Maybe if all those Californians would stand up against the War on (Some) Drugs...
I guess you've missed the whole "legalize marijuana" movement that's sweeping the nation, all-but-legalized by California some years ago with a doctor's note? In a few months, we're going to be voting on the idea of legalizing pot.
California has been giving the US Gubbmint the finger for too many years to count. California is the ONLY state with its own EPA. Every car sold in the US has two sub-models: the US model and the CA model. The CA model has enhanced pollution controls on it. When GW Bush killed all federal funding for stem cell research, California stood up and funded the same amount as the US Government had been. California is a "home rule" state - one of the states mentioned in another comment thread that's passed a resolution of independence from the US.
We have our problems to be sure, but overall, I'm proud to be a Californian!
Yes, it's true - large organizations thwart innovation. And when you think about it socially, it's a good survival mechanism.
Young guy does something successful. It works, and he ends up leader of the clan. Because it worked, it's a good idea to keep doing it. So a bit of arrogance on the part of the successful person is often warranted, even if it's not popular. Unfortunately, times have changed enough that change itself is much more highly prized than 30,000 years ago, but the evolved mechanisms are still present. It takes a very, very long time to evolve anything significant, but it takes just years to change behavior thanks to a new idea!
Sad that Microsoft has lost its innovative edge. So far, Google's kept it, and HP lost it long ago.
Ogg/Theora is here today, it's competitive with H.264, and isn't encumbered like H.264. The extension of "free" is just MPG group trying to submarine it into widespread use before they come in with terms. I swear, sometimes, we all live with the battered wife "Stockholm" syndrome. We've seen this before, and we're about to get it again.
Interesting - you didn't submit the document back to OOo did you? Because if you did, that might actually be useful!
In my experience, I've been using OOo for years. It's damned nice software, and works well for me on Windows, Mac, and Linux with minimal issues. It's true, documents saved in either MSWord or OOo will look a little different in the other. Fonts will be different, spacing a little different, etc.
But I've successfully edited/saved documents back and forth with a Word user, highlighting text, bullet points, and the whole works with very little problem while negotiating contracts. I question the trouble that you mention. I've never had OOo fail to open a document created therein, but have a number of times "recovered" documents that Word couldn't open but OOo could!
Too many companies are still shipping products that have no intended user access to the command shell with passwords like "Admin", "12345", and the ever-popular "password". It's not like it costs more to have a longer, more complex password.
You think longer, complex setup doesn't cost the company money? I gather that you haven't considered support costs?
The best solution I've seen so far is to have a strong password printed on a sticker on the outside of the box. That's a pretty good compromise because if the attacker has physical access to the box, he/she could hit the "Reset" button on the device anyway. Thus, putting the password on the bottom of the device on a sticker really isn't any less secure than other solutions, and this can be done fairly cheaply.
But it still costs - each router has to be given its own unique password, and a process has to be set up to match up the passwords given with the stickers, and there are still more support costs from the clueless dolts who have to be told to look on the bottom of the device for the default password.
If you assume any intelligence on the part of the end user, your support costs will quickly challenge that assumption!
Radio waves spread in accordance with the inverse square law. For every doubling in distance traveled, they become 1/4 as strong. It may well be that the *practical* limit for detecting our own tv/radio signals is somewhere near Alpha Centauri, but that's a limit imposed by our own equipment. The signal propogates forever, or at least until it's stopped by another planet/star/comet/dust/whatever. And space is mighty vast and mighty empty.
I'm a pilot. It's routine to be maneuvering in 3 dimensions while avoiding 5 or more other targets in close airspace while traveling well in advance of 100 MPH while engaging in a conversation with those 5 other targets, and while managing airspeed, pitch, engine power, trim, and yaw, in adverse wind conditions.
In these cases, I'm steering the yoke and controlling broadcast with one hand, the engine power, altimeter, trim, and radios with the other, while cross-controlling the plane with my feet. You thinking talking on the *phone* while steering an automatic is mentally challenging? Yet, somehow, flying a small, private plane like mine is roughly as safe as driving a car!
