We are talking about the Trusted Computing Initiative. For someone who claims to be knowlegeable about Microsoft products you are woefully ill-informed. But then this underscores what many have been saying about the "quality" of Microsoft administrators. To be fair, the email I received from Bill Gates announcing the initiative is dated 19 July 2002, which makes it 15 months tomorrow.
The versions of exchange that are 'vulnerable' are 5.5 and 2000.
They're vulnerable mostly because of a virus that hit in 1999 that affected admins who didn't know what they were doing in the first place, probably because they stole their copy of windows.
You're going to hold MS responsible for the acts of people who have no business administering a server, 3 years after the product was FIXED?
The product was not fixed, the bugs remain. Code Red was not in 1999 it was much later. Also, Exchange 2003 is the only version of Exchange after 2000 and is pretty darn new. The article does not say that Exchange 2003 is not vulnerable to this attack, it only says that the problem is confirmed in versions 5 and 2000.
OK, I eventually got that for most people, it was probably turned on by a Code Red infection.
I'm still curious about what potential purpose such an account would serve though? Is it necessary for internal housekeeping or something?
"which you would know if you had bothered to read more than the one comment you were replying to"
What, you mean that as well as R'ing the F'ing A, I'm also obliged to R *all* the F'ing C's as well?
You are joking, right?
Nope, to earn the right to post on Slashdot, you must read every comment, the whole article and all the links. Then you should read the man pages for every *NIX, the whole of Microsoft Technet, and all of the RFC's. That done, you may return to post. What you say?! Discussion archived? Oh well, reading all that will be much better than Slashdot, and you'll probably outgrow posting here by then, too.:)
Nope....try to refrain from commenting when you really have nothing of value to add. The Windows Guest account is equivlent to the anonymous login in most other system. These do not require a valid password, and generally anything or nothing can be entered. If there was a password that could fail then it would no longer be a Guest/Anonymous account now would it?! Don't take it personally though, I was just in a flaming mood, and your post smelled like gasoline...haha!
I'm sorry, but YOU FAIL IT. Go back to MCSE school. Anonymous accounts in any system, including Windows, can and certainly often do have passwords. They are still anonymous in the sense that it is a shared account, but access can be controlled so that only ceratin people can use it.
Further, this guest account can be restricted so that they don't get to do just whatever they like (after all it is a guest account). But this flaw seems to circumvent all that.
Then configure exchange not to allow the guest account to send email. Yes, you can set exchange to disallow sending email on a user by user level.
Real exchange admins already know all this. The people being hit by this "vulnerability" are the same morons who got hit by Code Red. That should tell you something.
Hey Mr Insightful Exchange Admin, maybe you could read posts you reply to? The poster said they wanted to let the guest account send mail and your response is to make the guest account unable to send mail? Is this one of those "chewbacca is a wookie" "These aren't the flaws you're looking for [waves hand]" kind of Microsoft-fan arguments?
The article even explains why some people were using the guest account feature, which is not working correctly in this case. So, yes, it is a flaw in Microsoft's software and Microsoft once again blames the user. "Where do you want to go today?.. Oh? you want to go there? well, i don't understand why you would want to actually use that function so I am going to pretend you are incredibly stupid and mock you publicly instead of fixing it."
I've asked multiple times if they have plans for any upgrade -- I've sent links to alternatives, asked if Exchange 2000 was planned -- and get no response from corporate except "only the Outlook desktop client is supported". (Exchange 2000 is supported by Ximian's plugin, though Exchange 5.x is not.)
Exchange 2000 is vulnerable to this exploit as well, though. Besides, if you're going to upgrade, especially so infrequently as every 6-8years, you may as well use the latest software each time. Does Ximian's plugin work with Exchange 2003?
Please read the article. This is not a flaw in exchange, but a flaw in the server configuration. The feature is generally disabled but might have been enabled if the server in question had been infected with a virus.
To put it bluntly: Administrators who do not secure servers after a virus infection are not the victims of a Microsoft security hole, but the cause of this particular problem.
