ObDisc: I work for HP, but clearly I'm writing here in a personal capacity
Carly has taken it on herself to ensure techs are NOT able to do their jobs by implementing stupid tools like "ATM" or the Automated Technology Manager to replace the MMC snap-ins for Active Directory.
WTF? Dude, ATM long preceded Active Directory. The Atlanta team had ATM operational back in 1997 when I joined the company. And ATM feeds the Enterprise Directory, which is not AD based. Yes, we have more than one directory, because AD is inherently tied to NOS operations, whereas ED is tied to internal operations.
VPN support for employees is utilized only through a "signed" proprietary program which is a pain in the ass to support because it either breaks or totally f*cks up a person's NT account.
VPN support is via the Nortel Contivity box, which is IPsec based. Yes, the certificates are signed - what else could they be? And it's not tied to your NT account in any fashion, since it needs an ActivCard OTP to work. The newer VPN is just vanilla MSRA (although the old Compaq PPTP is still around).
You want to cut into Carly - go ahead. Don't bother me none. But leave tech decisions which predate Carly's time out of it. Blame her for the merger, the stock price, the ink cartridge strategy or whatever - but individual IT decisions? Sorry - that isn't something that can be laid at Carly's door.
--Ng
PS: And if my other HP colleagues could hear me say all of this, they'd have me slammed as the worlds worst hypocrite for all I've bellyached and bitched about Carly.
But WHAT is this way to make a living? And please, don't tell me it's "support", I don't believe it anymore... I agree that you can write OSS in your spare time, but I haven't met anyone who wrote OSS for a living (and I don't want answers like Alan Cox or RMS).
You seem to have excluded the set of available answers in the postamble to your questions. A bit like saying "What's the capital of France?" and then saying "Please don't say Paris".
There are many top flight coders who work for companies like IBM, HP, Sun, etc. (eg, Andrew Tridgell, Jeremy Allison, and so on). They all get paid to write F/OSS. But you don't have to be an uber-coder to get into that game. If you work for a reasonable enlightened company [yes, there are a few], they can see that most of the software generated internally has no value as a sales proposition. So get them to release it as free software. Explain that it means that the cost of developing new software will drop, because you can now use and redistribute the work of all the other coders.
Bang - suddenly you're developing OSS for a living. Maybe you do helpdesk other parts of the time, or are a tech support guy. So what? It's still code. The more there is of it, the more it'll get used.
Hell, even the stuff which I've written and been ashamed of is useful - because it let's people know how not to do something!
Non-free software or no software. What would you rather have?
False dichotomy. There isn't an either/or except in your premise that you wouldn't have written software were it to be free.
I too write software for a living. People pay me to do it. It's also free software - because it falls below the value line for closed source software for my employer [along with at least 95% of all software written in the company].
I have also written software which has nothing to do with my employer. I do it for the love of it. There are many others in the world with a similar view. I would write software even if I didn't get paid to do it - sure, I'd need another job to keep body and soul together, but I'd still hack.
Anyway, why wouldn't people pay you if it was free software - do you only code for people who sell the software afterwards as proprietary? Most software (95%+) is generated for internal use - so it generally makes sense to release it as free software. Because then it reduces the amount of code the purchaser needs for any new products. The more free code there is generally, the cheaper software production gets in total.
--Ng
Re:Mini Ask Slashdot
on
Offshoring IT
·
· Score: 2, Informative
Hmm...why would anyone WANT to get tied down to just one woman...and have more bodies in the house sucking your money and time from you?
Is that the considered opinion of an afficionado of the Pimp's 'n' Ho's website?
Perhaps because women are far more interesting creatures than men, and because bringing up kids while you're still young enough to pick them up is one of the best experiences life can give? And yes, I have tried mountaineering, racing cars, snorting coke and drinking enough to keep a brewery above water for a year. It gets old, real fast - long before I did.
Seriously, guy, I hope you meet someone to love. It puts all this hacking and money shit into perspective. It's just a job, man...
Why is it that so many Slashdotters piss and moan when any kind of system is released by commercial industry that isn't 100% flawless?
Why limit it to/.? Everyone pisses and moans whenever something isn't perfect. The right to free bitching is more frequently exercised that the right to free thinking.
Now maybe I have it all wrong, but I'd say that when it comes to protecting children on the Internet (and yes, it's needed), this is a step in the right direction. Sure it has its flaws, but it's certainly better than nothing at all.
You don't have it all wrong - but sometimes nothing at all is better that security theatre, which - alas - this proposal is. It's about giving the illusion of safety, while actually targetting with greater assurance the fact that minors are using the chat rooms. As others have pointed out, the paedophiles are going to acquire these devices (Remember that most abused children are abused by family members - the random predator is an infrequent, if frightening, occurence), if not from eBay, then from their own kids.
In other words, maybe it's better for kids to know that the chat rooms are prowled by perverts, and that they need to button the lip more often. Think "Don't talk to strangers". Whereas, "buy this magic token and you'll be safe as houses" when it's actually increasing their risk scarcely seems like a good idea. So it's not that it has its flaws - it seems to me like its actually reinforcing the problem.
Freedom of anything is going the way of the 8-track tape.
The terrorists seem to have won.
Calm down, folks.
All this discussion is over a senior police officer saying what he'd like to see happen - ie, people not looking at sites "promoting"* necrophilia and cannibalism. I don't know about the US, but the police in the UK tend to occupy a more authoritarian position than the majority of the public. (Note to UK cops: no, not all of them, and no, they're not all racist thugs, either).