I'm not surprised that banning texting while driving hasn't reduced the death toll, because I'm aware of evidence indicating that the spread of cell phones have not increased the death toll. What baffles me is how many laws we all have to obey are passed based on such insubstantial information. I mean, who actually thought that banning cell calls and texting while driving would actually reduce the death toll, when there hasn't been an associated increase in the death toll with their use?
with the current job market people would be moving twice a year to keep up. Might as well just get an RV and live your new employer's parking lot until they go bankrupt and you have to change jobs again.
and, with a used RV parked in front, any business is likely to suffer....
It's very easy to write a parser for text, and weight words by the common-ness of usage. Just download any of the widely available freebie e-books written by a Star Trek fan writer, and weight all the words therein by the number of times used.
With that simple hash table, you can combine the numbers together and then generate random numbers within the total range, and kick out the associated words! Statistically indecipherable from real text (because that was the source!) and you kill heuristic anti-spam filters to the curb for good.
It's a simple algorithm - I could write a simple script in PHP that would do this and crank out hundreds of thousands of unblockable messages per hour on a 5 year old Celeron. And the war will *never* end. Even if you can filter improbable word associations, or any other factor or set of factors, those factors can then be figured into the random word generator.
It's an endless game of cat and mouse and it will never end, so long as we're using heuristics to try to figure out what spam is and isn't.
But if we *are* using heuristics to try to read spam, that's probably the single biggest funding driver behind AI research that there is! In essence, we have an intelligent-design genetic algorithm at work trying to come up with the best algorithm for defeating our own intelligence!
What better way is there to fund the development of our eventual intellectual replacements?
Space flight is extremely expensive. If it turned out the moon were solid gold, and we could go there and bring it back a ton at a time, it still wouldn't be cost-effectice to go get it. It really does cost that much to go into space.
Sure, it's that expensive right now. Photovoltaics were silly expensive just 25 years ago, but now they are viable in many areas. My $250 phone is way more powerful than the 80286 my daddy spent $4,500 on back in the 1980s. My point is that technology advances!
If we were to make a space elevator out of carbon nanotubes, configured to be a semi-superconductor, (possible with the 5,5 aka "armchair" layout) we could have magnetically levitated elevators that shoot into the sky at supersonic speeds powered by bursts of electricity, a magnetic coil, and the associated Lorentz force, with no moving parts at all, powered by solar energy! To see how this might work, take a bar magnet and drop it down a metal pipe - any kind is fine. You'll see the magnet drop down the length of the pipe VERY SLOWLY as the electricity generated by the bar magnet pushes the electrons down to the end of the bar. If you could cram enough electrons into the bottom end of the pipe, you'd see the magnet shoot out the top!
This type of technology could dramatically reduce the cost of space travel, although the capital expenses would be pretty significant at first. Me, I imagine there being TWO space elevators touching the ground a few hundred (or even a thousand) miles apart, one for going up, and the other for going down. In this way, we could offset much of the energy for the "going up" elevator by the energy released by the other elevator(s) coming down.
Could we do this? Yes! It would cost much less than was wasted in Dubai, and would profit immensely more. Wouldn't it be nice if we had leaders would could lead, rather than just dicker at the public trough? Instead, we piss away our birthright on bonuses given to financial executives who could up Ponzi schemes. (aka "market bubbles")
They'll either realize that they made a mistake and be fine, or they'll come looking to blame you and you can pull out the document and say "We made sure to inform you of the risks and you signed off saying you understood them and that it was up to you if you chose not to follow them."
The only thing you'd get out of such a document is protection from them suing you after they fire you! I'd suggest this:
1) Write an email to them, indicating your concerns about the safety of the data, and how they need to adhere to the protocol in order to protect themselves. Be very nice about it, and indicate that you are confused as to how you should proceed after meeting X...
2) They'll reply with something or other. Print both emails off, WITH FULL HEADERS included. File those someplace offsite, perhaps at home.
Why would you need everything signed in triplicate? That's just intimidating, and likely to engender mistrust. These are your bosses! They're nice enough to hire you, provide you with a living wage, and ask you to solve their problems - be nice enough to respect their position and wishes. And even if they are vindictive, you just need enough to show good faith effort on your part.
In my experience with things legal, the law isn't interested in the fine grains of the contract, they're interested in what you actually agreed to. At least in California, verbal contracts are OK so long as they are substantiated by actions or supporting evidence, and the courts have already ruled that email is sufficient evidence of an agreement/contract, so anything more is just a formality. But if you get all weird on them, it's a good possibility you'll just lose your job.