Quote: "The guest account is a way for administrators to let visitors use a mail server anonymously, but because of security issues, the feature is generally not enabled. Exchange servers that had been infected by the Code Red worm and subsequently cleaned will still have the guest account enabled, Greenspan said. "
The article implies that you cannot disable this feature of Exchange. Also, there is still a problem there because the guest account is letting people send mail even when they fail to login to it properly. That is not "a flaw in the protocol" or a misconfiguration. That is typical Microsoft BS.
There are legitemate reasons for administrators to let people use a guest account, as outlined in the article. But it can be password protected and set with quotas and logging to prevent abuse. However, because of Microsoft's sloppy design there is an ability for a spammer to send spam without such restrictions applying.
Well, since it seems you're smarter than MS's marketing department, can you clue us in on what.Net IS about? Even the salesment don't really seem to have a coherent answer...
Unfortunately, no one can be told what.Net is; you have to experience it for yourself. I hold here in my left hand a red pill and in my right hand a blue pill...
> Announced today on Wired News - A lawsuit by a garage door manufacturer that tried to use the DMCA to stop another company from making replacement universal remote controls was dismissed
Umm, just a point, here... that was not announced today... That was announced like... 3 months ago? Maybe 2?
Major Book Publishers use DMCA to quash blurbs and book reviews!
This law is getting just a shade ridiculous.
Well, rather, its misapplications. Remember that the DMCA is only meant to protect copyrighted material. Facts, such as the price of items, are no more copyrightable than the innards of your garage, though it seems some lawyer-monkeys are trying to claim they are protected by the DMCA.
I think it would be important that a consumer can watch a DVD on a competing OS...
More importantly, the *AA would prefer that as you drive your car in which it is illegal to change the speed, with the kids in the back unable to legally play DVDs on their player and you in the front unable to legally play CDs on yours, when you arrive at the end of your journey it will be illegal to open your garage door!
Yahoo Games has a good java Go multiplayer area. It is divided into sections by level of expertise. I get beaten quite regularly there by people who appear to be Asian and play very fast.
What have you guys got against rats F.C.O.L.? Rats are lovely creatures. They are intelligent, adaptable, and they take care of their own. Stop maligning them.
I bet they are crunchy and taste good with ketchup as well.
More often than not, the problem is due to poor HTML. IE typically renders "what they meant" while Gecko renders "what they coded." Check out The Burning Edge to see all the bugs and fixes in the nightly builds of Firebird. Check out the FB Bugs forum at Mozillazine and see how many of the "This site doesn't work right!" posts are due to coding errors rather than bugs in the rendering engine. Thanks to IE, people have gotten used to non-standard HTML and poor coding. If you write some really bad HTML that IE happens to render properly (the way you want it to look), and Mozilla renders it exactly the way you wrote it (errors and all), the problem is still your code, not Mozilla's rendering engine. Oddly enough, if you write correct, standard code it will work on any browser (disregarding bugs in the browser, which aren't your problem).
You know, I agree with you. Microsoft encourages sloppy coding in every area. This is the secret to their success. It is a scourge on the IT world and we should whip those developers into shape, with whips if necessary.
But, honestly,at the end of the day, will that MCSP/MCSE on the other end of webmaster@stupidbank.com really give a shit that his site using ASP.Net on IIS with FrontPage Extensions does not work in Mozilla because of shoddy code when it works fine and dandy in the browser 99.9999% of the world uses? No, s/he already proved s/he does not care by writing the crappy code in the first place.
Besides, in the world of code and standards "compliant" and "crappy" are in the eye of the beholder. If there is a html spec which a site violates but which IE is able to show properly and Mozilla is not, some might say that the Mozilla people are wrong about what the specification says. This is, in fact, often Microsoft's argument. They claim their reading of a standards document whereas the OSS community tends toward another. But is this wise?
