If there was a backdoor in the flight control software, I doubt it would help the UK if we gave them the source code because the backdoor would almost certainly be hidden very well. In fact, the backdoor could be in the compiler in which case they would not find anything in the source code. And they can't recompile the sourcecode with their own compiler because they would have to retest everything.
I just looked into this. At first I was hopeful given the number of OSS problem/bug tracking progects out there. Some of them are pretty polished and work well for what they are designed to do.
But then I realized that what I really want is just a simple web front end into an IMAP mailbox so that support personnel just manage tickets like they manage their email. In practice I suspect most "tickets" would be processed entirely without using the web front end at all. But regular users should be able to use the web front end to submit new tickets, view exiting tickets with From/To/CC that match the logged on user's email address, or reply to an exiting ticket (to the hard coded support email address).
I noticed PHP has IMAP classes so I thought for sure someone would have thought of this already. But I was not able to find such a thing. Anyone heard of this? Where? If not, please write it:->
Separating the Pu from the U is trivial. It is a purely chemical process. I did this with an IEC fusor using surplus DU from a 747 counterweight.
This is the Department of Homeland Security. We've got you now aminorex. We know your in your mom's basement - we're at the top of the stairs now. Put down the mouse and place your hands on top of the monitor.
The advantage of UNIX is it's simplicity. The common APIs found on UNIX systems haven't changed in many many years. This sounds like a weakness but from a security prespective it is a great strength. This is because the vast majority of bugs are in relatively new code. If you recall the end of NT4's life it was pretty stable (relatively speaking). That's because all new development work was on other products. Now with the introduction of XP and Sharepoint and.NET and all the other new stuff, there's a mountain of new code to find exploits in. Windows is much more sophisticated than UNIX but whether or not that's a good thing depends on what you're using it for.
In fact, you could debate this for any OS. Here's how I see the best use of each OS:
Linux - Great development platform. You can easily install it on a laptop and get most things to work like they would even though it was "designed for XP" (e.g. power management). Linux is also a great virtual private server. A VPS is a Linux instance running in a VM like User Mode Linux. You can serve Webmail, SMTP, php apps, mysql, imap, etc for your personal use for $20/mo. As car analogies go, Linux is a Ford F150 pickup.
Windows XP - Required corporate desktop. XP provides integrated security with ACLs on a wide variety of resources with all groups managed by a central authority with UIs to manage accounts. As a car XP is a like a fully loaded Mercury Montego sedan (it has all the amenities but don't expect it to be running in 5 years).
Windows Server - Good corporate application, file and print server. It has a rich highly integrated set of libraries. Required for running server side applications for XP clients such as Exchange and AD. Windows Server is also like a Mercury Montego sedan except it costs a lot more.
Solaris - Rock solid server application platform with world class support. If you don't need the sophisticated APIs provided by Windows Server then Solaris is a very good choice. Solaris is like a large Frietliner flatbed truck with GPS tracking and 24 hour roadside assistance.
Mac OS X - Home PC desktop. OSX is ideal for the casual home user who wants to create a web page from the photos on their digital camera or play their guitar with sound loops in Garage Band. Mac OS X is like a Lexus RX 330. Every respectable yuppy has one.
FreeBSD - Good HTTP server for the Internet. It's also a good alternative to Solaris as an application server platform if you're trying to save money and don't need it to scale to 16 processors. FreeBSD is like a Toyota pickup.
neither theory is even close to establishing scientific proof of their ideas
Ok, let's review.
Evolution: Lightening created amino acids and organic molecules that formed polymers, some of which could replicate themselves, and lipids that organize into membranes allowing concentration gradients facilitating single celled organisms and after millions of years more complex animals like humans.
OR
Creationism: A man from outer space created everything in a few days because he felt like it.
Why is this flagged "Insightful"? I thought it was a very well written article and I do a lot of network programming. What should an article about an API designed in 1983 in a language dating back to 1972 supposed to look like? And I doubt the poster actually read it considering it describes features specific to Linux 2.6 (e.g. I don't think 2.4 actually supported setting SO_{SND,RCV}BUF).
MSDN doesn't exactly document the proprietary and non-standard extensions to Kerberos that prevent anyone other than Microsoft from creating a server that can provide Active Directory to Windows clients.