Of course, if you are really worried, IANAL, go hire a lawyer, blah blah. But IMHO, if you do, you'll probably just end up fired.
Great! You got +5 insightful for an unenlightened post.
So you have a process, the browser. And within that process, is a security hole. And in the context of the browser, there's this scripting language called "javascript" which (tadum!) executes code. Code which might take advantage of aforementioned security hole.
In this example, the Operating System isn't even involved - it's all happening within the browser. Yet, your security is still hosed. There's still a keylogger running inside browser space, and when you go to your bank, they still get your access credentials.
How would you expect the operating system to protect you here? In this space, the Operating System is barely relevant at all!
They seem to have come up with some ideas so critical to memory that everyone else in the industry can't seem to make a product without tripping over the patent law. Do we praise the inventors, or hate them because we hate patents?
I guess you don't know/remember the real story behind RAMBUS. These "innovations" that they patented were obtained by attending multivendor conference meetings and then filing patents on the ideas discussed before anybody else got to them. They didn't come up with them, they just filed first!
But to make matters worse, they "submarined" the patents, filing changes for years so that nobody knew about the patents until AFTER the industry had pretty much committed itself to the designs that Rambus was eventually awarded patents to.
Rambus is a horrible patent troll, in the fullest sense of the word. In terms of evil, they are right up there with Antivirus vendors and spammers.
EVERY hour spent sitting idle in front of the television raises the risk of premature death from heart disease by 18%, an Australian study found.
*facepalm*
My thought too - this summary is AWFUL! You'd think that everybody would die in a 5 hour TV stretch!
But they're not talking about LITERAL hours, they're talking about AVERAGE hours spent per day. And when you look at it that way, it makes a load of sense.
As a 3rd party vendor of technology solutions, I read this slightly differently, because we are, in effect, the "IT department" for much of our clientelle. What I read this as is that we should, as a company, be focusing more on the needs of our clients' clients, rather than our clients. Which leads us into a strange territory where we are telling our clients what to do.
This is a good take, and I agree with OP and PP that this pretty much hits the nail on the head. Obviously, within our company, we treat IT as a core part of the company, it IS the core part of our company! IT - it's what we sell! But to the extent that we act as the IT department for our clients, we should take advice here and look even further outward towards the clients' clients who ultimately do use our software services as well!
It's a Loooooooonnnnnnngggggg reach getting out that far.
It's true that the HTTPS protocol would have prevented this, but it can only prevent this type of activity within the https connection! There's no reason why AT&T wouldn't have the phones set up to use an HTTPS proxy - meaning that the connection between the phone and the proxy is like any other http proxy, and the proxy server then initiates the HTTPS connection!
Take a look in your browser settings for "HTTPS proxy", virtually all browsers support this type of behavior, and if AT&T was "aggressively caching" content in order to improve their well-known performance limits, then they almost certainly would have done this, too, and thus HTTPS would have offered no protection at all from this type of bug.
Funny how often well-designed protocols by well-intentioned modifications that bring the who system to its knees, no?
The hard part is to understand just how long it takes to get a bug fixed!
I'm a developer. I write code, lots and lots of code. I'm responsible for a FARKING HUGE pile of code that I maintain for a vertical app with over 100 good-sized customers at a small software company. Our developers crank out code - reams and reams of code! we crank through the bugfixes like there's no tomorrow, and the speed of development is somewhere between crazy and insane.
But, when you leave this frenetic pace of development, when you leave the zone of developers, and enter the realm of corporate America, you find a completely different world inhabited not by crackerjack coders, but by "IT". People who don't write code, who don't craft solutions, and for whom a bug is a big deal.
These people don't create solutions, they implement them. They spend lots of time doing research. Addressing a single bug can take days, maybe weeks of time, and certainly not hours! And given this very high cost of bug management, being conservative is suddenly very valuable!
So, when we decide to switch, for example, from Firefox to Chrome, the only consideration is the bugs we'll find, and any we find we can take care in anywhere from hours to minutes, because we wrote the code in the first place, and it's not a big deal to fix.