I mean if the goal is adoption of the browser, why deliberately choose a path that means you know it won't work with the data people are actually using everyday? At minimum why not allow a broken implementation that emulates IE in certain respects? It's not like this is the first time this has happened. Lots of standard UNIX tools have historically had multiple defined behaviours including those which were considered broken by maintainers. ( I_WANT_A_BROKEN_PS anyone?)
Also OSS is not perfect in the area of standards and good coding practices, though this is a worthy goal to which most such projects aspire. It is just as prone to the "well it compiles and runs" school of coding and unclear standards documents as anything else. So it is really hard to claim the moral high ground here IMHO.
It is not within his rights to say what directory you have to install it in... That's like conceding it is within RIAA's rights to say what color shirt I have to be wearing in order to listen to one of their "songs". Or within Microsoft's rights to restrict what kind of content I'm allowed to publish with Front Page.
Why not? Plenty of closed-source implementations of software only install in one location with no choice. DJB's restriction is on people who distribute his product. Their package, to be approved, must install his product in a certain way. Controlling distribution is his right under copyright law.
"debian includes non-free in the default distro does it not?"
No.. Debian asks if you want apt to pull in software from the non-free archive. The funny thing is that non-free in Debian is filled with things that most other distros call free software. Qmail, malestrom, mpg123, povray, etc. RMS made the mistake before of assuming GNU/LinEx was applying the same standards of freeness as Debian and had eliminated the non-free section. In reality they moved some non-free software into the main archive.
qmail is certainly not free software and I am pretty sure it's not included in the FSF's list of things which are. In fact, it was recently removed from OpenBSD for this reason. Qmail does not come with a license to alter or distribute. You have to ask djb for permission each time. He also dictates exactly how the software will be installed, which includes the requirement of putting it into odd filesystems.
All of this is perfectly within djb's rights, and qmail is an awesome package, but his installation and use restrictions as well as distribution and modification restrictions mean that it is certainly not Free Software.
Red Hat Professional Workstation is about $100 or less from retailers and includes a year of support. What happens after that year is up has not been announced.
Red Hat Enterprise Workstation starts at $179 per year, with support. If you subscribed to Red Hat Network, you can get two years at half price.
Red Hat Enterprise Server starts at $349 per year, with more support. The same half-price deal applies.
Red Hat Enterprise Advanced Server still starts at $1500.
Yep, that sounds like thousands of dollars to me.
Slashdot reported that every product you listed with the exception of the last one are no longer going to be available from Redhat. So now either you go with the Debian variant Fedora which is free and unstable or take the hit for Advanced Server. Perhaps I misspoke on the price, but IIRC the license includes some Microsoft-style gotchas that mean you really end up paying several times the stated price.
Remember that with the original RHL you did not have to pay for each server, but with Advanced Server you do. That's the start, but after that I honestly lost interest in reading anymore about a license like that. People claimed that those who said Redhat was the Microsoft of the Linux world were crying wolf, but obviously they (and I am included in this number) were wrong.
Did you pay for RedHat and/or RHN previously? Also, are you terribly against the idea of getting Fedora for free, or are you concerned about stability given their new focus? Not trying to troll, just wondering why you're giving up on Fedora if you like the former RedHat line.
Because Fedora != Redhat. Besides isn't it supposed to be like Debian?
Did you pay for your RedHat or did you just download the ISO images for free like the rest of the freeloaders aka "free software advocates"?
Giving away stuff is NOT a way to do business. RedHat realized that. How long will it take from the other guys?
Redhat used to sell its OS with support at price points of roughly $50, $100, $200, $1500, $2000. They have decided they will only sell the Enterprise Server version for thousands of dollars. Not a solution for small shops or desktops, therefore yes they have rejected the business of people who were previously giving them money.
Actually they're not D, they're usually... oh shit, I've said too much.
Actually, all sizes of batteries are used in this space. Well, maybe not 12 volt or car batteries... though maybe I just haven't seen those yet. But I have seen AA, C, D, and 9volt batteries employed for vibrators.
