the copyright holder has been deprived of his right under copyright law to determine the distribution of his work
Regardless of what propeganda the Copyright Cartels spew out, the fact remains that copyright is not an absolute right -- it is a LIMITED artificial monopoly on the COMMERCIAL duplication of an artistic work. Notice the key words *LIMITED* and *COMMERCIAL*.
Duplicating a copyrighted work is not automaticly infringement. Non-commercial distribution of copies is not automaticly infringement.
Let's see, not buying a product because I can get the same thing for free is stealing income from some poor corporation. In that case, I guess I'll go to the water fountain and steal some income from Deer Park.
If you wish to make the point that "copyright infringement" is less worse than "stealing", use your time to say *why*.
If I steal your CD, you no longer have it. I've deprived you of the use of your property.
If I copy your CD without your permission, YOU STILL HAVE IT. You've been deprived of *nothing*, except the highly speculative "loss" a sale (which presumes that I would have paid your asking price in the first place, and that I won't buy a "legitimate" copy later)
Checking a book out of the library and scanning the contents is fair use.
Capturing a song or TV show off the air neither stealing nor copyright infringement, it's fair use.
Giving away your fair-use copies CAN also be legal fair use as well in some circumstances; it can also be illegal copyright infringement in others. It is a legal grey area -- giving a copy to a relative is unquestionably OK. Giving a copy to 10 casual accquaintances is probably OK. Giving a copy to everyone in a class you are teaching might be OK. *SELLING* a copy is *NOT* OK.
I have a hard time believing that someone who cannot read at all would be buying computer software at all, much less owning a computer.
Why not? We've proven that a functional illiterate can be elected President, so what's to stop one from buying a computer?
If you manage to upload files, insert some SQL, read files as the user PHP is running as (eg. nobody) then you have access to the whole web application (user accounts, credit card databases, everything)
This is exactly why it's foolish to use a so-called "database" (*cough* mysql *cough*) which does not support stored procedures. Stored procedures are a vital means of defense against SQL injection attacks, and any RDBMS which is used as a back-end to a publicly-accessable application must use them to be safe.
Stored procedures work kind of like SUID scripts for a database -- they let the database user execute code with the procedure owner's permissions. For example in an E-Commerce application, a user might legitimately need to get his own credit card number out of the database, but he has no business getting anyone else's database.
Let's assume we have the CC table keyed by UserID, and the webapp provides the UserID when it wants to get that user's CC number. We'll assume the user has already logged in and the application knows the user's userid. The naieve approach taken by most programmers is to construct the SQL statement on the client-side using the (previously validated) UserID, and then submit this to the SQL Server using a webuser account:
select CardHolderName, CCNumber, ExpDate from CCTable where UserID = '$UserID';
User xj9-4t-7070, using the system as intended, would result in the intended SQL statement being submitted to the SQL Server:
select CardHolderName, CCNumber, ExpDate from CCTable where UserID = 'xj9-4t-7070';
However This kind of construct is flawed because it's vulnerable to SQL injection. If a hacker is able to put an arbitrary value into $UserId, he can run ANY sql statement the webuser has permission to execute. Let's say he manages to set $UserID to xj9-4t-7070';\nselect * from CCTable where UserID != ', now the SQL being submitted is
select CardHolderName, CCNumber, ExpDate from CCTable where UserID = 'xj9-4t-7070'; select * from CCTable where UserID != '';
Because the webuser account must have select permission on CCTable to work for a legitimate user, it can run ANY arbitrary query on that table. Using stored procedures, the legitmate user would submit a query like:
exec GetUserCCInfo 'xj9-4t-7070';
And the attacker would submit
exec GetUserCCInfo 'xj9-4t-7070'; select * from CCInfo where UserID != '';
Using the stored procedure, the webuser only needs to be granted execute permission on the GetUserCCInfo stored procedure, and would not have any permissions to access CCInfo table directly. Therefore, all the attacker would get is a "permission denied" message instead of a dump of all entire CCInfo table.
We're still vulnerable to the attacker brute-forcing the CC numbers out one at a time, which is why we need to use a reasonably large random value for the UserID instead of something trivially guessed (like a monotonically increasing sequence of integers).
the Dune miniseries was absolutely HORRIBLE. UNfuckingWATCHABLE, even.