But if you didn't write the code, if it's all gibberish to you anyway, and it's your job to get stuff to work anyway, you become very, very conservative very quickly. A solution may work with IE 6, and may only need a few CSS declarations and maybe a tweak to the.js file to work properly with Firefox/Chrome/IE8, but if you don't know how to make those slight changes, you don't change a goddamn thing.
Slashotters and other coders would do well to understand these people, as they are many and often in control of the purse strings of potential clients! They are the logical oppositve of the developer: risk averse, terrified of change, and work to avoid anything "interesting" anywhere possible.
I remember an episode of Star Trek where the Captain and Spock admire a source of lighting that "produces light, but no heat! - How advanced!" yet, compared to incandescent bulbs, that's an apt description of LED lights, especially those designed for high efficiency!
Let's talk now about Cell Phones - I almost bought a cheapie cell phone for $29 that was about the depth/width/length of a hershey chocolate bar. It sported 2 days of battery life, unlimited text/picture messaging, and (get this!) NO CONTRACT. Compared to the "brick" 1980s cell phone, we have at LEAST an order of magnitude reduction in power consumption and possibly two, by using such techniques and digital packet switching, variable power output, and the like. And this trend is set to continue into the indefinite future - we are *still* spending far too much in resources to get what we want.
Now, if you figure that we can improve power conductivity by, oh say, 50%, and can cut power utilization by 100x, (1/10th the amount claimed by Bell Labs) then suddenly, the charge rates from a 150 mw 802.11 radio source 5 meters away actually seems reasonable!
It won't happen today, or tomorrow. But in a few years? Not only possible, but likely!
'It's foolhardy to use this statistic to infer that American firms are losing ground to foreign competitors because with patents, it's important to consider quality, as well as quantity.'
Riiiighhht. Just because we used to out-engineer the world by a long shot, and now the world has not only reached parity, but has done so on our own soil, doesn't mean that our position is weakened any! No, not that. Never mind that we train fewer engineers (as a percentage) than ever before. Never mind that we don't pay our engineers value anywhere near their wealth production, while we pay craptastic CEOs millions to help their companies lose billions, and then bail out the companies so that they can do it all over again, while pissing away trillions of dollars in a war that the media does its best to ignore. You know, the war in that country that bankrupted the USSR during its war there in the 1970s? No, never mind that!
Stick your f-cking heads back in the sand, you know, where it's still nice and warm, and just ignore that cold, cold north wind!
If America doesn't turn NOW, and re-emphasize infrastructure, education, and wealth production, then we are guaranteed to step down as a "player" in the world leadership. Unfortunately, all signs are showing otherwise, from bailing out financial crooks and giving them leadership positions to teaching Intelligent Design and other travesties of knowledge in our schools.
note that light requires TWO 700 watt bulbs, pretty impressive.
So, replace the 700 Watt bulbs with 2 brighter, 60-watt Mercury Vapor lights. MV lights don't like to "blink" so put a rotating shield around them. Voila! Better performance at 1/10 the running cost....
I think that apparently the vendors aren't doing a damn thing to patch a good amount of these reported vulnerabilities if they are being reported in a proactive manner. Seems as if once the exploits are running rampant in the wild then the vendors scramble to develop patches. Not the best business practices all the way around, but it's the way it is.
It's most likely a case of resource management and insufficient resources available. Businesses exist to make money. Features make money, bugs cost money. So, given NNN amount of money, do you:
A) Fix the bugs that people are experiencing problems with RIGHT NOW with exploits in the wild, or
B) Fix the bugs that are "theoretical" and MAY be exploited at some point in the future if somebody else finds it?
Now, the clueful would note that the set of B includes the set of A, but for those who are living close to the edge, A is where the attention goes, and that's why you see announcements like this one.
Slashdot Mirror
Maybe if all those Californians would stand up against the War on (Some) Drugs...
I guess you've missed the whole "legalize marijuana" movement that's sweeping the nation, all-but-legalized by California some years ago with a doctor's note? In a few months, we're going to be voting on the idea of legalizing pot.
California has been giving the US Gubbmint the finger for too many years to count. California is the ONLY state with its own EPA. Every car sold in the US has two sub-models: the US model and the CA model. The CA model has enhanced pollution controls on it. When GW Bush killed all federal funding for stem cell research, California stood up and funded the same amount as the US Government had been. California is a "home rule" state - one of the states mentioned in another comment thread that's passed a resolution of independence from the US.