How about we just assume everyone is NOT a lawyer unless they explicitly state otherwise.
IANAL and IAAL are both superfluous... there aren't enough lawyers on slashdot to warrant an acronym one way or the other.
IANAL, but as I understand it the problem here is that when one starts to speak about legal matters, it could be construed by an evil ambulance chasing weasel (aka a lawyer) to be legal advice and you open yourself to a whole world of legal trouble by doing so. Firstly, if you are not a lawyer, you are practicing law without a license. Secondly, whether you are a lawyer or not you are liable for legal advice you give if it is believed to be such, it is followed, and this causes grievoud harm to the fool who listened to you. In other words, they can sue your pants off, hot grits or no.
All lawyers are smart enough to include the disclaimer that they are not giving legal advice in such areas if they do speak, or to keep silent, thus the almost complete dearth of people actually claiming to be lawyers on slashdot. Even if you are, it is not a smart thing to do. I mean you're basically acting pro-bono with infinite liability, and slashdotters don't like Bono or lawyers.
So in summation, IANAL, but I think it is wise to make it so blindingly obvious that even the most foolish judge will understand I am not giving legal advice, because I am not, and you would be foolish to follow my legal advice anyway, or to neglect to remind people IANAL if YANAL.:P
For a lot of people, going to court means (at the minimum) lost wages. If you're compelled to be there as a witness (or juror) you have no recourse to recover that money.
Jurors and expert witnesses are paid to be in court. By law you must be compensated in full for lost wages if you serve on a jury. In some cases, you may get paid more to show up as a juror than you would to show up at work. Likewise being an expert witness is in itself so lucrative that for some it is their only job.
Slashdot Mirror
24 months?
We are talking about the Trusted Computing Initiative. For someone who claims to be knowlegeable about Microsoft products you are woefully ill-informed. But then this underscores what many have been saying about the "quality" of Microsoft administrators. To be fair, the email I received from Bill Gates announcing the initiative is dated 19 July 2002, which makes it 15 months tomorrow.
The versions of exchange that are 'vulnerable' are 5.5 and 2000.
They're vulnerable mostly because of a virus that hit in 1999 that affected admins who didn't know what they were doing in the first place, probably because they stole their copy of windows.
You're going to hold MS responsible for the acts of people who have no business administering a server, 3 years after the product was FIXED?
The product was not fixed, the bugs remain. Code Red was not in 1999 it was much later. Also, Exchange 2003 is the only version of Exchange after 2000 and is pretty darn new. The article does not say that Exchange 2003 is not vulnerable to this attack, it only says that the problem is confirmed in versions 5 and 2000.
"No, it's turned off by default"
OK, I eventually got that for most people, it was probably turned on by a Code Red infection.
I'm still curious about what potential purpose such an account would serve though? Is it necessary for internal housekeeping or something?
"which you would know if you had bothered to read more than the one comment you were replying to"
What, you mean that as well as R'ing the F'ing A, I'm also obliged to R *all* the F'ing C's as well?
You are joking, right?
Nope, to earn the right to post on Slashdot, you must read every comment, the whole article and all the links. Then you should read the man pages for every *NIX, the whole of Microsoft Technet, and all of the RFC's. That done, you may return to post. What you say?! Discussion archived? Oh well, reading all that will be much better than Slashdot, and you'll probably outgrow posting here by then, too. :)
Nope....try to refrain from commenting when you really have nothing of value to add. The Windows Guest account is equivlent to the anonymous login in most other system. These do not require a valid password, and generally anything or nothing can be entered. If there was a password that could fail then it would no longer be a Guest/Anonymous account now would it?! Don't take it personally though, I was just in a flaming mood, and your post smelled like gasoline...haha!
I'm sorry, but YOU FAIL IT. Go back to MCSE school. Anonymous accounts in any system, including Windows, can and certainly often do have passwords. They are still anonymous in the sense that it is a shared account, but access can be controlled so that only ceratin people can use it.