In the UK, Parliament makes the law (yeah, yeah - subject to Royal Assent - like the Queen's going to veto a law these days). The coppers can ask for new ones - as can any citizen - but that doesn't mean they'll get them. And even if they get them, the courts have displayed an annoying (albeit infrequent) tendency to quash or admonish convictions which have been tainted by overzealous cops.
Surely the cop is entitled to his free expression rights as well? Or must the intolerant be suppressed so that only worthy views can be expressed? If we go down that road, then the terrorists will have won.
--Ng
* The infamous Section 28 of the Local Government Act prevented local authorities from "promoting" homosexuality in the UK - but "promoting" was never well defined. As a result, many schools prevented discussion of homosexuality to avoid even the threat of prosecution by right wing homophobes... sorry, concerned parents. Thankfully, that evil piece of legislation was repealed. I like to think that it was a dreadful lapse in British tolerance, now corrected.
ObDisclaimer: I work for HP, but this is a purely personal statement. HP's got nothing to do with it - in fact HP's attitude is made explicit from Martin's statement - it's for the courts to decide SCO's claims. HP will not prejudge the courts, but HP explicitly does not acknowledge the claim.
SCO would have spun this anyway they want. If HP didn't offer indemnity for this vacuous case, then SCO claims HP is running scared of the court action and is letting its users hang in the wind.
If, on the other hand, indemnification is offered, then HP lends validity to SCO's claim.
In other words:
HP: We don't assign any validity to this case.
SCO: Aha! So you admit that there is a case. Hey everyone, HP says there is a case! Y'hear - HP says SCO will win its case!.
Sorry, but these guys are in spin overdrive; they can't even tell truth from lies any more.
The problem with the European Convention on Human Rights is they included loopholes for just about everything so even the most despotic government can stifle all freedom and still abide by that piece of paper
So what? The USA in its history has permitted the most egregious abuses of constitutional intent by selective reading and enforcement of constitutional scripture (thinking slavery, McCarthy, etc). Any rights conferring document is only as good as the level to which the state abides.
I have read the convention, and various acts which enshrine the provisions into law. The central point from the article was the implication that Europe's lack of an absolutely phrased First Amendment means that European governments and people are less "free" than their American counterparts.
European society is different from American society. Not inferior, just different. The relationship between the state and the people is of a different character to those in the USA (government is more active on behalf of the people than would be acceptable in the USA - you would probably say government interferes more with the people). What comes over as bureaucratic bullshit to you may come over as sensibly phrased compromise to us. Beware nations divided by a common language!
Hence my point. There is no One True Construction of Liberty. Liberty is a construction of rights and freedoms deriving inherently from the condition and history of a people as a whole. Therefore, a different history, with different pressures, and different results will produce a different construction. While comparison between similar states is valid and desirable, absolute ranking is rarely profitable. Does this make judgement impossible? Hell, no - it just makes it trickier. But diversity and complexity make the world interesting.
Item 1: Of course they don't have the First Amendment. They don't have the Declaration of Independance or the Proclamation of Emancipation, either; the First Amendment is part of the American constitution. This intentionally emotion-provoking phrase intends to say "they don't have freedom of speech", which may be true in limited ways (I understand, for example, that Nazi references are regulated in Germany), but I've never heard of extreme censorship in Europe. Am I wrong? Is Europe secretly a band of neo-nazi fascist authoritarians? My bad...
Well said. Most of the EU member states have enshrined the European Convention on Human Rights into law. Article 10 of this convention sets out the right to free expression (although qualified in section 2 to include responsibilities).
Your well thought out expression gives me some confort that not all Americans subscribe to the foolishly jingoistic notion that the American construction of liberty is the only valid one.
As a European, I rarely feel myself groaning under the oppressive weight of our democracies, nor do I feel the oxygen of liberty suddenly fill my lungs during my many visits to the USA. It's perfectly possible (indeed admirable) to take pride in your country and culture without sneering at the achievements of others, whose efforts and results may reflect a history of which one is not aware.
The same argument could be made for preventing you from doing almost anything you don't have to do, regardless of how public spirited.
No - only actions which are in breach of the law.
And in particular, when in the history of this world, has "malicious code [been] deliberately released" as part of an OSS?
Well, OpenSSH was trojaned. But frankly, the frequency of the incidents is pretty much irrelevant. The point is one of principle - is it right for an employee of a company to place it in jeopardy without it having any method of lowering its exposure to liability?
The upside for the company is an increase of good will, which transates into sales.
You're preaching to the converted, reverend! The question isn't whether OSS makes good business sense or not - it does. The question is simply one of whether the company has any right to exercise control over the output of its employees when working on company time - and IMHO it does. I wish that people were honest and wouldn't commit actions which harm others, but our laws are designed for the people we have, not those we'd like to have.
Well, sometimes I will be working with a OSS software package and I see a way to make a little change to make it better, or fix a bug. Why should any employer/client worry about that?
Vicarious liability, for one reason. Your employer (in most jurisdictions) is at least partly responsible for your actions whilst you are in their employ, and on their time. It hardly seems fair for them to be expected to assume liability without having the capacity to mitigate it, does it?
And all the disclaimers in the world won't help you if a case can be made for malicious code being deliberately released - your company would still be accountable.
I'm a consultant, paid for my time and the IP I develop. I would not dare to risk cross-contamination by doing anything more than downloading and using open-source packages at the office.