We have our problems to be sure, but overall, I'm proud to be a Californian!
For every complex problem there is an answer that is simple, cheap, easily understood, and dead wrong. Yours is likely one of them.
Yes, it's true - large organizations thwart innovation. And when you think about it socially, it's a good survival mechanism.
Young guy does something successful. It works, and he ends up leader of the clan. Because it worked, it's a good idea to keep doing it. So a bit of arrogance on the part of the successful person is often warranted, even if it's not popular. Unfortunately, times have changed enough that change itself is much more highly prized than 30,000 years ago, but the evolved mechanisms are still present. It takes a very, very long time to evolve anything significant, but it takes just years to change behavior thanks to a new idea!
Sad that Microsoft has lost its innovative edge. So far, Google's kept it, and HP lost it long ago.
Sorry to say this, but This just isn't true. Ogg/Theora holds up quite competitively against H.264, demonstrably, TODAY. I don't know why this FUD gets spread around, but having the Internet move to H.264 as a "standard" is akin to shooting ourselves in the collective foot.
Ogg/Theora is here today, it's competitive with H.264, and isn't encumbered like H.264. The extension of "free" is just MPG group trying to submarine it into widespread use before they come in with terms. I swear, sometimes, we all live with the battered wife "Stockholm" syndrome. We've seen this before, and we're about to get it again.
Interesting - you didn't submit the document back to OOo did you? Because if you did, that might actually be useful!
In my experience, I've been using OOo for years. It's damned nice software, and works well for me on Windows, Mac, and Linux with minimal issues. It's true, documents saved in either MSWord or OOo will look a little different in the other. Fonts will be different, spacing a little different, etc.
But I've successfully edited/saved documents back and forth with a Word user, highlighting text, bullet points, and the whole works with very little problem while negotiating contracts. I question the trouble that you mention. I've never had OOo fail to open a document created therein, but have a number of times "recovered" documents that Word couldn't open but OOo could!
Too many companies are still shipping products that have no intended user access to the command shell with passwords like "Admin", "12345", and the ever-popular "password". It's not like it costs more to have a longer, more complex password.
You think longer, complex setup doesn't cost the company money? I gather that you haven't considered support costs?
The best solution I've seen so far is to have a strong password printed on a sticker on the outside of the box. That's a pretty good compromise because if the attacker has physical access to the box, he/she could hit the "Reset" button on the device anyway. Thus, putting the password on the bottom of the device on a sticker really isn't any less secure than other solutions, and this can be done fairly cheaply.
But it still costs - each router has to be given its own unique password, and a process has to be set up to match up the passwords given with the stickers, and there are still more support costs from the clueless dolts who have to be told to look on the bottom of the device for the default password.
If you assume any intelligence on the part of the end user, your support costs will quickly challenge that assumption!
Radio waves spread in accordance with the inverse square law. For every doubling in distance traveled, they become 1/4 as strong. It may well be that the *practical* limit for detecting our own tv/radio signals is somewhere near Alpha Centauri, but that's a limit imposed by our own equipment. The signal propogates forever, or at least until it's stopped by another planet/star/comet/dust/whatever. And space is mighty vast and mighty empty.
I'm a pilot. It's routine to be maneuvering in 3 dimensions while avoiding 5 or more other targets in close airspace while traveling well in advance of 100 MPH while engaging in a conversation with those 5 other targets, and while managing airspeed, pitch, engine power, trim, and yaw, in adverse wind conditions.
In these cases, I'm steering the yoke and controlling broadcast with one hand, the engine power, altimeter, trim, and radios with the other, while cross-controlling the plane with my feet. You thinking talking on the *phone* while steering an automatic is mentally challenging? Yet, somehow, flying a small, private plane like mine is roughly as safe as driving a car!
I'm not surprised that banning texting while driving hasn't reduced the death toll, because I'm aware of evidence indicating that the spread of cell phones have not increased the death toll. What baffles me is how many laws we all have to obey are passed based on such insubstantial information. I mean, who actually thought that banning cell calls and texting while driving would actually reduce the death toll, when there hasn't been an associated increase in the death toll with their use?
with the current job market people would be moving twice a year to keep up. Might as well just get an RV and live your new employer's parking lot until they go bankrupt and you have to change jobs again.
and, with a used RV parked in front, any business is likely to suffer....