Further, this guest account can be restricted so that they don't get to do just whatever they like (after all it is a guest account). But this flaw seems to circumvent all that.
Then configure exchange not to allow the guest account to send email. Yes, you can set exchange to disallow sending email on a user by user level.
Real exchange admins already know all this. The people being hit by this "vulnerability" are the same morons who got hit by Code Red. That should tell you something.
Hey Mr Insightful Exchange Admin, maybe you could read posts you reply to? The poster said they wanted to let the guest account send mail and your response is to make the guest account unable to send mail? Is this one of those "chewbacca is a wookie" "These aren't the flaws you're looking for [waves hand]" kind of Microsoft-fan arguments?
The article even explains why some people were using the guest account feature, which is not working correctly in this case. So, yes, it is a flaw in Microsoft's software and Microsoft once again blames the user. "Where do you want to go today? .. Oh? you want to go there? well, i don't understand why you would want to actually use that function so I am going to pretend you are incredibly stupid and mock you publicly instead of fixing it."
I've asked multiple times if they have plans for any upgrade -- I've sent links to alternatives, asked if Exchange 2000 was planned -- and get no response from corporate except "only the Outlook desktop client is supported". (Exchange 2000 is supported by Ximian's plugin, though Exchange 5.x is not.)
Exchange 2000 is vulnerable to this exploit as well, though. Besides, if you're going to upgrade, especially so infrequently as every 6-8years, you may as well use the latest software each time. Does Ximian's plugin work with Exchange 2003?
Please read the article. This is not a flaw in exchange, but a flaw in the server configuration. The feature is generally disabled but might have been enabled if the server in question had been infected with a virus.
To put it bluntly: Administrators who do not secure servers after a virus infection are not the victims of a Microsoft security hole, but the cause of this particular problem.
Quote: "The guest account is a way for administrators to let visitors use a mail server anonymously, but because of security issues, the feature is generally not enabled. Exchange servers that had been infected by the Code Red worm and subsequently cleaned will still have the guest account enabled, Greenspan said. "
The article implies that you cannot disable this feature of Exchange. Also, there is still a problem there because the guest account is letting people send mail even when they fail to login to it properly. That is not "a flaw in the protocol" or a misconfiguration. That is typical Microsoft BS.
There are legitemate reasons for administrators to let people use a guest account, as outlined in the article. But it can be password protected and set with quotas and logging to prevent abuse. However, because of Microsoft's sloppy design there is an ability for a spammer to send spam without such restrictions applying.
".NET isn't about widgets."
Well, since it seems you're smarter than MS's marketing department, can you clue us in on what .Net IS about? Even the salesment don't really seem to have a coherent answer...
Unfortunately, no one can be told what .Net is; you have to experience it for yourself. I hold here in my left hand a red pill and in my right hand a blue pill...
Grammer Fascist: It is not "gaul" it is "gall".
Maybe Gaul is a pun here... or a freudian slip. Being a Gaul would be far more anachronistic than bugy whip manufacture, though. ;)
> Announced today on Wired News - A lawsuit by a garage door manufacturer that tried to use the DMCA to stop another company from making replacement universal remote controls was dismissed
Umm, just a point, here... that was not announced today... That was announced like... 3 months ago? Maybe 2?
But it was only announced on Slashdot today.
Major Book Publishers use DMCA to quash blurbs and book reviews!
This law is getting just a shade ridiculous.
Well, rather, its misapplications. Remember that the DMCA is only meant to protect copyrighted material. Facts, such as the price of items, are no more copyrightable than the innards of your garage, though it seems some lawyer-monkeys are trying to claim they are protected by the DMCA.
I think it would be important that a consumer can watch a DVD on a competing OS...
More importantly, the *AA would prefer that as you drive your car in which it is illegal to change the speed, with the kids in the back unable to legally play DVDs on their player and you in the front unable to legally play CDs on yours, when you arrive at the end of your journey it will be illegal to open your garage door!
