Microsoft. When Microsoft had their own JVM implementation, Microsoft added various extra libraries and functionality to their runtime that Sun was missing. Sun responded by sueing
MS added classes to the java.* package hierarchy, in contravention to the terms of their licence. That's why Sun sued. Had MS put their classes in a com.microsoft package hierarchy like you're supposed to, Sun wouldn't have cared (or had a leg to stand on).
The restriction was/is in the licence to prevent exactly what started to happen - people started using the classes, and thus were writing code that could only run on MS's VM, which is completely against the core Java ethos of "write once, run anywhere". (Ok, so in practice that's often easier said than done, but this was threatening to make it completely impossible)
For what it's worth, MS didn't have to stop shipping a VM with Windows; they just had to stop shipping their non-compliant VM. They were perfectly at liberty to remove the offending classes and continue developing a compliant VM. Instead they chose not to do so, shifting their efforts to.NET instead.
Especially applications that use "sun.*" or "com.sun.*" packages in open defiance of Sun themselves saying not to do that.
That's a really dumb thing to do if you care about cross-release compatibility. There's no guarantee whatsoever that classes that are present in one release will be present in the next.
We're learning that we don't need a J2EE infrastructure when a simple Model-View-Controller model with a database backend will do the job just as well, and so on.
There's nothing stopping you from implementing that MVC architecture in Java with a servlet container, of course - in fact, in my experience the vast majority of websites that use Java use it in exactly that way.
Mostly yes, although it depends on how it was implemented. Transparent editing (where you can't tell, or can't tell what was changed) would obviously be open to abuse.
If it was implemented so that rather than chaning the comment, you could add to it, that would be a different matter (imho) - that would let you do things like:
"Updated at $time: Found a much better explanation - see $someURL"
or
"Updated at $time: Oops, missed out a 'not' in that sentence!"
or even
"Updated at $time: Forget everything I wrote above, I'm a complete tool. Here's what I *should* have said..."
That way while you could still probably play games with the mods by changing the meaning of a post after it's been modded up
a) the original is still viewable (and combined with some sort of history view, you could tell exactly what was modded up) b) who cares about karma anyway? It's meaningless for everything other than the automatic comment score modifier and petty bragging rights, as far as I can tell.
It's a crap analogy though. A better one would be that you tell the guy who phones you that you actually live next door now, and he believes you. I'm not sure what legal recourse your neighbours would have, if any, but I'd be very surprised indeed if the police didn't want a few words with you. You may even find yourself facing charges for conspiracy or aiding and abetting, although that's probably a stretch.
On the other hand, your neighbour could almost certainly sue you for damages - look at OJ, acquitted by a criminal court then sued in a civil one for the same crime.
Back on topic, here in the UK intentionally redirecting a DDoS to someone else's servers is almost certainly covered by the Computer Misuse Act, so if you were to do it, you may well find yourself in court explaining your actions just as the original idiot does. I'd be surpried if a simmilar law didn't exist in the US.
Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault.
Well,I have to disagree there. Anyone with half the technical know-how required to put together something like Blue Frog should have realised the likely effect immediately. Hell, it was only created in the first place because spam is such a huge problem because there's so much of it - it's entire reason for existing is because there's a flood of the stuff! Therefore, there will necessarily be a flood of responses, therefore a (partial) DDoS on the target site is all-but inevitable.
Now, I'm not saying that it's a bad thing (or a good thing, although a rather large part of me is saying "sounds like just deserts to me..."), just that with a side effect this damn obvious, it most certainly is their fault.
To say opting out is abuse, is nothing but legitimizing illegal (non CAN-SPAM complying) spam.
Opting out most certainly is not abuse. I think Blue Frog is in a rather greyer area than you're making out, but I'm not convinced that it constitutes abuse either - and if it does, I'm not convinced that it isn't a warranted, reasonable response in any case.