It's very easy to write a parser for text, and weight words by the common-ness of usage. Just download any of the widely available freebie e-books written by a Star Trek fan writer, and weight all the words therein by the number of times used.
With that simple hash table, you can combine the numbers together and then generate random numbers within the total range, and kick out the associated words! Statistically indecipherable from real text (because that was the source!) and you kill heuristic anti-spam filters to the curb for good.
It's a simple algorithm - I could write a simple script in PHP that would do this and crank out hundreds of thousands of unblockable messages per hour on a 5 year old Celeron. And the war will *never* end. Even if you can filter improbable word associations, or any other factor or set of factors, those factors can then be figured into the random word generator.
It's an endless game of cat and mouse and it will never end, so long as we're using heuristics to try to figure out what spam is and isn't.
But if we *are* using heuristics to try to read spam, that's probably the single biggest funding driver behind AI research that there is! In essence, we have an intelligent-design genetic algorithm at work trying to come up with the best algorithm for defeating our own intelligence!
What better way is there to fund the development of our eventual intellectual replacements?
Space flight is extremely expensive. If it turned out the moon were solid gold, and we could go there and bring it back a ton at a time, it still wouldn't be cost-effectice to go get it. It really does cost that much to go into space.
Sure, it's that expensive right now. Photovoltaics were silly expensive just 25 years ago, but now they are viable in many areas. My $250 phone is way more powerful than the 80286 my daddy spent $4,500 on back in the 1980s. My point is that technology advances!
If we were to make a space elevator out of carbon nanotubes, configured to be a semi-superconductor, (possible with the 5,5 aka "armchair" layout) we could have magnetically levitated elevators that shoot into the sky at supersonic speeds powered by bursts of electricity, a magnetic coil, and the associated Lorentz force, with no moving parts at all, powered by solar energy! To see how this might work, take a bar magnet and drop it down a metal pipe - any kind is fine. You'll see the magnet drop down the length of the pipe VERY SLOWLY as the electricity generated by the bar magnet pushes the electrons down to the end of the bar. If you could cram enough electrons into the bottom end of the pipe, you'd see the magnet shoot out the top!
This type of technology could dramatically reduce the cost of space travel, although the capital expenses would be pretty significant at first. Me, I imagine there being TWO space elevators touching the ground a few hundred (or even a thousand) miles apart, one for going up, and the other for going down. In this way, we could offset much of the energy for the "going up" elevator by the energy released by the other elevator(s) coming down.
Could we do this? Yes! It would cost much less than was wasted in Dubai, and would profit immensely more. Wouldn't it be nice if we had leaders would could lead, rather than just dicker at the public trough? Instead, we piss away our birthright on bonuses given to financial executives who could up Ponzi schemes. (aka "market bubbles")
Sad, really.
They'll either realize that they made a mistake and be fine, or they'll come looking to blame you and you can pull out the document and say "We made sure to inform you of the risks and you signed off saying you understood them and that it was up to you if you chose not to follow them."
The only thing you'd get out of such a document is protection from them suing you after they fire you! I'd suggest this:
1) Write an email to them, indicating your concerns about the safety of the data, and how they need to adhere to the protocol in order to protect themselves. Be very nice about it, and indicate that you are confused as to how you should proceed after meeting X...
2) They'll reply with something or other. Print both emails off, WITH FULL HEADERS included. File those someplace offsite, perhaps at home.
Why would you need everything signed in triplicate? That's just intimidating, and likely to engender mistrust. These are your bosses! They're nice enough to hire you, provide you with a living wage, and ask you to solve their problems - be nice enough to respect their position and wishes. And even if they are vindictive, you just need enough to show good faith effort on your part.
In my experience with things legal, the law isn't interested in the fine grains of the contract, they're interested in what you actually agreed to. At least in California, verbal contracts are OK so long as they are substantiated by actions or supporting evidence, and the courts have already ruled that email is sufficient evidence of an agreement/contract, so anything more is just a formality. But if you get all weird on them, it's a good possibility you'll just lose your job.