Clearly that is your right - but I would venture that you are losing (or at least lowering) one of the essential values of Open Source: the ability to lower support, development and maintenance costs by having them amortized amongst the various businesses that to whom you might consult.
Moreover, I have yet to see a reputation tarnished by having contributions accepted to high calibre projects in a peer-reviewed manner.
When you mention cross-contamination, do you mean that you fear that you might put a client's IP into software which you subsequently release? Surely your client would have the right to refuse publication rights for the code (since the IP wasn't yours to give away)? Speaking flippantly, is it that you figure Open Source stuff would get you found out more quickly than a release of closed source kit?:-)
Well yes, but actually they tend to US manafactured and mainly situated in US air-bases.
50% right. The main strategic nuclear missile for the UK is Trident. US manufactured, but based in Royal Navy nuclear submarine bases in Coulport and Faslane.
No, the problem is the Trident targetting system - it's satellite guided. Now, guess who owns the satellites? Yup, that's right...
So, the UK could launch the nukes, but that doesn't mean they would get there. Hell, given the Trident test results, I'm not even sure they'd hit if the sats worked perfectly. Probably end up blowing the shit out of Dublin or Reykyavik.
Um, what? The United States alone had a GDP of $10 trillion in 2001, compared to $7.8 trillion for the entire EU
I'm not contradicting you here - but I would point out that (as I found to my cost on K5), measuring GDP is hellishly difficult. The latest OECD snapshot (2002) gives the EU-15 a GDP of $8591.60 billion dollars, versus the USA's $10365 billion. Which backs up your point, right?
Well, maybe - but this is going purely by variable currency values (ie, strong dollar, weak euro). If we take the values fixed to 1995 dollar values and prices (so the trend gets measured), the USA stands at $9186 billion, versus the EU-15 at $10062 billion.
Now, since then, the dollar has dropped versus the euro, so God knows what the relative values are - or even if it matters that much. The productivity is higher in the USA, the productivity per hour worked is higher in Europe (read into that what you will!).
When the Eastern European nations join the EU, that provides a boatload of cheap... err... competitively priced labour (with higher birth rates, BTW).
All I'm really saying here is that the dynamic is changing, and historical point data is of limited value in discerning the directions of both the USA and Europe.
My english is probably not good enough for you. This sentence means that the CDs were 0.1 Euro a piece at some point and then they added some 1 Euro tax to it. So now a CD is 1.1 Euro a piece.
Ouch!
Still, given the EU internal market, wouldn't you be allowed to visit the UK (which doesn't have the levy), buy a shitload of CD blanks and use them? Although, I suspect that unless you lived in Calais, Le Havre or Dieppe, it's probably not worth it.
channel 4 is government owned isn't it? Though ran like a private company
Technically, this is true - in that C4 has no shareholders and holds a broadcast license from the government as long as a portion of its programming is public service.
However, it reports under the auspices of the ITC, receives no public funding, and must support itself via commercial operations only. So, other than the government's ability to revoke its license (which they could do to any operator), it's difficult to see this as "ownership" in any meaningful way. To me, that phrase means at least some measure of managerial/editorial/financial control (I suppose appointing governors to the Board is one - but it never worked very well for the BBC!).
The Tories keep on threatening to sell C4, but to use regulation to enforce public service broadcasting. Seems to me that it wouldn't make a lot of difference.
I mean, the government gets whatever it wants, because it has all the power. It has all the power because it has all the guns, and that is especially true in the UK.
Not all the guns. The IRA still has a few, and the loyalist gangs have a load - oh, yes, and the Yardies tend to be well supplied, and the Tongs. But I guess you meant that the citizenry are not allowed to bear arms without a license, which is not routinely given.
However, I think that this is all but irrelevant in this case as (a) retention of ISP data records just isn't the sort of thing that popular revolutions are made of, and (b) as you say, most the of the people wouldn't even care (yes, sadly, the British population is just like the US population in this regard). You know the line "I've got nothing to hide, so why shouldn't they implant me with a v-chip?".
I guess the biggest difference between the UK and the US is that the media isn't privately owned to quite the same degree in the UK as it is in the US, right? But that media which isn't owned by private entities is owned by the government
The only publicly owned media corporation is the BBC, which is paid for by television license subscription. It's not really owned by the government in the sense that you mean (ie, the government can't tell it what to broadcast, or not - though God knows they've tried time and again). The problem for the government is that the BBC carries more weight with the people that the government of the day ever will - so they have to watch their step. It carries more weight, because it broadcasts the soaps and reality TV shows that keep Joe Couch-Potato happy and fat.
And the rest of our media are owned by sundry groups - right-wing (mostly), left-wing (rarely), and a big chunk of it by Rupert Murdoch, who's an Australian/American/Chinese/whatever-gets-him-TV-c oncessions citizen.
Anyway, to attempt to answer the question - will HMG just make the retention mandatory - I don't know. They've backed down before when it came to crapping over civil liberties (and at other times, they've just shit all over them). My guess is that there are a hell of a lot of people using ISPs in the UK right now, and there just ain't enough votes to be got by ramming this down the ISPs throats. On the other hand, never underestimate the power of the securocrats - the ridiculous mess that is the RIP Act was their handiwork.
David Blunkett did go on record as saying that there were some things that a governing party must not do, even if it could steamroller any opposition (the Labour party has a huge majority in Parliament). So, who knows - maybe they'll just decide that without the co-operation of the ISPs, it ain't a fight worth having.
if 100 or more years ago we had instant communications like we do now, we probably would not have been able to get away with it.. but we did.