After all, if the opt-out link worked, and the spam stopped, so would the response. To stretch an analogy, if I hit someone every time they hit me, I don't think they'd get too far complaining that I was hitting them back. (Although of course in real life, a lot depends on the context)
That's certainly true of consumer batteries, but a great many devices come with batteries pre-installed, many of which are not user-removable. How many power tools still use batteries containing mercury or cadmium? How many of those can have those batteries removed and replaced?
Besides which, even if this is something of a non-issue, introducing the legislation will at least prevent it from becoming an issue again in the future. Not to mention that if the opposite were true, that most batteries would be affected by this, you'd have people here screaming blue murder about how impractical it was.
The fact that we democratically decided that it should be.
The fact that it's basic human decency to help those less fortunate than yourself, particularly those in potentially dire need.
The fact that when a single life is needlessly cut short, the whole society is affected in some way.
Failing all that, simple enlightened self interest. Even if you can afford to pay for your healthcare or insurance now, can you be sure of that in the future? Heaven help you if you fall on hard times, or require treatment that your insurance won't cover.
Actually, I can't remember the last time I heard someone refer to an American as a "Yank". I'm sure some people probably do, just as I'm sure there are some Americans who call us "Limeys", but for the life of me I can't remember the last time I heard it.
I joined Blue Security because I already receive 100 spam mails PER DAY.
I used to receive a couple of dozen per week.
Then some bright spark decided to use my domain to spoof email addresses from for their spam.
I checked my email at around 10pm last night. A little while ago, about 14 hours later, I checked again; I had 593. Now, it's not all spam, as I also get a metric shitload of bounces, along with the odd out of office response, an occasional "die spammer die!" mail, etc.
So anyway, I sympathise with your predicament, and confirm your opinion - once you're at this level, 500 a day is nothing. Thunderbird's junk mail controls catch most of them, most of the rest have easy to spot subjects, and all my friends filtered off to separate folders.
So the spammers are fighting back? I say let them; it will just spur the anit-spam groups to ever greater efforts.
That's all well and good, but the OP was talking about books, not CDs. Clearly musicians can tour, but what about authors? I can't see that there's a great deal of money to be made giving readings (unless you're insanely famous), and what if you're an excellent author but truly suck at public speaking?
I've met a few people who have the certificates, but don't have the in-depth knowledge or experience to really cut it.
I've also known a few people who have both of those things in spades, and still have the certifications too.
(And of course I've known people fitting the other two possibilities)
Contrary to popular belief round these parts, having certifications in IT subjects does not automatically mean that a person has no real useful knowledge or experience; it is entirely possible to have both. The submitter might do well to think about where his clear bias comes from...
(Disclaimer: I have no certifications myself; I never seem to quite find the time to go for them, despite my employer being willing and indeed keen to fund them)
Re:Annoyance as a marketing technique?
on
Explorer Destroyer
·
· Score: 1
I don't see why people are getting so uptight about this.
Because it's stupid, eltist and counter-productive. If you want to design sites that work in Firefox and don't care about supporting IE, fine - don't support IE. But there's no need to block the user if they visit in IE. Hell, what's wrong with a small but noticable banner on the front page (just the front page) informing the user that the site is best viewed in Firefox/Opera/whatever*, that it will work in IE but it won't be as pretty as it should be? You could even provide a link to a screenshot of what it's supposed to look like, so they can see what they're missing out on.
If you just outright block a user, how many of them do you think are going to take the time and trouble to download and install an alternative just to view your site? Unless it's compelling, very few will, and no offence, but the chances of any given site being compelling are pretty damn slim.
(* Although I had hoped that the days of the ever-present "Best viewed with..." legends were long-gone)
Here in the UK the possible link between the MMR jab and autism was all over the press a few years ago, and is still mentioned now and again as yet another study proves or disproves it. Uncomfortably enough, the stoyr was at its height around the time we had to get our daughter vaccinated. After some soul-searching, we went ahead with it, with (as far as we can tell) no ill effects.
