claim it's extremely bad news, for exactly the same reason.
My take... If you really disbelieve in NASA and the Shuttle that much, ANYTHING that happens is irrelevant. Because the only thing that will make you happy is shutting down NASA completely, because you have no faith in any of their manned space initiatives.
Watching Slashdotters discuss space is about like seeing the same thing on sci.space.tech. EVERY launch proposal is TERRIBLE, to the others. The only difference is that NASA's is twice as terrible to all of them.
If you really feel that way, NASA is irrelevant and never will become so. Abolishing NASA will do nothing to put money in your pet proposal, either. Keep watching the X-Prize. Remember that even after the X-Prize is won, orbit is 25X harder to do, energetically speaking.
If the media were slanted to the left...
Someone would be working harder to investigate why no-bid contracts were let to the Vice-President's former company. IMHO, the "Only Haliburten is big enough to do that kind of stuff," excuse doesn't really wash.
Nobody saw 9/11 coming... Nobody in the government was even looking that direction! No wonder nobody put the pieces together, the pieces weren't on the table. After Inauguration day in 2001, the focus of the US left the Middle East and moved to Missle Defense and the ABM treaty. It was as palpable as seeing the focus of the Eye of Sauron move at the end of Return of the King.
Faulty intelligence - oops. The year before the War in Iraq, it there was reporting that the Administration was shopping for Intelligence that would support it's desire for War. At the time, it was also well-reported that CIA evidence didn't support invasion. Stunning that the CIA ended up taking the fall.
President Bush's National Guard records have 'disappeared', as well as any opportunity to establish whether he really was or was not AWOL that year of Alabama service prior to early discharge.
The Vice President held closed-door sessions to establish a National Energy Policy, with no public records. "Candid opinions" aside, this is part of national policy, it affects all of us, and we have NO visibility into the process, or even the players.
Speaking of the Cloak of Secrecy, when you spread that Cloak around the government, it goes all the way to the bottom. It's not enough to trust the Man at the Top, you have to trust EVERYONE under him - right down to the guards at Abu Graib. The Constitution attempted to create a government where you could trust the process, so that if the people were not trustworthy, there would be checks and balances.
Finally, if it were a "liberal media"....
It wouldn't have hounded Al Gore into oblivion, while giving a giving G.W. Bush a pass on his very limited qualifications. Bush was a 1.5 term governor - less than 6 years on public service.
It wouldn't have hounded Bill Clinton for 7.5 years of his presidency, and said nothing as a 7.5 year "fishing expedition" began over a measly $200,000 real estate *loss*. Lewinsky was inexcusable, but it hadn't even happened when the fishing expedition began, or went through it's first several morphs.
It wouldn't now be giving Kerry short-shrift on getting his message out, while forgiving above Bush administration issues. The ONLY time I've heard Kerry sound interesting or impressive was the acceptance speech on C-SPAN - the one time I've heard more than two sentences out of his own mouth without some form of extraction or editorializing.
And if you don't believe that, look on Slashdot! Others of the European pursuasion have stated that even the American Left is to the Right of Europe's center. We can't see or evaluate slant, because we're all so slanted, ourselves.
You've named one name, and to be honest, I won't dispute that one. (Though others will comment on his "reality distortion field.") There are others I won't dispute, either. Bill Gates may well be in that category, but remember that his salary isn't that high, he's rich because he was on the ground floor, and didn't sell out. One by one, I can agree that some CEOs are worth a lot.
But all of them? Even the ones of failing companies?
Plus we're not talking 40X here. Years back, I heard Eisner's "total annual compensation" placed in the $100,000,000 range. If we guess that the guy serving the mouse-eared ice cream bars made $50,000 per year, that's not 40X, that 2000X. Further, I suspect the $50k estimate is generous.
Bring that back to perspective, I don't know how Eisner's compensation is these days, but Disney is not considered to be doing well - they were a takeover target only a few months back. To bring Jobs back to the picture, the Disney/Pixar debacle is a black eye on the former, not the latter.
Yesterday's paper also mentioned that top-paying CEOs were the ones who outsourced the most. To give a $100,000,000 CEO a 3% raise, (and the CEOs on yesterdays "top" list averaged 46%, but they probably were "only" in the few million range.) you need to eliminate 60 of those $50,000 positions.
I still maintain that for most CEOs, outside of a few shining stars, they're in an overpay-ourselves club.
To add to that point, and sound more capitalistic about it...
That one person's work can be worth more than another's is obvious, IMHO. That it is worth THAT MUCH more (your example is 40X, I'm not going to quibble about numbers) indicates to me that the CEO is grabbing money. I would argue that the CEOs have formed a sort of club, and in that club they can all raise their own pay, and that they have done so completely out of line with what they're producing.
Even failing companies have highly paid CEOs with golden parachutes. If the CEO were worth THAT much, the company wouldn't be failing. Even when a CEO gets dumped, he gets a severance package that exceeds my life's earnings.