You, the American people, are not responsible for the actions of people who died long before you were even born. So any American reading guilt for past sins into the article is misguided.
So do you really think that matters to the Democrats & Republicans that the we the american people elect to represent us and our global corporate interests?
But, as I read the article, the thrust seems to be that such a "USA first" policy is too short-sighted, and will lead to short term profit at the cost of long term growth.
Now, I think we can all guess where the sights of a 4 year elected official can be set. Nevertheless, government (ie, permanent, civil service, type government) needs to take the longer view. A world where all nations can trade fairly yields the prospect of real economic growth.
After all, who the hell in Afghanistan can afford chemical plants, or chip fabrication technology. But if they could, wouldn't the USA be first in line to benefit from this approach?
NB: Obligatory disclaimer about US bashing. The EU is just as bad about ensuring that Fortress Europe is always in a position to buy cheap raw materials from the subhumans insufficiently blessed to live in the cradle of democracy. (Heavy irony).
Can someone please explain why the desired level of security can't be obtained by only software?
Because the control mechanism in any von Neumann machine is in the same band as the stuff being controlled (ie, the OS - which enforces the security policy - operates in the same space - the CPU's available memory - as the programs which may, or may not, behave themselves).
Ultimately, the only way to have a secure audit trail for how a computer got to its current state is to have the verifier out of band from the verified. This is why you need the trusted component (the tamper proof verifier which can sign the logs of the host system). Assuming no-one can get to the trusted component private keys (even, or especially, the computer owner), another computer can trust the signature to be an accurate representation of the state of the original machine.
By the way, it's this in-band control mechanism which means that the Internet Protocols have an incredibly hard time defending themselves against DoS attacks - because the ICMP packets travel along the same route as the TCP/UDP packets. If you can interfere with the data stream, you can interfere with the control stream as well. The phone companies found this out ages ago, which is why whistling at 2600Hz doesn't work any more.
Point taken about the packaging of Outlook - but I'd draw the line at saying people won't use OpenOffice because it doesn't have an Outlook clone.
The majority of people who use Office that I know of think of Word, Excel and PowerPoint. Occasionally they might think Access - but that's it. If you can offer that functionality to people it'll hit critical mass - PHB or not. And Microsoft will find that they have to offer Outlook unbundled. Fundamentally, even with monopoly skewed economics, asking $329 a pop for Office simply to get calendaring is way too much. So either M$ do it, or someone else will. And don't believe it's too hard to generate Outlook capability either - Hewlett-Packard's last OpenMail client had drop in Outlook/Exchange capability (if only it had been open sourced...sigh).
To summarise: if you play the game by Microsoft's rules, you're going to lose. They control the agenda, and can alter the rules as it suits them. OpenOffice fills a need, with a document protocol that's going to prove extremely difficult to change now - too many docs in the old formats. If it satisfies 80% of users (PHBs excluded), then its a strange (and very rich) company that insists on donating > $50000 per annum to Redmond for a calendaring client.
Today we have Open/StarOffice but unfortunately it doesn't contain all functionality of the MS product. I'm not talking about minor stuff like missing word count, that probably could be fixed by a macro, but things like a missing Outlook replacement.
Hang on! Outlook? Outlook is a groupware/collaboration program. What does an office suite (ie, document preparation) have to do with email and calendaring?
Note: I'm not saying that application frameworks shouldn't communicate with one another, via clear object oriented protocols - just that the idea of "the office suite is the OS" is a little scary to me.
It seems to me that Evolution is closer to what you want for an Outlook replacement (although the shared calendaring has a ways to go). And OpenOffice can tie into Evolution and vice versa in multiple ways.
But I don't really consider Outlook an integral part of an office suite. (I might consider it an integral part of any enterprise collaboration software, though. If only we can airbrush out of history that god awful MS-TNEF and MAPI legacy crudware).
Sorry, but taking dental advice from the Brits is like taking security advice from Microsoft.
Actually, I think it's because British teeth are legendarily bad that they've ended up researching so much into dentistry.
I mean, why would you research new dental techniques if everyone has a grin like Tom Cruise? But when they've got Austin Powers incisors, then there's clearly a need for serious research.
Under English common law (as Australia's system is based on)
Just to be nit-picky, I think Australian law is more akin to Scots law, which is not the same as English. When my mother studied (Scots) law at University, many of the test cases they used were Australian test cases, because the frameworks were so similar.
Who wants to get together and build a worm that does nothing but fix known security problems?
The problem with this approach is that you'd run afoul of every computer misuse act on the planet. Which means an awful lot of rich governments with the power to prosecute. It would take just one bug in the worm to bring the wrath of God up anyone involved with the project.
On a related note, this was exactly the approach that some IT organisations (at least one multinational) took to fix the Nimda and Code Red problems internally. The difference was that the IT orgs have the right to crap over their companies computers - and J. Random Hacker doesn't.
Get a life, protest groups. Nuclear waste is nasty stuff, and it'll be around for thousands of years. We can either trust thousands of people in thousands of places to keep it under lock and key, or we can pile all of it under one mountain and know FOR SURE that it'll be safe forever.
Forever? That's a hell of a long time to project our current engineering skills into - this stuff will still be dangerous long after all our civilizations have crumbled to dust and are forgotten - along with our writings, and maybe much of our science. Would you say that the engineering decisions made thousands of years ago would stand up to modern examination?