Of course, if you are really worried, IANAL, go hire a lawyer, blah blah. But IMHO, if you do, you'll probably just end up fired.
Great! You got +5 insightful for an unenlightened post.
So you have a process, the browser. And within that process, is a security hole. And in the context of the browser, there's this scripting language called "javascript" which (tadum!) executes code. Code which might take advantage of aforementioned security hole.
In this example, the Operating System isn't even involved - it's all happening within the browser. Yet, your security is still hosed. There's still a keylogger running inside browser space, and when you go to your bank, they still get your access credentials.
How would you expect the operating system to protect you here? In this space, the Operating System is barely relevant at all!
They seem to have come up with some ideas so critical to memory that everyone else in the industry can't seem to make a product without tripping over the patent law. Do we praise the inventors, or hate them because we hate patents?
I guess you don't know/remember the real story behind RAMBUS. These "innovations" that they patented were obtained by attending multivendor conference meetings and then filing patents on the ideas discussed before anybody else got to them. They didn't come up with them, they just filed first!
But to make matters worse, they "submarined" the patents, filing changes for years so that nobody knew about the patents until AFTER the industry had pretty much committed itself to the designs that Rambus was eventually awarded patents to.
Rambus is a horrible patent troll, in the fullest sense of the word. In terms of evil, they are right up there with Antivirus vendors and spammers.
Yes yes YES! We can turn our waste into something that benefits us, and get rid of the destruction of the Gulf at the same time!
I just wonder how well algae does on a diet of lead, mercury, and other heavy metals?
EVERY hour spent sitting idle in front of the television raises the risk of premature death from heart disease by 18%, an
Australian study found.
*facepalm*
My thought too - this summary is AWFUL! You'd think that everybody would die in a 5 hour TV stretch!
But they're not talking about LITERAL hours, they're talking about AVERAGE hours spent per day. And when you look at it that way, it makes a load of sense.
As a 3rd party vendor of technology solutions, I read this slightly differently, because we are, in effect, the "IT department" for much of our clientelle. What I read this as is that we should, as a company, be focusing more on the needs of our clients' clients, rather than our clients. Which leads us into a strange territory where we are telling our clients what to do.
This is a good take, and I agree with OP and PP that this pretty much hits the nail on the head. Obviously, within our company, we treat IT as a core part of the company, it IS the core part of our company! IT - it's what we sell! But to the extent that we act as the IT department for our clients, we should take advice here and look even further outward towards the clients' clients who ultimately do use our software services as well!
It's a Loooooooonnnnnnngggggg reach getting out that far.
I would suggest something similar.
1) get them to write down SPECIFICALLY the rights they want...
2) get a quote from an attorney to write a contract giving said rights.
3) ad X,000 dollars to the quote for you,
4) tell them that it costs 1,000 to renegotiate terms for EACH proposed change in the contract,
5) enjoy your X,OO0 dollars!
I guess you haven't received texts from my father - encryption is already here, done in meatspace!
It's true that the HTTPS protocol would have prevented this, but it can only prevent this type of activity within the https connection! There's no reason why AT&T wouldn't have the phones set up to use an HTTPS proxy - meaning that the connection between the phone and the proxy is like any other http proxy, and the proxy server then initiates the HTTPS connection!
Take a look in your browser settings for "HTTPS proxy", virtually all browsers support this type of behavior, and if AT&T was "aggressively caching" content in order to improve their well-known performance limits, then they almost certainly would have done this, too, and thus HTTPS would have offered no protection at all from this type of bug.
Funny how often well-designed protocols by well-intentioned modifications that bring the who system to its knees, no?
The hard part is to understand just how long it takes to get a bug fixed!
I'm a developer. I write code, lots and lots of code. I'm responsible for a FARKING HUGE pile of code that I maintain for a vertical app with over 100 good-sized customers at a small software company. Our developers crank out code - reams and reams of code! we crank through the bugfixes like there's no tomorrow, and the speed of development is somewhere between crazy and insane.
But, when you leave this frenetic pace of development, when you leave the zone of developers, and enter the realm of corporate America, you find a completely different world inhabited not by crackerjack coders, but by "IT". People who don't write code, who don't craft solutions, and for whom a bug is a big deal.