Actually it does and it it's not a "non-standard" extension. The Windows PAC format is described in fair detail on MSDN here:
The structure is stored in the authorization-data field of the Kerberos ticket and functions exactly as Kerberos designers intended. The Samba guys have managed to produce Kerberos tickets with a PAC that Windows clients will accept.
HOWEVER, I strongly beleive that MS MUST sincerely assist third parties with interoperability. If you have a monopoly in a product market where that product is marshalling all of your customers data, whether it's in the form of a network protocol or a file format, that customer should be entitled to obtain the protocol information necessary to create a replacement product that is fully independant of the original. This ensures that no one entity has complete responsibility for potentially curcial functions of business and government. If only one factory made all the ball bearings in the world every truck, electric motor, and pinball machine would be at the mercy of a handful of people.
The MS Kerberos PAC is NDR encoded and the the list of group SIDs in it isn't very useful without DCE/RPC over SMB named pipes to resolve to names but this is NOT a case of "embrace and extend". If MS provides customers with the necessary information to properly decode the NDR and resolve the SIDs then we can dissapate the responsibility of the infratructure in our organizations.
Seriously, app servers need passwords that don't change. That's just the way it is. The "best practice" in this situation is to simply use a very strong password. Meaning 32 random characters presumably autogenerated. If no one ever needs to type it in, there's no excuse.
I've been listening to the Feynman Lectures on Physics on my ipod while working out at the gym. There's dozens of 50min lectures (each lecture is a nice 600+ calorie workout on the Precore machine). I've only taken introductory Physics but I've found I can understand quite a bit of what he's saying. It's kind of like speed reading a book.
Anyway, in the Special Theory of Relativity lecture (or maybe it was The Theory of Gravitation, not sure) he of course talks about how matter and energy are "two sides of the same coin" but it really resonated with me that when we talk about matter we're also talking about gravity since gravity is just a consequence of mass. So when you fly that super-spaceship at nearly the speed of light you become heavier but you're gravitational effect is accordingly stronger. It's important to understand phenomenon that seem totally unrelated but are actually the same thing. The effects of them are just measured in different ways. So one could say energy and matter and gravity are the same "thing".
Actually I didn't make my point very well. HTTP alone isn't the problem. It still sucks but it's the poor data management between HTTP and the rendered UI that is the just rediculous.
Think about what's happening in an AJAX application:
Text defining the display (HTML) is downloaded (HTTP) within which a script is embedded (JavaScript) that requests more data be returned as but in a slightly different form of text (XML) that needs to be unmarshalled and interpreted in an application specific way to extract document manipulation operations (DOM). That is *completely* and *utterly* rediculous.
Exactly! Counldn't have said it better myself. As someone who works with network protocols a lot HTTP is a BAD protocol. It was fine back in 1993 when we had simple static pages with some text a few links. But for real applications with tables and list controls the stateless model is horrible. We need a cross platform application that provides sophisticated UIs that can be represented using a simple definition language but can hold state and only need to communicate with the server when the UI needs to load or store that state. I was hoping Java would effectively do this but it's UI is pathetically simple (AWT) or pathetically slow (Swing), it doesn't have very good control over the document and just getting the plugin to run in all browsers is a crap shoot.
This is good considering WindowMaker is going downhill in a hand basket. With each release they add things specifically to compete with features from GNOME and KDE. The new antialiasing font rendering looks so bad I had to downgrade to the previous version and add an exclude= to my yum.conf. I'll guess I'll be looking at AfterStep soon considering GNOME and KDE are Windows 95 but slower.
The accuracy of the device could be easily verified by calibrating w/ blood samples using a mass spectrometer. So unless the code is really bad such that it gives erroneous results 1 in a 1000 trials, I'd say this is a lost cause.
The predator charged in his direction... He was making long jumps... On about the third jump I shot him.
Does anyone else find this "story" a little OUTRAGEOUS? If this cat was so elusive to go undetected for decades, why would the thing decide to charge at the first sight of a human? And this guy is going to have the nerve to stand his ground and pick off a big leaping agile cat with a single shot. Yeaaaaaah. Ok.