I don't recall the supposed link being blamed on anything but the vaccine itself; certainly, when people were calling for separate jabs to be offered, no-one pointed out that it wouldn't make any difference because the preservative was the same. (In fact, the argument was that the jab was safe and that there was no hard evidence for the link)
Re:If blocking users is wrong,it's wrong for every
on
Explorer Destroyer
·
· Score: 2, Interesting
it is about time the IE users get some of the treatment dished out on the rest of us who don't use IE.
I'd agree with you, if it was their fault; but it isn't. As it is, preventing access to IE is every bit as bad as preventing access to non-IE browsers.
If you want to code to the standards as Opera and/or Firefox implement them and let IE fend for itself, fine. If you check the user agent and simply block IE, then that's just plain dumb.
There are any number of possible reasons for hackers attacking IIS more than Apache:
1) IIS only runs on Windows, and so the host is definitely Windows, and so your pre-packaged exploit has a greater chance of running if you manage to crak the server (not so a *nix, which you don't have a 'spolit for) 2) *nix admins are more diligent/security aware than Windows ones 3) the attackers do it because they hate M$ 4) IIS is a softer target than Apache (definitely true historically, not so much so now) 5) Apache doesn't actually host significantly many more sites than IIS, certainly not so many that IIS-hosted sites are hard to find
I could go on, but you get the idea. The basic premise is that Apache is just harder enough to crack than IIS that it simply isn't worth the bother; there are plenty enough IIS sites to crack as it is. These people mostly aren't in it for the challenge, they're just using prepackaged scripts they've downloaded from a darknet IRC channel somewhere and sent off indiscriminately looking for a victim.
As Firefox (and Linux for that matter) gains market share and becomes more popular, it will be more worthwhile trying to create exploits for it. Sure, most of these will be social-engineering ones rather than true remote exploits, but so what? It makes little difference to the end user who's tricked into installing an extension that zombies their machine.
Well now, in many ways warez distributors are no different to GPL violators - both take something written by someone else and distribute it in ways that are against the wishes of the original author.
I'm not saying that they're identical (larger cmomercial warez groups have links with organised crime, for one thing), but morally speaking they're pretty similar.
Either they go ahead with the prosecution and risk creating this precedent that you fear. Or, they do not, and the government gets away with it.
Either way, with no consequences to their actions, the government is (or might as well be) above the law. At least with the EFF trying to prosecute, they
a) have a chance of doing something about it b) bring it to people's attention c) in the event of losing, sow the seed in people's minds that they *must* have been up to something in order to quash the case like that
Incidentally, you also mustn't forget that precedent is a guide, not an iron clad rule. Judges are free to rule differently; precedent just gives them something to use as guidance, and to point at in the event of their ruling being questioned.
That was my first thought too. However, it is just possible that it could also mean "we're not doing that, but in order to prove it we'd have to tell you stuff that we simply can't tell you - ie, the real reason why all those packets are coming to us. We're not spying on you, but the truth (and proof of that) is classified."
The cynic in me says "that proves it!". The scientist in me says that we can't be certain of that.
Yes and no; I've never heard any such rumour about the ZX80 or the BBC Micro. I heard that POKEing a certain memory location on the Commodore Pet would cause it to burst into flames, but never saw it happen so can't confirm it. A quick google turned up this page, which has details about the Pet rumour and the BBC Micro one, but nothing about the ZX80.
These huge monolithic desktops are an annoying departure from The Unix Way.
I don't think that's true at all. The "Unix Way" is to have lots of small scripts, apps, etc that all do one thing, do it well, and are constructed so as to be able to work together in order to perform more complex tasks. Your criticism of Gnome and KDE would be true if they were single, monolithic apps, but they're not. They're both composed of lots of little apps, libraries and scripts, all of which are (more or less) single-responsibility, all of which are used together to perform a more complex task - in this case, operating as a desktop environment.
If Gnome and KDE are a departure from the "unix way", then so is the OS itself.
The OP's comment was along the lines of "MS money going to a good cause? Gates must be spinning in his grave!". My reply was to point out that actually, Gates has already given a lot of money to good causes.