The pyramids were supposed to protect the bodies of the pharaohs forever. They were cracked by the greedy within a few years. The castle of Krak des Chevaliers was built with the best science that the mediaeval world could produce - totally self sustaining - it was designed to be impregnable. Oops. The fortress of Masada was much the same.
Don't get me wrong - we (meaning all nations with civil nuclear power programs) produced the waste - we can't unproduce it, so all we can do is store it as securely as modern technology allows. But we need to keep the whole system under constant review to see if we cannot dispose of the threat safely when newer knowledge comes to the fore.
And we really shouldn't continue to build new power stations until we've figured out a proper solution to the waste problem. It's looking more and more like the civil nuclear power programmes were little more than relief for governments with high tech frustrations. On the economic basis, they don't seem to have been successful at all (The UK tried to privatize the nuclear power stations - nobody wanted to buy them, even with the government offering "sweeteners" to take the poisonous hulks).
Slashdot Mirror
ObDisc: I work for HP, but clearly I'm writing here in a personal capacity
Carly has taken it on herself to ensure techs are NOT able to do their jobs by implementing stupid tools like "ATM" or the Automated Technology Manager to replace the MMC snap-ins for Active Directory.
WTF? Dude, ATM long preceded Active Directory. The Atlanta team had ATM operational back in 1997 when I joined the company. And ATM feeds the Enterprise Directory, which is not AD based. Yes, we have more than one directory, because AD is inherently tied to NOS operations, whereas ED is tied to internal operations.
VPN support for employees is utilized only through a "signed" proprietary program which is a pain in the ass to support because it either breaks or totally f*cks up a person's NT account.
VPN support is via the Nortel Contivity box, which is IPsec based. Yes, the certificates are signed - what else could they be? And it's not tied to your NT account in any fashion, since it needs an ActivCard OTP to work. The newer VPN is just vanilla MSRA (although the old Compaq PPTP is still around).
You want to cut into Carly - go ahead. Don't bother me none. But leave tech decisions which predate Carly's time out of it. Blame her for the merger, the stock price, the ink cartridge strategy or whatever - but individual IT decisions? Sorry - that isn't something that can be laid at Carly's door.
--Ng
PS: And if my other HP colleagues could hear me say all of this, they'd have me slammed as the worlds worst hypocrite for all I've bellyached and bitched about Carly.
You seem to have excluded the set of available answers in the postamble to your questions. A bit like saying "What's the capital of France?" and then saying "Please don't say Paris".
There are many top flight coders who work for companies like IBM, HP, Sun, etc. (eg, Andrew Tridgell, Jeremy Allison, and so on). They all get paid to write F/OSS. But you don't have to be an uber-coder to get into that game. If you work for a reasonable enlightened company [yes, there are a few], they can see that most of the software generated internally has no value as a sales proposition. So get them to release it as free software. Explain that it means that the cost of developing new software will drop, because you can now use and redistribute the work of all the other coders.
Bang - suddenly you're developing OSS for a living. Maybe you do helpdesk other parts of the time, or are a tech support guy. So what? It's still code. The more there is of it, the more it'll get used.
Hell, even the stuff which I've written and been ashamed of is useful - because it let's people know how not to do something!
--Ng
False dichotomy. There isn't an either/or except in your premise that you wouldn't have written software were it to be free.
I too write software for a living. People pay me to do it. It's also free software - because it falls below the value line for closed source software for my employer [along with at least 95% of all software written in the company].
I have also written software which has nothing to do with my employer. I do it for the love of it. There are many others in the world with a similar view. I would write software even if I didn't get paid to do it - sure, I'd need another job to keep body and soul together, but I'd still hack.
Anyway, why wouldn't people pay you if it was free software - do you only code for people who sell the software afterwards as proprietary? Most software (95%+) is generated for internal use - so it generally makes sense to release it as free software. Because then it reduces the amount of code the purchaser needs for any new products. The more free code there is generally, the cheaper software production gets in total.
--Ng
Is that the considered opinion of an afficionado of the Pimp's 'n' Ho's website?
Perhaps because women are far more interesting creatures than men, and because bringing up kids while you're still young enough to pick them up is one of the best experiences life can give? And yes, I have tried mountaineering, racing cars, snorting coke and drinking enough to keep a brewery above water for a year. It gets old, real fast - long before I did.
Seriously, guy, I hope you meet someone to love. It puts all this hacking and money shit into perspective. It's just a job, man...
--Ng
Why limit it to /.? Everyone pisses and moans whenever something isn't perfect. The right to free bitching is more frequently exercised that the right to free thinking.
Now maybe I have it all wrong, but I'd say that when it comes to protecting children on the Internet (and yes, it's needed), this is a step in the right direction. Sure it has its flaws, but it's certainly better than nothing at all.
You don't have it all wrong - but sometimes nothing at all is better that security theatre, which - alas - this proposal is. It's about giving the illusion of safety, while actually targetting with greater assurance the fact that minors are using the chat rooms. As others have pointed out, the paedophiles are going to acquire these devices (Remember that most abused children are abused by family members - the random predator is an infrequent, if frightening, occurence), if not from eBay, then from their own kids.
In other words, maybe it's better for kids to know that the chat rooms are prowled by perverts, and that they need to button the lip more often. Think "Don't talk to strangers". Whereas, "buy this magic token and you'll be safe as houses" when it's actually increasing their risk scarcely seems like a good idea. So it's not that it has its flaws - it seems to me like its actually reinforcing the problem.