I'm reasoning the guy probably felt a little remorse for running over a peaceful magestic animal with his truck in a drunken stupur and made up this crap story to make it sound like he was defending himself. If I were the law, I'd be grilling this guy to find out if it wasn't someone's unwanted exotic pet. Here in the US animal cruelty is considered a very serious crime.
10 gigabits in a 13cm diameter wafer? Does this really sound that good to anyone? I mean a little flash card is like 3cm wide and holds a gigaBYTE. This wafer holds 10gigabits/8bits = ~1.2 gigabytes. Harddrives? Assuming you have a bunch of these wafers for "platters" the size would still be pretty limited.
If you're going to hack websites, don't try to justify your idiotic hobby by turning it into a political posterboard. It has the opposite effect you're looking for. The thing that scares people most is unpredictable behavior. If Iran were calm, clear in stating there intentions, and followed all the diplomatic protocols with a smile there would be no way for anyone to stop them from builting reactors (wheather it be for processing fuel for weapons or not). But stupid stuff like this make Iranians look like evil subversives. Just look at the graphic they posted. It looks like the shadow of some kind of daemon with horns. This is not a good image for Iran.
Or if it's a different group impersonating iranians, you're just losers.
Perhaps you should look at hanging vanilla SMTP and IMAP servers off Netscape Directory Server (now Fedora Directory Server)? I think it supports multimaster replication and the code is OSS so if it doesn't work you can get inside and adapt it.
What companies need to do is establish a very verbose "never pay" policy. If you're going to pay money, pay an army of lawers to drag every claim through court by the suers toenails. Make them know that if they want to persue a claim, they're going to have to front a heluva lot of money for it.
This is a little OT but I don't understand why officials are trying to send aid INTO the city as opposed to getting PEOPLE OUT. The whole place is a biohazard and must be completely evacuated minus engineers and health officials. If they do not do this perfectly healthy people are going to start dying in droves. They should be putting people on anything with wheels and sending them tent cities 20 miles out of town. I've heard nothing along these lines in the media. Can someone exaplain that to me?
I don't think this was meant to be funny folks. C actually is the cornerstone of serious software. What language do you think Java and.NET are writting in? C is simply overkill for your average corporate intranet web app.
On average, yes I believe men probably are better at figuring out difficult problems. But I also think women have a lot more control and grace. IOW if they're faced with a difficult problem, they can probably get a man to just do it for them. Not bad. Men and women are just designed for different roles and they always have been. Consider way way back say half-a-million years ago when humans were just roaming around in hunter gatherer groups. Men and women didn't compete for the same jobs. That would be inefficient. It so happends that the jobs men were faced with took a little more thinking like hunting and fighting (e.g. because when women are pregnent they can't hunt or fight very well). I'm largely speculating of course but I doubt I'm real far off. Yeah, mean might be more "itellegent" but that doesn't make them BETTER. Women can be very effective in getting what they need to live comfortable lives and they usually get a man to give it to them. The problem is a social perception that intellegence equals superiority.
The only other article I read was the one about M$ loosing the API war (or something like that). I later heard that M$ decided to increase backwards compatibility of some of there stuff based on Joel's arguments. So apparently people think he's making sense. I certainly do. He's dead on AFAIC.
Agree 100%. In fact I think OOP in general is overused. OOP is just one of many techniques that can be used in programming. I've done my share of Java and it's a great language but most of the Java code I've seen is so heavily OOP I don't think people even realize that they can occomplish the same task with a few lines of simple C-ish looking code. In the long run I think this will actually hurt Java as a language. A perfect example is log4j. That whole package is riddled with design pattern stuff where a simple PrintStream with a loglevel member would have been perfect for 9/10 apps. And yet it is considered by many people to be gleening example of Java perfection. That's what happends when you put a little marketing behind a programming language. Shrug.
When I saw the google map thing sure I thought it was neat like everybody else but i also thought it was of limited usefulness. Then when msn rolled out their version I really got confused. Can someone explain to me what all the hoopla is with this virtual map stuff? I mean, what does it *do* exactly? Is it strictly educational from a geography prespective or what?
Slashdot Mirror
If there was a backdoor in the flight control software, I doubt it would help the UK if we gave them the source code because the backdoor would almost certainly be hidden very well. In fact, the backdoor could be in the compiler in which case they would not find anything in the source code. And they can't recompile the sourcecode with their own compiler because they would have to retest everything.