These people don't create solutions, they implement them. They spend lots of time doing research. Addressing a single bug can take days, maybe weeks of time, and certainly not hours! And given this very high cost of bug management, being conservative is suddenly very valuable!
So, when we decide to switch, for example, from Firefox to Chrome, the only consideration is the bugs we'll find, and any we find we can take care in anywhere from hours to minutes, because we wrote the code in the first place, and it's not a big deal to fix.
But if you didn't write the code, if it's all gibberish to you anyway, and it's your job to get stuff to work anyway, you become very, very conservative very quickly. A solution may work with IE 6, and may only need a few CSS declarations and maybe a tweak to the .js file to work properly with Firefox/Chrome/IE8, but if you don't know how to make those slight changes, you don't change a goddamn thing.
Slashotters and other coders would do well to understand these people, as they are many and often in control of the purse strings of potential clients! They are the logical oppositve of the developer: risk averse, terrified of change, and work to avoid anything "interesting" anywhere possible.
I see your point, and you are dead on - today!
I remember an episode of Star Trek where the Captain and Spock admire a source of lighting that "produces light, but no heat! - How advanced!" yet, compared to incandescent bulbs, that's an apt description of LED lights, especially those designed for high efficiency!
Let's talk now about Cell Phones - I almost bought a cheapie cell phone for $29 that was about the depth/width/length of a hershey chocolate bar. It sported 2 days of battery life, unlimited text/picture messaging, and (get this!) NO CONTRACT. Compared to the "brick" 1980s cell phone, we have at LEAST an order of magnitude reduction in power consumption and possibly two, by using such techniques and digital packet switching, variable power output, and the like. And this trend is set to continue into the indefinite future - we are *still* spending far too much in resources to get what we want.
Now, if you figure that we can improve power conductivity by, oh say, 50%, and can cut power utilization by 100x, (1/10th the amount claimed by Bell Labs) then suddenly, the charge rates from a 150 mw 802.11 radio source 5 meters away actually seems reasonable!
It won't happen today, or tomorrow. But in a few years? Not only possible, but likely!
'It's foolhardy to use this statistic to infer that American firms are losing ground to foreign competitors because with patents, it's important to consider quality, as well as quantity.'
Riiiighhht. Just because we used to out-engineer the world by a long shot, and now the world has not only reached parity, but has done so on our own soil, doesn't mean that our position is weakened any! No, not that. Never mind that we train fewer engineers (as a percentage) than ever before. Never mind that we don't pay our engineers value anywhere near their wealth production, while we pay craptastic CEOs millions to help their companies lose billions, and then bail out the companies so that they can do it all over again, while pissing away trillions of dollars in a war that the media does its best to ignore. You know, the war in that country that bankrupted the USSR during its war there in the 1970s? No, never mind that!
Stick your f-cking heads back in the sand, you know, where it's still nice and warm, and just ignore that cold, cold north wind!
If America doesn't turn NOW, and re-emphasize infrastructure, education, and wealth production, then we are guaranteed to step down as a "player" in the world leadership. Unfortunately, all signs are showing otherwise, from bailing out financial crooks and giving them leadership positions to teaching Intelligent Design and other travesties of knowledge in our schools.
note that light requires TWO 700 watt bulbs, pretty impressive.
So, replace the 700 Watt bulbs with 2 brighter, 60-watt Mercury Vapor lights. MV lights don't like to "blink" so put a rotating shield around them. Voila! Better performance at 1/10 the running cost....
I think that apparently the vendors aren't doing a damn thing to patch a good amount of these reported vulnerabilities if they are being reported in a proactive manner. Seems as if once the exploits are running rampant in the wild then the vendors scramble to develop patches. Not the best business practices all the way around, but it's the way it is.
It's most likely a case of resource management and insufficient resources available. Businesses exist to make money. Features make money, bugs cost money. So, given NNN amount of money, do you:
A) Fix the bugs that people are experiencing problems with RIGHT NOW with exploits in the wild, or
B) Fix the bugs that are "theoretical" and MAY be exploited at some point in the future if somebody else finds it?
Now, the clueful would note that the set of B includes the set of A, but for those who are living close to the edge, A is where the attention goes, and that's why you see announcements like this one.