Cheers,
Ng
Calm down, folks.
All this discussion is over a senior police officer saying what he'd like to see happen - ie, people not looking at sites "promoting"* necrophilia and cannibalism. I don't know about the US, but the police in the UK tend to occupy a more authoritarian position than the majority of the public. (Note to UK cops: no, not all of them, and no, they're not all racist thugs, either).
In the UK, Parliament makes the law (yeah, yeah - subject to Royal Assent - like the Queen's going to veto a law these days). The coppers can ask for new ones - as can any citizen - but that doesn't mean they'll get them. And even if they get them, the courts have displayed an annoying (albeit infrequent) tendency to quash or admonish convictions which have been tainted by overzealous cops.
Surely the cop is entitled to his free expression rights as well? Or must the intolerant be suppressed so that only worthy views can be expressed? If we go down that road, then the terrorists will have won.
--Ng
* The infamous Section 28 of the Local Government Act prevented local authorities from "promoting" homosexuality in the UK - but "promoting" was never well defined. As a result, many schools prevented discussion of homosexuality to avoid even the threat of prosecution by right wing homophobes ... sorry, concerned parents. Thankfully, that evil piece of legislation was repealed. I like to think that it was a dreadful lapse in British tolerance, now corrected.
SCO would have spun this anyway they want. If HP didn't offer indemnity for this vacuous case, then SCO claims HP is running scared of the court action and is letting its users hang in the wind.
If, on the other hand, indemnification is offered, then HP lends validity to SCO's claim.
In other words:
HP: We don't assign any validity to this case.
SCO: Aha! So you admit that there is a case. Hey everyone, HP says there is a case! Y'hear - HP says SCO will win its case!.
Sorry, but these guys are in spin overdrive; they can't even tell truth from lies any more.
--Ng
So what? The USA in its history has permitted the most egregious abuses of constitutional intent by selective reading and enforcement of constitutional scripture (thinking slavery, McCarthy, etc). Any rights conferring document is only as good as the level to which the state abides.
I have read the convention, and various acts which enshrine the provisions into law. The central point from the article was the implication that Europe's lack of an absolutely phrased First Amendment means that European governments and people are less "free" than their American counterparts.
European society is different from American society. Not inferior, just different. The relationship between the state and the people is of a different character to those in the USA (government is more active on behalf of the people than would be acceptable in the USA - you would probably say government interferes more with the people). What comes over as bureaucratic bullshit to you may come over as sensibly phrased compromise to us. Beware nations divided by a common language!
Hence my point. There is no One True Construction of Liberty. Liberty is a construction of rights and freedoms deriving inherently from the condition and history of a people as a whole. Therefore, a different history, with different pressures, and different results will produce a different construction. While comparison between similar states is valid and desirable, absolute ranking is rarely profitable. Does this make judgement impossible? Hell, no - it just makes it trickier. But diversity and complexity make the world interesting.
--Ng
Well said. Most of the EU member states have enshrined the European Convention on Human Rights into law. Article 10 of this convention sets out the right to free expression (although qualified in section 2 to include responsibilities).
Your well thought out expression gives me some confort that not all Americans subscribe to the foolishly jingoistic notion that the American construction of liberty is the only valid one.
As a European, I rarely feel myself groaning under the oppressive weight of our democracies, nor do I feel the oxygen of liberty suddenly fill my lungs during my many visits to the USA. It's perfectly possible (indeed admirable) to take pride in your country and culture without sneering at the achievements of others, whose efforts and results may reflect a history of which one is not aware.
--Ng
No - only actions which are in breach of the law.
And in particular, when in the history of this world, has "malicious code [been] deliberately released" as part of an OSS?
Well, OpenSSH was trojaned. But frankly, the frequency of the incidents is pretty much irrelevant. The point is one of principle - is it right for an employee of a company to place it in jeopardy without it having any method of lowering its exposure to liability?
The upside for the company is an increase of good will, which transates into sales.
You're preaching to the converted, reverend! The question isn't whether OSS makes good business sense or not - it does. The question is simply one of whether the company has any right to exercise control over the output of its employees when working on company time - and IMHO it does. I wish that people were honest and wouldn't commit actions which harm others, but our laws are designed for the people we have, not those we'd like to have.
--Ng
Vicarious liability, for one reason. Your employer (in most jurisdictions) is at least partly responsible for your actions whilst you are in their employ, and on their time. It hardly seems fair for them to be expected to assume liability without having the capacity to mitigate it, does it?
And all the disclaimers in the world won't help you if a case can be made for malicious code being deliberately released - your company would still be accountable.
--Ng
Clearly that is your right - but I would venture that you are losing (or at least lowering) one of the essential values of Open Source: the ability to lower support, development and maintenance costs by having them amortized amongst the various businesses that to whom you might consult.
Moreover, I have yet to see a reputation tarnished by having contributions accepted to high calibre projects in a peer-reviewed manner.
When you mention cross-contamination, do you mean that you fear that you might put a client's IP into software which you subsequently release? Surely your client would have the right to refuse publication rights for the code (since the IP wasn't yours to give away)? Speaking flippantly, is it that you figure Open Source stuff would get you found out more quickly than a release of closed source kit? :-)
--Ng
50% right. The main strategic nuclear missile for the UK is Trident. US manufactured, but based in Royal Navy nuclear submarine bases in Coulport and Faslane.