I just looked into this. At first I was hopeful given the number of OSS problem/bug tracking progects out there. Some of them are pretty polished and work well for what they are designed to do.
:->
But then I realized that what I really want is just a simple web front end into an IMAP mailbox so that support personnel just manage tickets like they manage their email. In practice I suspect most "tickets" would be processed entirely without using the web front end at all. But regular users should be able to use the web front end to submit new tickets, view exiting tickets with From/To/CC that match the logged on user's email address, or reply to an exiting ticket (to the hard coded support email address).
I noticed PHP has IMAP classes so I thought for sure someone would have thought of this already. But I was not able to find such a thing. Anyone heard of this? Where? If not, please write it
Separating the Pu from the U is trivial. It is a purely chemical process. I did this with an IEC fusor using surplus DU from a 747 counterweight.
This is the Department of Homeland Security. We've got you now aminorex. We know your in your mom's basement - we're at the top of the stairs now. Put down the mouse and place your hands on top of the monitor.
The advantage of UNIX is it's simplicity. The common APIs found on UNIX systems haven't changed in many many years. This sounds like a weakness but from a security prespective it is a great strength. This is because the vast majority of bugs are in relatively new code. If you recall the end of NT4's life it was pretty stable (relatively speaking). That's because all new development work was on other products. Now with the introduction of XP and Sharepoint and .NET and all the other new stuff, there's a mountain of new code to find exploits in. Windows is much more sophisticated than UNIX but whether or not that's a good thing depends on what you're using it for.
In fact, you could debate this for any OS. Here's how I see the best use of each OS:
Linux - Great development platform. You can easily install it on a laptop and get most things to work like they would even though it was "designed for XP" (e.g. power management). Linux is also a great virtual private server. A VPS is a Linux instance running in a VM like User Mode Linux. You can serve Webmail, SMTP, php apps, mysql, imap, etc for your personal use for $20/mo. As car analogies go, Linux is a Ford F150 pickup.
Windows XP - Required corporate desktop. XP provides integrated security with ACLs on a wide variety of resources with all groups managed by a central authority with UIs to manage accounts. As a car XP is a like a fully loaded Mercury Montego sedan (it has all the amenities but don't expect it to be running in 5 years).
Windows Server - Good corporate application, file and print server. It has a rich highly integrated set of libraries. Required for running server side applications for XP clients such as Exchange and AD. Windows Server is also like a Mercury Montego sedan except it costs a lot more.
Solaris - Rock solid server application platform with world class support. If you don't need the sophisticated APIs provided by Windows Server then Solaris is a very good choice. Solaris is like a large Frietliner flatbed truck with GPS tracking and 24 hour roadside assistance.
Mac OS X - Home PC desktop. OSX is ideal for the casual home user who wants to create a web page from the photos on their digital camera or play their guitar with sound loops in Garage Band. Mac OS X is like a Lexus RX 330. Every respectable yuppy has one.
FreeBSD - Good HTTP server for the Internet. It's also a good alternative to Solaris as an application server platform if you're trying to save money and don't need it to scale to 16 processors. FreeBSD is like a Toyota pickup.
Ok, let's review.
Evolution: Lightening created amino acids and organic molecules that formed polymers, some of which could replicate themselves, and lipids that organize into membranes allowing concentration gradients facilitating single celled organisms and after millions of years more complex animals like humans.
OR
Creationism: A man from outer space created everything in a few days because he felt like it.
You do realize that SO_SNDBUF and SO_RCVBUF are part of the POSIX standard [jaluna.com], don't you?
./
Yeah? So does this mean you think Linux is POSIX compliant? If so, then maybe you should spend more time coding than posting drivel on
Why is this flagged "Insightful"? I thought it was a very well written article and I do a lot of network programming. What should an article about an API designed in 1983 in a language dating back to 1972 supposed to look like? And I doubt the poster actually read it considering it describes features specific to Linux 2.6 (e.g. I don't think 2.4 actually supported setting SO_{SND,RCV}BUF).
MSDN doesn't exactly document the proprietary and non-standard extensions to Kerberos that prevent anyone other than Microsoft from creating a server that can provide Active Directory to Windows clients.