Yahoo Games has a good java Go multiplayer area. It is divided into sections by level of expertise. I get beaten quite regularly there by people who appear to be Asian and play very fast.
What have you guys got against rats F.C.O.L.? Rats are lovely creatures. They are intelligent, adaptable, and they take care of their own. Stop maligning them.
I bet they are crunchy and taste good with ketchup as well.
To be fair, you don't need much of an advertising budget to put ads on websites you already own.
No but it does reduce potential ad revenue from other customers...
More often than not, the problem is due to poor HTML. IE typically renders "what they meant" while Gecko renders "what they coded." Check out The Burning Edge to see all the bugs and fixes in the nightly builds of Firebird. Check out the FB Bugs forum at Mozillazine and see how many of the "This site doesn't work right!" posts are due to coding errors rather than bugs in the rendering engine. Thanks to IE, people have gotten used to non-standard HTML and poor coding. If you write some really bad HTML that IE happens to render properly (the way you want it to look), and Mozilla renders it exactly the way you wrote it (errors and all), the problem is still your code, not Mozilla's rendering engine. Oddly enough, if you write correct, standard code it will work on any browser (disregarding bugs in the browser, which aren't your problem).
You know, I agree with you. Microsoft encourages sloppy coding in every area. This is the secret to their success. It is a scourge on the IT world and we should whip those developers into shape, with whips if necessary.
But, honestly,at the end of the day, will that MCSP/MCSE on the other end of webmaster@stupidbank.com really give a shit that his site using ASP.Net on IIS with FrontPage Extensions does not work in Mozilla because of shoddy code when it works fine and dandy in the browser 99.9999% of the world uses? No, s/he already proved s/he does not care by writing the crappy code in the first place.
Besides, in the world of code and standards "compliant" and "crappy" are in the eye of the beholder. If there is a html spec which a site violates but which IE is able to show properly and Mozilla is not, some might say that the Mozilla people are wrong about what the specification says. This is, in fact, often Microsoft's argument. They claim their reading of a standards document whereas the OSS community tends toward another. But is this wise?
I mean if the goal is adoption of the browser, why deliberately choose a path that means you know it won't work with the data people are actually using everyday? At minimum why not allow a broken implementation that emulates IE in certain respects? It's not like this is the first time this has happened. Lots of standard UNIX tools have historically had multiple defined behaviours including those which were considered broken by maintainers. ( I_WANT_A_BROKEN_PS anyone?)
Also OSS is not perfect in the area of standards and good coding practices, though this is a worthy goal to which most such projects aspire. It is just as prone to the "well it compiles and runs" school of coding and unclear standards documents as anything else. So it is really hard to claim the moral high ground here IMHO.
It is not within his rights to say what directory you have to install it in... That's like conceding it is within RIAA's rights to say what color shirt I have to be wearing in order to listen to one of their "songs". Or within Microsoft's rights to restrict what kind of content I'm allowed to publish with Front Page.
Why not? Plenty of closed-source implementations of software only install in one location with no choice. DJB's restriction is on people who distribute his product. Their package, to be approved, must install his product in a certain way. Controlling distribution is his right under copyright law.
"debian includes non-free in the default distro does it not?"
No.. Debian asks if you want apt to pull in software from the non-free archive. The funny thing is that non-free in Debian is filled with things that most other distros call free software. Qmail, malestrom, mpg123, povray, etc. RMS made the mistake before of assuming GNU/LinEx was applying the same standards of freeness as Debian and had eliminated the non-free section. In reality they moved some non-free software into the main archive.
qmail is certainly not free software and I am pretty sure it's not included in the FSF's list of things which are. In fact, it was recently removed from OpenBSD for this reason. Qmail does not come with a license to alter or distribute. You have to ask djb for permission each time. He also dictates exactly how the software will be installed, which includes the requirement of putting it into odd filesystems.
All of this is perfectly within djb's rights, and qmail is an awesome package, but his installation and use restrictions as well as distribution and modification restrictions mean that it is certainly not Free Software.