No, the problem is the Trident targetting system - it's satellite guided. Now, guess who owns the satellites? Yup, that's right...
So, the UK could launch the nukes, but that doesn't mean they would get there. Hell, given the Trident test results, I'm not even sure they'd hit if the sats worked perfectly. Probably end up blowing the shit out of Dublin or Reykyavik.
--Ng
I'm not contradicting you here - but I would point out that (as I found to my cost on K5), measuring GDP is hellishly difficult. The latest OECD snapshot (2002) gives the EU-15 a GDP of $8591.60 billion dollars, versus the USA's $10365 billion. Which backs up your point, right?
Well, maybe - but this is going purely by variable currency values (ie, strong dollar, weak euro). If we take the values fixed to 1995 dollar values and prices (so the trend gets measured), the USA stands at $9186 billion, versus the EU-15 at $10062 billion.
Now, since then, the dollar has dropped versus the euro, so God knows what the relative values are - or even if it matters that much. The productivity is higher in the USA, the productivity per hour worked is higher in Europe (read into that what you will!).
When the Eastern European nations join the EU, that provides a boatload of cheap ... err ... competitively priced labour (with higher birth rates, BTW).
All I'm really saying here is that the dynamic is changing, and historical point data is of limited value in discerning the directions of both the USA and Europe.
--Ng
Ouch!
Still, given the EU internal market, wouldn't you be allowed to visit the UK (which doesn't have the levy), buy a shitload of CD blanks and use them? Although, I suspect that unless you lived in Calais, Le Havre or Dieppe, it's probably not worth it.
--Ng
channel 4 is government owned isn't it? Though ran like a private company
Technically, this is true - in that C4 has no shareholders and holds a broadcast license from the government as long as a portion of its programming is public service.
However, it reports under the auspices of the ITC, receives no public funding, and must support itself via commercial operations only. So, other than the government's ability to revoke its license (which they could do to any operator), it's difficult to see this as "ownership" in any meaningful way. To me, that phrase means at least some measure of managerial/editorial/financial control (I suppose appointing governors to the Board is one - but it never worked very well for the BBC!).
The Tories keep on threatening to sell C4, but to use regulation to enforce public service broadcasting. Seems to me that it wouldn't make a lot of difference.
--Ng
I mean, the government gets whatever it wants, because it has all the power. It has all the power because it has all the guns, and that is especially true in the UK.
c oncessions citizen.
Not all the guns. The IRA still has a few, and the loyalist gangs have a load - oh, yes, and the Yardies tend to be well supplied, and the Tongs. But I guess you meant that the citizenry are not allowed to bear arms without a license, which is not routinely given.
However, I think that this is all but irrelevant in this case as (a) retention of ISP data records just isn't the sort of thing that popular revolutions are made of, and (b) as you say, most the of the people wouldn't even care (yes, sadly, the British population is just like the US population in this regard). You know the line "I've got nothing to hide, so why shouldn't they implant me with a v-chip?".
I guess the biggest difference between the UK and the US is that the media isn't privately owned to quite the same degree in the UK as it is in the US, right? But that media which isn't owned by private entities is owned by the government
The only publicly owned media corporation is the BBC, which is paid for by television license subscription. It's not really owned by the government in the sense that you mean (ie, the government can't tell it what to broadcast, or not - though God knows they've tried time and again). The problem for the government is that the BBC carries more weight with the people that the government of the day ever will - so they have to watch their step. It carries more weight, because it broadcasts the soaps and reality TV shows that keep Joe Couch-Potato happy and fat.
And the rest of our media are owned by sundry groups - right-wing (mostly), left-wing (rarely), and a big chunk of it by Rupert Murdoch, who's an Australian/American/Chinese/whatever-gets-him-TV-
Anyway, to attempt to answer the question - will HMG just make the retention mandatory - I don't know. They've backed down before when it came to crapping over civil liberties (and at other times, they've just shit all over them). My guess is that there are a hell of a lot of people using ISPs in the UK right now, and there just ain't enough votes to be got by ramming this down the ISPs throats. On the other hand, never underestimate the power of the securocrats - the ridiculous mess that is the RIP Act was their handiwork.
David Blunkett did go on record as saying that there were some things that a governing party must not do, even if it could steamroller any opposition (the Labour party has a huge majority in Parliament). So, who knows - maybe they'll just decide that without the co-operation of the ISPs, it ain't a fight worth having.
Watch out for the low-flying pigs though.
--Ng
if 100 or more years ago we had instant communications like we do now, we probably would not have been able to get away with it.. but we did.
You, the American people, are not responsible for the actions of people who died long before you were even born. So any American reading guilt for past sins into the article is misguided.
So do you really think that matters to the Democrats & Republicans that the we the american people elect to represent us and our global corporate interests?
But, as I read the article, the thrust seems to be that such a "USA first" policy is too short-sighted, and will lead to short term profit at the cost of long term growth.
Now, I think we can all guess where the sights of a 4 year elected official can be set. Nevertheless, government (ie, permanent, civil service, type government) needs to take the longer view. A world where all nations can trade fairly yields the prospect of real economic growth.
After all, who the hell in Afghanistan can afford chemical plants, or chip fabrication technology. But if they could, wouldn't the USA be first in line to benefit from this approach?
NB: Obligatory disclaimer about US bashing. The EU is just as bad about ensuring that Fortress Europe is always in a position to buy cheap raw materials from the subhumans insufficiently blessed to live in the cradle of democracy. (Heavy irony).