The disparity is not the issue, the magnitude is.
Actually, I'm not sure about this one. The case was after all "U.S. vs Microsoft," and it was prosecuted by the Justice Department, and it was over the Antitrust (Smith-Tunney or Sherman?) Act. That sounds criminal to me. Civil suits usually have a different nomenclature about them.
According to today's dead-tree Burlington Free Press, the country's most successful CEOs are the ones who outsourced the most jobs.
That's SUCCESS! That's AMERICAN SUCCESS!
about a Chinese emperor. He wanted to be known as a great patron of the arts and sciences. So he ordered all books and paintings burned. Then he got the artists and scientists to together to rewrite the books and repaint the paintings. That way all of this innovation would date from his reign.
Don't feel so smug. As far as I can tell, Europe is following the US down the same silly path.
Greetings from the Far East.
No. It ends when US IP Law gets to silly that innovation is completely stifled in this country. At that point, real innovation will have moved overseas, and the USPTO will be irrelevant.
I wasn't arguing with you. Actually, I was sharing/defending your point.
Win98SE IE still gives the bluescreen.
(Why should I give more of MY money to one of the richest men on Earth for XP, when it's a dual-boot and Win98SE is just there for the games? Answer: sometime soon I expect games to REQUIRE WinXP, but I'll keep MY money MINE until then.)
How many Firefox/Mozilla users spoof their user agent to look like IE, so they can get into criminal* sites that require only IE?
*Isn't aiding and abetting criminal activity itself a crime, and isn't Microsoft a convicted criminal monopolist *precisely* over the IE bundling issue? So if you enforce an IE-only site isn't that what you are doing?
You appear to have missed julesh's statement. He has reason to believe that Microsoft started from the MIT code. That leaves 4 possibilities:
1: Julesh is wrong, and MS did their own Kerberos from the ground-up, in which case the rest is as you say.
2: MS began with the MIT Kerberos code, but tossed the part where the double-free was, because they had their own tweaks, anyway. Net result, largely the same as (1) above.
3: MS began with the MIT Kerberos code, but didn't touch the part where the double-free is. In this case, they have the same security exposure.
4: MS began with the MIT Kerberos code, found and fixed the double-free, but told nobody. This is what killjoe is talking about.
It's all moot, because most of us will never know. For that matter, I'm not competent to audit code for security, but I'm awfully glad that others are, and publish their results, appropriately.
Windows Kerberos is a different implementation, so it shouldn't be affected.
OTOH, as far as I can tell, MIT Kerberos is NOT under the GPL. A little quick searching and I can't really tell what license it is under, except perhaps MIT's own license. In that same look, I didn't see redistribution/modification provisions, so I have no way to know if it's more like GPL or BSD.
So perhaps Windows Kerberos really IS based on MIT. I just don't know, and don't know how to find out. As for the implementation-dependent security of Windows Kerberos, we just don't know about that, either. Furthermore, without signing some sort of potentially-restrictive NDA, or reverse-engineering the code, it may well be unknowable. So maybe it's more secure, maybe it isn't.
That's the point about Open Source. We know there's a flaw in the MIT implementation. We also know that there are fixes out, already.
ISTR that Kerberos 4 is flawed at the protocol level, not just implementation. Does anyone else know about this one?
Does anyone know if Heimdal is affected?
I've been fooling with the whole Kerberos/SASL/LDAP thing, and for the moment that means using Heimdal, because MIT isn't thread-safe. I guess newer SASL can have thread-safe locks wrapped around the Kerberos calls, but I've already got Heimdal installed.
Heimdal can also store its keys in LDAP, kind of a Worm Ourboros. In ways it seems a little frightening, because another program has the keys to your keys, but I've seen others state that this opens up good capabilities. I need to read more. I need more time.
To answer you and anonymous the same way...
Maybe MS couldn't win in court. But the threat of a suit, and a pending suit can both be about as bad as a suit. Careful public relations can make it look as if OSS is 'cheapo cloners' and MS is the injured party, at least long enough to cut off Novell's air supply. (to use a phrase) Justice has little to do with it.
Probably noy, but in the past they've kept potentially illegal contract terms, such as per-cpu-like licensing terms illegal with just such a mechanism.
Far easier to discover infringement in Open Source software. No doubt if you were to discover it in Microsoft (or any other proprietary) source, you'd be under some sort of NDA that included a gag order expressly forbidding you from disclosing patent infringement.
Mono scares the living daylights out of me.
Given the triviality and obviousness of patents being issued today, there's practically no way Mono can be non-infringing. Yet it's even more dangerous to check for it, because then you get into a triple-indemnity situation. Letting Mono burrow its way into Linux culture, software, infrastructure, and support is ASKING for trouble a few years down the road. It's putting a giant SUE ME sign out.
Besides, "Microsoft done right" isn't aiming that high. We could do better.