= /library/en-us/dnkerb/html/msdn_pac.asp
Actually it does and it it's not a "non-standard" extension. The Windows PAC format is described in fair detail on MSDN here:
http://msdn.microsoft.com/library/default.asp?url
The structure is stored in the authorization-data field of the Kerberos ticket and functions exactly as Kerberos designers intended. The Samba guys have managed to produce Kerberos tickets with a PAC that Windows clients will accept.
HOWEVER, I strongly beleive that MS MUST sincerely assist third parties with interoperability. If you have a monopoly in a product market where that product is marshalling all of your customers data, whether it's in the form of a network protocol or a file format, that customer should be entitled to obtain the protocol information necessary to create a replacement product that is fully independant of the original. This ensures that no one entity has complete responsibility for potentially curcial functions of business and government. If only one factory made all the ball bearings in the world every truck, electric motor, and pinball machine would be at the mercy of a handful of people.
The MS Kerberos PAC is NDR encoded and the the list of group SIDs in it isn't very useful without DCE/RPC over SMB named pipes to resolve to names but this is NOT a case of "embrace and extend". If MS provides customers with the necessary information to properly decode the NDR and resolve the SIDs then we can dissapate the responsibility of the infratructure in our organizations.
Seriously, app servers need passwords that don't change. That's just the way it is. The "best practice" in this situation is to simply use a very strong password. Meaning 32 random characters presumably autogenerated. If no one ever needs to type it in, there's no excuse.
I've been listening to the Feynman Lectures on Physics on my ipod while working out at the gym. There's dozens of 50min lectures (each lecture is a nice 600+ calorie workout on the Precore machine). I've only taken introductory Physics but I've found I can understand quite a bit of what he's saying. It's kind of like speed reading a book.
Anyway, in the Special Theory of Relativity lecture (or maybe it was The Theory of Gravitation, not sure) he of course talks about how matter and energy are "two sides of the same coin" but it really resonated with me that when we talk about matter we're also talking about gravity since gravity is just a consequence of mass. So when you fly that super-spaceship at nearly the speed of light you become heavier but you're gravitational effect is accordingly stronger. It's important to understand phenomenon that seem totally unrelated but are actually the same thing. The effects of them are just measured in different ways. So one could say energy and matter and gravity are the same "thing".
Actually I didn't make my point very well. HTTP alone isn't the problem. It still sucks but it's the poor data management between HTTP and the rendered UI that is the just rediculous.
Think about what's happening in an AJAX application:
Text defining the display (HTML) is downloaded (HTTP) within which a script is embedded (JavaScript) that requests more data be returned as but in a slightly different form of text (XML) that needs to be unmarshalled and interpreted in an application specific way to extract document manipulation operations (DOM). That is *completely* and *utterly* rediculous.
Exactly! Counldn't have said it better myself. As someone who works with network protocols a lot HTTP is a BAD protocol. It was fine back in 1993 when we had simple static pages with some text a few links. But for real applications with tables and list controls the stateless model is horrible. We need a cross platform application that provides sophisticated UIs that can be represented using a simple definition language but can hold state and only need to communicate with the server when the UI needs to load or store that state. I was hoping Java would effectively do this but it's UI is pathetically simple (AWT) or pathetically slow (Swing), it doesn't have very good control over the document and just getting the plugin to run in all browsers is a crap shoot.
This is good considering WindowMaker is going downhill in a hand basket. With each release they add things specifically to compete with features from GNOME and KDE. The new antialiasing font rendering looks so bad I had to downgrade to the previous version and add an exclude= to my yum.conf. I'll guess I'll be looking at AfterStep soon considering GNOME and KDE are Windows 95 but slower.
The accuracy of the device could be easily verified by calibrating w/ blood samples using a mass spectrometer. So unless the code is really bad such that it gives erroneous results 1 in a 1000 trials, I'd say this is a lost cause.
From the article:
... He was making long jumps ... On about the third jump I shot him.
The predator charged in his direction
Does anyone else find this "story" a little OUTRAGEOUS? If this cat was so elusive to go undetected for decades, why would the thing decide to charge at the first sight of a human? And this guy is going to have the nerve to stand his ground and pick off a big leaping agile cat with a single shot. Yeaaaaaah. Ok.