I think you're going overboard. It wasn't great by any stretch of the imagination, but it wasn't THAT horrible compared to other crap that's on TV.
I think the Sci-Fi adaptation was actually better than David Lynch's version in that it was more faithful to the source material (Wierding modules? WTF!?!). I think that (some) of the casting choices were better as well (even if the acting isn't as good), because the characters were portrayed more like they were in the book.
Patrick Stuart is an excellent actor, but he's far too refined to make a belivable Gurney Halleck, Stink^Hg is *NOT* Feyd Rautha, and Vladimir Harkonnen is an EVIL GENIUS, not the stupid disgusting perverted sadist Lynch portrayed.
As films, taken on their own, they are masterpieces. Taken as adaptations of the books, they suck. Certianly, some changes have to be made when going from the printed page to the screen -- non-verbal dialog has to be verbalized or conveyed in other ways, things have to be condensed, etc. However, these changes should not change the essential nature of the characters or of the story.
Fellowship of the Ring found a (tolerably) good balance between what works on the printed page and what works on the silver screen -- replacing Glorfindel with Arwen made sense, and cutting Tom Bombadil makes sense as well. The changes were understandable and didn't severely impact the overall plot (although the loss of the barrow-wight scene was an important character development event)
The Two Towers, on the other hand, just sucked as an adaptation. For example, the whole trip from Edoras to Helm's Deep was not in the books -- that's ~20 minutes of screen time and a gratutitious battle scene that was pulled straight out of Jackson's ass. Even more distrubing was the changes to Faramir's character. The WHOLE POINT of the encounter with Faramir was that HE WAS NOT TEMPTED BY THE RING AT ALL, that he passed the test his brother failed.
Return of the King also completely missed the point of a couple of key plot elements (EG the Path of the Dead). The omission of the Scouring of the Shire also misses one of Tolkien's most important messages: that war affects everyone, even people far away from the front lines, and that it dramatically changes the people who take part in it (The 4 hobbits are VERY different people when they get back compared to when they left).
It's not a matter of "doing enough" or not, it's a matter of doing EFFECTIVE things. They were doing ineffective things before 9/11; they've been doing more ineffective things since 9/11. The few proposals which have actually been demonstrated as being effective, like having air marshalls on all flights and armored cockpits in all planes, have been ignored, dismissed, or left unfunded.
Harrassing 80-year-old grandmothers and Congressional Medal of Honor winners does nothing to make us safer.
How is this not robbery
ROBBERY is theft by violence or the threat of violence. FRAUD is theft through trickery. They are not the same thing.
Sticking a gun in someone's face and demanding their money is a FAR more serious crime than using their credit card number without their knowledge or permission, and the law should recognize this fact. The whole premise of the legal system is to make the punishment fit the crime. A person with a record of violent crime is a much bigger threat to society and needs to be locked in a cage to keep them from hurting people. You don't need to lock the credit card theif up to protect society -- all you have to do is keep an eye on him (EG, not being allowed to use computers as a condition of his parole, like Mitnik.)
Turning off GPS is not going to magically make the cruise missile disappear. It's still going to hit something. So instead of hitting some skyscraper or government building as originally intended, now it hits a residential neighborhood or a school or a hospital instead. Yeah, I can see how that's a BIG improvement.
OK, let's put a surveillance camera in every room in your house. After all, you don't have a problem with your picture being taken, and it might help prevent crimes or terrorism. (The terrorists and criminals might be hiding under your bed or in your closet, after all).
if [Microsoft products] were inadequate for even internal use, how could they hope to compete on the open market
A few ideas:
Spread FUD about competing products
Shmooze CEO/CIOs of large companies, send them on expense-paid junkets & other semi-legal bribery tactics to get them to purchase MS product.
Bundle defective/inferior software with operating system.
Force OEM hardware vendors to ship product pre-installed on their systems and prohibit them from pre-installing competing products.
Sell product at a loss (or give it away) until all serious competitors go bankrupt.
Buy out competing company to suppress their product, preferably after having forced them into bankruptcy (or at least seriously damaging their market value)
Release "service pack" which breaks competing product
Illegally use monopoly power to extend monopoly into new markets.
Yes, having a disaster recovery plan is important. So is TESTING that plan to make sure it will work in a real disaster. If you haven't done a dry run, you really don't have a DR plan other than "panic".