Can someone please explain why the desired level of security can't be obtained by only software?
Because the control mechanism in any von Neumann machine is in the same band as the stuff being controlled (ie, the OS - which enforces the security policy - operates in the same space - the CPU's available memory - as the programs which may, or may not, behave themselves).
Ultimately, the only way to have a secure audit trail for how a computer got to its current state is to have the verifier out of band from the verified. This is why you need the trusted component (the tamper proof verifier which can sign the logs of the host system). Assuming no-one can get to the trusted component private keys (even, or especially, the computer owner), another computer can trust the signature to be an accurate representation of the state of the original machine.
By the way, it's this in-band control mechanism which means that the Internet Protocols have an incredibly hard time defending themselves against DoS attacks - because the ICMP packets travel along the same route as the TCP/UDP packets. If you can interfere with the data stream, you can interfere with the control stream as well. The phone companies found this out ages ago, which is why whistling at 2600Hz doesn't work any more.
--Ng
Point taken about the packaging of Outlook - but I'd draw the line at saying people won't use OpenOffice because it doesn't have an Outlook clone.
The majority of people who use Office that I know of think of Word, Excel and PowerPoint. Occasionally they might think Access - but that's it. If you can offer that functionality to people it'll hit critical mass - PHB or not. And Microsoft will find that they have to offer Outlook unbundled. Fundamentally, even with monopoly skewed economics, asking $329 a pop for Office simply to get calendaring is way too much. So either M$ do it, or someone else will. And don't believe it's too hard to generate Outlook capability either - Hewlett-Packard's last OpenMail client had drop in Outlook/Exchange capability (if only it had been open sourced...sigh).
To summarise: if you play the game by Microsoft's rules, you're going to lose. They control the agenda, and can alter the rules as it suits them. OpenOffice fills a need, with a document protocol that's going to prove extremely difficult to change now - too many docs in the old formats. If it satisfies 80% of users (PHBs excluded), then its a strange (and very rich) company that insists on donating > $50000 per annum to Redmond for a calendaring client.
--Ng
Today we have Open/StarOffice but unfortunately it doesn't contain all functionality of the MS product. I'm not talking about minor stuff like missing word count, that probably could be fixed by a macro, but things like a missing Outlook replacement.
Hang on! Outlook? Outlook is a groupware/collaboration program. What does an office suite (ie, document preparation) have to do with email and calendaring?
Note: I'm not saying that application frameworks shouldn't communicate with one another, via clear object oriented protocols - just that the idea of "the office suite is the OS" is a little scary to me.
It seems to me that Evolution is closer to what you want for an Outlook replacement (although the shared calendaring has a ways to go). And OpenOffice can tie into Evolution and vice versa in multiple ways.
But I don't really consider Outlook an integral part of an office suite. (I might consider it an integral part of any enterprise collaboration software, though. If only we can airbrush out of history that god awful MS-TNEF and MAPI legacy crudware).
--Ng
Sorry, but taking dental advice from the Brits is like taking security advice from Microsoft.
Actually, I think it's because British teeth are legendarily bad that they've ended up researching so much into dentistry.
I mean, why would you research new dental techniques if everyone has a grin like Tom Cruise? But when they've got Austin Powers incisors, then there's clearly a need for serious research.
--Ng
Under English common law (as Australia's system is based on)
Just to be nit-picky, I think Australian law is more akin to Scots law, which is not the same as English. When my mother studied (Scots) law at University, many of the test cases they used were Australian test cases, because the frameworks were so similar.
--Ng
Who wants to get together and build a worm that does nothing but fix known security problems?
The problem with this approach is that you'd run afoul of every computer misuse act on the planet. Which means an awful lot of rich governments with the power to prosecute. It would take just one bug in the worm to bring the wrath of God up anyone involved with the project.
On a related note, this was exactly the approach that some IT organisations (at least one multinational) took to fix the Nimda and Code Red problems internally. The difference was that the IT orgs have the right to crap over their companies computers - and J. Random Hacker doesn't.
--Ng
Get a life, protest groups. Nuclear waste is nasty stuff, and it'll be around for thousands of years. We can either trust thousands of people in thousands of places to keep it under lock and key, or we can pile all of it under one mountain and know FOR SURE that it'll be safe forever.
Forever? That's a hell of a long time to project our current engineering skills into - this stuff will still be dangerous long after all our civilizations have crumbled to dust and are forgotten - along with our writings, and maybe much of our science. Would you say that the engineering decisions made thousands of years ago would stand up to modern examination?
The pyramids were supposed to protect the bodies of the pharaohs forever. They were cracked by the greedy within a few years. The castle of Krak des Chevaliers was built with the best science that the mediaeval world could produce - totally self sustaining - it was designed to be impregnable. Oops. The fortress of Masada was much the same.
Don't get me wrong - we (meaning all nations with civil nuclear power programs) produced the waste - we can't unproduce it, so all we can do is store it as securely as modern technology allows. But we need to keep the whole system under constant review to see if we cannot dispose of the threat safely when newer knowledge comes to the fore.
And we really shouldn't continue to build new power stations until we've figured out a proper solution to the waste problem. It's looking more and more like the civil nuclear power programmes were little more than relief for governments with high tech frustrations. On the economic basis, they don't seem to have been successful at all (The UK tried to privatize the nuclear power stations - nobody wanted to buy them, even with the government offering "sweeteners" to take the poisonous hulks).
--Ng