I'm reasoning the guy probably felt a little remorse for running over a peaceful magestic animal with his truck in a drunken stupur and made up this crap story to make it sound like he was defending himself. If I were the law, I'd be grilling this guy to find out if it wasn't someone's unwanted exotic pet. Here in the US animal cruelty is considered a very serious crime.
10 gigabits in a 13cm diameter wafer? Does this really sound that good to anyone? I mean a little flash card is like 3cm wide and holds a gigaBYTE. This wafer holds 10gigabits/8bits = ~1.2 gigabytes. Harddrives? Assuming you have a bunch of these wafers for "platters" the size would still be pretty limited.
Dear Hackers,
If you're going to hack websites, don't try to justify your idiotic hobby by turning it into a political posterboard. It has the opposite effect you're looking for. The thing that scares people most is unpredictable behavior. If Iran were calm, clear in stating there intentions, and followed all the diplomatic protocols with a smile there would be no way for anyone to stop them from builting reactors (wheather it be for processing fuel for weapons or not). But stupid stuff like this make Iranians look like evil subversives. Just look at the graphic they posted. It looks like the shadow of some kind of daemon with horns. This is not a good image for Iran.
Or if it's a different group impersonating iranians, you're just losers.
Perhaps you should look at hanging vanilla SMTP and IMAP servers off Netscape Directory Server (now Fedora Directory Server)? I think it supports multimaster replication and the code is OSS so if it doesn't work you can get inside and adapt it.
What companies need to do is establish a very verbose "never pay" policy. If you're going to pay money, pay an army of lawers to drag every claim through court by the suers toenails. Make them know that if they want to persue a claim, they're going to have to front a heluva lot of money for it.
This is a little OT but I don't understand why officials are trying to send aid INTO the city as opposed to getting PEOPLE OUT. The whole place is a biohazard and must be completely evacuated minus engineers and health officials. If they do not do this perfectly healthy people are going to start dying in droves. They should be putting people on anything with wheels and sending them tent cities 20 miles out of town. I've heard nothing along these lines in the media. Can someone exaplain that to me?
I don't think this was meant to be funny folks. C actually is the cornerstone of serious software. What language do you think Java and .NET are writting in? C is simply overkill for your average corporate intranet web app.
On average, yes I believe men probably are better at figuring out difficult problems. But I also think women have a lot more control and grace. IOW if they're faced with a difficult problem, they can probably get a man to just do it for them. Not bad. Men and women are just designed for different roles and they always have been. Consider way way back say half-a-million years ago when humans were just roaming around in hunter gatherer groups. Men and women didn't compete for the same jobs. That would be inefficient. It so happends that the jobs men were faced with took a little more thinking like hunting and fighting (e.g. because when women are pregnent they can't hunt or fight very well). I'm largely speculating of course but I doubt I'm real far off. Yeah, mean might be more "itellegent" but that doesn't make them BETTER. Women can be very effective in getting what they need to live comfortable lives and they usually get a man to give it to them. The problem is a social perception that intellegence equals superiority.
The only other article I read was the one about M$ loosing the API war (or something like that). I later heard that M$ decided to increase backwards compatibility of some of there stuff based on Joel's arguments. So apparently people think he's making sense. I certainly do. He's dead on AFAIC.
Agree 100%. In fact I think OOP in general is overused. OOP is just one of many techniques that can be used in programming. I've done my share of Java and it's a great language but most of the Java code I've seen is so heavily OOP I don't think people even realize that they can occomplish the same task with a few lines of simple C-ish looking code. In the long run I think this will actually hurt Java as a language. A perfect example is log4j. That whole package is riddled with design pattern stuff where a simple PrintStream with a loglevel member would have been perfect for 9/10 apps. And yet it is considered by many people to be gleening example of Java perfection. That's what happends when you put a little marketing behind a programming language. Shrug.
When I saw the google map thing sure I thought it was neat like everybody else but i also thought it was of limited usefulness. Then when msn rolled out their version I really got confused. Can someone explain to me what all the hoopla is with this virtual map stuff? I mean, what does it *do* exactly? Is it strictly educational from a geography prespective or what?