Does DOS boot on a new machine? I've never tried, but I'd guess not
There are too many companies that refuse to move out of the computing Bronze-Age; bite the bullet and upgrade.
If it ain't broken, don't fix it.
Seriously. A 30-year-old custom COBOL app has, in all probability, had all of it's bugs resolved 20 years ago. It works. Replacing a legacy system with a million lines of tested and proven code is going to be an expensive and dangerous proposition.
I have seen shops that Net revenue >$10 million/year, and they depend on a app written in BASIC!!!! as their life-blood.
If it works reliably and satisfies the business requirements, what does it matter what language it's written in? The answer is: it doesn't. If the bugs have been squashed and the requirements have not changed, there is NO reason whatsoever to monkey with a working, stable system. "BASIC is for n00bs; Python is l33t" is not an adequate justification to replace a proven system.
There are plenty of applications that work perfectly with a curses-based interface runing on dumb green-screen terminals -- just because the technology used isn't "cool" does not mean that there's any benefit in replacing it with a GUI or web-based interface or whatever else is "cool" this year.
Holy shit people, it might be time to upgrade!
Holy shit people, it might be time to develop some professionalism. It's not about who has the coolest toys -- it's about satisfying the business requirements in the most cost-effective manner.
for the love of $deity don't hold onto old tech that you think "Well it used to be good enough!"
The question isn't "did it used to be good enough?", the questions are "is it currently good enough?" and "can we justify the expense and risk of re-implementing it?".
I'd guess that Virginia Tech had very different design goals
I also seem to recall that Apple gave VT an *exceptionally* good deal on the hardware -- basically at cost. Any money Apple loses on the deal is a tax writeoff as either an advertising expense or charitable contribution. If you built an identical cluster and had to pay full retail for the boxes, I guarantee you'll spend a WHOLE lot more than VT did.
The NCSA, on the other hand, is a federal agency and therefore any commodity boxes they buy are probably coming straight off of the GSA schedule. GSA schedule is less than retail but it still has a nice profit margin for the vendor.
Slashdot Mirror
Duplicating a copyrighted work is not automaticly infringement. Non-commercial distribution of copies is not automaticly infringement.
I think you overestimate the time to first lawsuit by an order of magnitude or two...
If I copy your CD without your permission, YOU STILL HAVE IT. You've been deprived of *nothing*, except the highly speculative "loss" a sale (which presumes that I would have paid your asking price in the first place, and that I won't buy a "legitimate" copy later)
Checking a book out of the library and scanning the contents is fair use.
Capturing a song or TV show off the air neither stealing nor copyright infringement, it's fair use.
Giving away your fair-use copies CAN also be legal fair use as well in some circumstances; it can also be illegal copyright infringement in others. It is a legal grey area -- giving a copy to a relative is unquestionably OK. Giving a copy to 10 casual accquaintances is probably OK. Giving a copy to everyone in a class you are teaching might be OK. *SELLING* a copy is *NOT* OK.
I was trying to illustrate a point, not write an application.
Stored procedures work kind of like SUID scripts for a database -- they let the database user execute code with the procedure owner's permissions. For example in an E-Commerce application, a user might legitimately need to get his own credit card number out of the database, but he has no business getting anyone else's database.
Let's assume we have the CC table keyed by UserID, and the webapp provides the UserID when it wants to get that user's CC number. We'll assume the user has already logged in and the application knows the user's userid. The naieve approach taken by most programmers is to construct the SQL statement on the client-side using the (previously validated) UserID, and then submit this to the SQL Server using a webuser account:
User xj9-4t-7070, using the system as intended, would result in the intended SQL statement being submitted to the SQL Server:However This kind of construct is flawed because it's vulnerable to SQL injection. If a hacker is able to put an arbitrary value into $UserId, he can run ANY sql statement the webuser has permission to execute. Let's say he manages to set $UserID to xj9-4t-7070';\nselect * from CCTable where UserID != ', now the SQL being submitted isBecause the webuser account must have select permission on CCTable to work for a legitimate user, it can run ANY arbitrary query on that table. Using stored procedures, the legitmate user would submit a query like:And the attacker would submitUsing the stored procedure, the webuser only needs to be granted execute permission on the GetUserCCInfo stored procedure, and would not have any permissions to access CCInfo table directly. Therefore, all the attacker would get is a "permission denied" message instead of a dump of all entire CCInfo table.We're still vulnerable to the attacker brute-forcing the CC numbers out one at a time, which is why we need to use a reasonably large random value for the UserID instead of something trivially guessed (like a monotonically increasing sequence of integers).