Where do you get this stuff?
Red Hat Professional Workstation is about $100 or less from retailers and includes a year of support. What happens after that year is up has not been announced.
Red Hat Enterprise Workstation starts at $179 per year, with support. If you subscribed to Red Hat Network, you can get two years at half price.
Red Hat Enterprise Server starts at $349 per year, with more support. The same half-price deal applies.
Red Hat Enterprise Advanced Server still starts at $1500.
Yep, that sounds like thousands of dollars to me.
Slashdot reported that every product you listed with the exception of the last one are no longer going to be available from Redhat. So now either you go with the Debian variant Fedora which is free and unstable or take the hit for Advanced Server. Perhaps I misspoke on the price, but IIRC the license includes some Microsoft-style gotchas that mean you really end up paying several times the stated price.
Remember that with the original RHL you did not have to pay for each server, but with Advanced Server you do. That's the start, but after that I honestly lost interest in reading anymore about a license like that. People claimed that those who said Redhat was the Microsoft of the Linux world were crying wolf, but obviously they (and I am included in this number) were wrong.
And of course the reverse was asserted in Ambrose Bierce's _The_Devil's_Dictionary_
debian includes non-free in the default distro does it not?
Did you pay for RedHat and/or RHN previously? Also, are you terribly against the idea of getting Fedora for free, or are you concerned about stability given their new focus? Not trying to troll, just wondering why you're giving up on Fedora if you like the former RedHat line.
Because Fedora != Redhat. Besides isn't it supposed to be like Debian?
What business?
Did you pay for your RedHat or did you just download the ISO images for free like the rest of the freeloaders aka "free software advocates"?
Giving away stuff is NOT a way to do business. RedHat realized that. How long will it take from the other guys?
Redhat used to sell its OS with support at price points of roughly $50, $100, $200, $1500, $2000. They have decided they will only sell the Enterprise Server version for thousands of dollars. Not a solution for small shops or desktops, therefore yes they have rejected the business of people who were previously giving them money.
Actually they're not D, they're usually... oh shit, I've said too much.
Actually, all sizes of batteries are used in this space. Well, maybe not 12 volt or car batteries... though maybe I just haven't seen those yet. But I have seen AA, C, D, and 9volt batteries employed for vibrators.
How about we just assume everyone is NOT a lawyer unless they explicitly state otherwise.
IANAL and IAAL are both superfluous... there aren't enough lawyers on slashdot to warrant an acronym one way or the other.
IANAL, but as I understand it the problem here is that when one starts to speak about legal matters, it could be construed by an evil ambulance chasing weasel (aka a lawyer) to be legal advice and you open yourself to a whole world of legal trouble by doing so. Firstly, if you are not a lawyer, you are practicing law without a license. Secondly, whether you are a lawyer or not you are liable for legal advice you give if it is believed to be such, it is followed, and this causes grievoud harm to the fool who listened to you. In other words, they can sue your pants off, hot grits or no.
All lawyers are smart enough to include the disclaimer that they are not giving legal advice in such areas if they do speak, or to keep silent, thus the almost complete dearth of people actually claiming to be lawyers on slashdot. Even if you are, it is not a smart thing to do. I mean you're basically acting pro-bono with infinite liability, and slashdotters don't like Bono or lawyers.
So in summation, IANAL, but I think it is wise to make it so blindingly obvious that even the most foolish judge will understand I am not giving legal advice, because I am not, and you would be foolish to follow my legal advice anyway, or to neglect to remind people IANAL if YANAL. :P
For a lot of people, going to court means (at the minimum) lost wages. If you're compelled to be there as a witness (or juror) you have no recourse to recover that money.
Jurors and expert witnesses are paid to be in court. By law you must be compensated in full for lost wages if you serve on a jury. In some cases, you may get paid more to show up as a juror than you would to show up at work. Likewise being an expert witness is in itself so lucrative that for some it is their only job.
Nevertheless, neither case applies here. IANAL.