I think the Sci-Fi adaptation was actually better than David Lynch's version in that it was more faithful to the source material (Wierding modules? WTF!?!). I think that (some) of the casting choices were better as well (even if the acting isn't as good), because the characters were portrayed more like they were in the book.
Patrick Stuart is an excellent actor, but he's far too refined to make a belivable Gurney Halleck, Stink^Hg is *NOT* Feyd Rautha, and Vladimir Harkonnen is an EVIL GENIUS, not the stupid disgusting perverted sadist Lynch portrayed.
Fellowship of the Ring found a (tolerably) good balance between what works on the printed page and what works on the silver screen -- replacing Glorfindel with Arwen made sense, and cutting Tom Bombadil makes sense as well. The changes were understandable and didn't severely impact the overall plot (although the loss of the barrow-wight scene was an important character development event)
The Two Towers, on the other hand, just sucked as an adaptation. For example, the whole trip from Edoras to Helm's Deep was not in the books -- that's ~20 minutes of screen time and a gratutitious battle scene that was pulled straight out of Jackson's ass. Even more distrubing was the changes to Faramir's character. The WHOLE POINT of the encounter with Faramir was that HE WAS NOT TEMPTED BY THE RING AT ALL, that he passed the test his brother failed.
Return of the King also completely missed the point of a couple of key plot elements (EG the Path of the Dead). The omission of the Scouring of the Shire also misses one of Tolkien's most important messages: that war affects everyone, even people far away from the front lines, and that it dramatically changes the people who take part in it (The 4 hobbits are VERY different people when they get back compared to when they left).
It's not a matter of "doing enough" or not, it's a matter of doing EFFECTIVE things. They were doing ineffective things before 9/11; they've been doing more ineffective things since 9/11. The few proposals which have actually been demonstrated as being effective, like having air marshalls on all flights and armored cockpits in all planes, have been ignored, dismissed, or left unfunded. Harrassing 80-year-old grandmothers and Congressional Medal of Honor winners does nothing to make us safer.
Turning off GPS is not going to magically make the cruise missile disappear. It's still going to hit something. So instead of hitting some skyscraper or government building as originally intended, now it hits a residential neighborhood or a school or a hospital instead. Yeah, I can see how that's a BIG improvement.
OK, let's put a surveillance camera in every room in your house. After all, you don't have a problem with your picture being taken, and it might help prevent crimes or terrorism. (The terrorists and criminals might be hiding under your bed or in your closet, after all).
For USA: yoursite.[yourcounty].[yourstate].us
Actually, now that they've opened up the US domain, you can go straight for [yoursite].us
Plus, state/county subdomains are usually free (included in your tax dollars) for residents of that jurisdiction.
Just when I thought the kooks couldn't get any kookier, you pull this out.
Did I miss any typical M$ business practices?
Seriously. A 30-year-old custom COBOL app has, in all probability, had all of it's bugs resolved 20 years ago. It works. Replacing a legacy system with a million lines of tested and proven code is going to be an expensive and dangerous proposition.
If it works reliably and satisfies the business requirements, what does it matter what language it's written in? The answer is: it doesn't. If the bugs have been squashed and the requirements have not changed, there is NO reason whatsoever to monkey with a working, stable system. "BASIC is for n00bs; Python is l33t" is not an adequate justification to replace a proven system.There are plenty of applications that work perfectly with a curses-based interface runing on dumb green-screen terminals -- just because the technology used isn't "cool" does not mean that there's any benefit in replacing it with a GUI or web-based interface or whatever else is "cool" this year.
Holy shit people, it might be time to develop some professionalism. It's not about who has the coolest toys -- it's about satisfying the business requirements in the most cost-effective manner. The question isn't "did it used to be good enough?", the questions are "is it currently good enough?" and "can we justify the expense and risk of re-implementing it?".The NCSA, on the other hand, is a federal agency and therefore any commodity boxes they buy are probably coming straight off of the GSA schedule. GSA schedule is less than retail but it still has a nice profit margin for the vendor.
Or you can just look at the clock and the odometer...