Neither of us made any comment as to how the money was made in the first place, which is irrelevant to the point he made or my refutation, as is the question of Gates' respectability or lack thereof (which again, neither of us commented on).
Microsoft. When Microsoft had their own JVM implementation, Microsoft added various extra libraries and functionality to their runtime that Sun was missing. Sun responded by sueing
.NET instead.
MS added classes to the java.* package hierarchy, in contravention to the terms of their licence. That's why Sun sued. Had MS put their classes in a com.microsoft package hierarchy like you're supposed to, Sun wouldn't have cared (or had a leg to stand on).
The restriction was/is in the licence to prevent exactly what started to happen - people started using the classes, and thus were writing code that could only run on MS's VM, which is completely against the core Java ethos of "write once, run anywhere". (Ok, so in practice that's often easier said than done, but this was threatening to make it completely impossible)
For what it's worth, MS didn't have to stop shipping a VM with Windows; they just had to stop shipping their non-compliant VM. They were perfectly at liberty to remove the offending classes and continue developing a compliant VM. Instead they chose not to do so, shifting their efforts to
Especially applications that use "sun.*" or "com.sun.*" packages in open defiance of Sun themselves saying not to do that.
That's a really dumb thing to do if you care about cross-release compatibility. There's no guarantee whatsoever that classes that are present in one release will be present in the next.
We're learning that we don't need a J2EE infrastructure when a simple Model-View-Controller model with a database backend will do the job just as well, and so on.
There's nothing stopping you from implementing that MVC architecture in Java with a servlet container, of course - in fact, in my experience the vast majority of websites that use Java use it in exactly that way.
Mostly yes, although it depends on how it was implemented. Transparent editing (where you can't tell, or can't tell what was changed) would obviously be open to abuse.
If it was implemented so that rather than chaning the comment, you could add to it, that would be a different matter (imho) - that would let you do things like:
"Updated at $time: Found a much better explanation - see $someURL"
or
"Updated at $time: Oops, missed out a 'not' in that sentence!"
or even
"Updated at $time: Forget everything I wrote above, I'm a complete tool. Here's what I *should* have said..."
That way while you could still probably play games with the mods by changing the meaning of a post after it's been modded up
a) the original is still viewable (and combined with some sort of history view, you could tell exactly what was modded up)
b) who cares about karma anyway? It's meaningless for everything other than the automatic comment score modifier and petty bragging rights, as far as I can tell.
Sorry to reply to myself
It's better than a new top level comment, and as we can't edit comments here, it's about the best you can do.
Actually, Windows has always had SUDO.
Actually, Windows has had "run as" since Windows 2000. (And to pick a nit, sudo should not be capitalised)
It's a crap analogy though. A better one would be that you tell the guy who phones you that you actually live next door now, and he believes you. I'm not sure what legal recourse your neighbours would have, if any, but I'd be very surprised indeed if the police didn't want a few words with you. You may even find yourself facing charges for conspiracy or aiding and abetting, although that's probably a stretch.
On the other hand, your neighbour could almost certainly sue you for damages - look at OJ, acquitted by a criminal court then sued in a civil one for the same crime.
Back on topic, here in the UK intentionally redirecting a DDoS to someone else's servers is almost certainly covered by the Computer Misuse Act, so if you were to do it, you may well find yourself in court explaining your actions just as the original idiot does. I'd be surpried if a simmilar law didn't exist in the US.
Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault.
Well,I have to disagree there. Anyone with half the technical know-how required to put together something like Blue Frog should have realised the likely effect immediately. Hell, it was only created in the first place because spam is such a huge problem because there's so much of it - it's entire reason for existing is because there's a flood of the stuff! Therefore, there will necessarily be a flood of responses, therefore a (partial) DDoS on the target site is all-but inevitable.
Now, I'm not saying that it's a bad thing (or a good thing, although a rather large part of me is saying "sounds like just deserts to me..."), just that with a side effect this damn obvious, it most certainly is their fault.
To say opting out is abuse, is nothing but legitimizing illegal (non CAN-SPAM complying) spam.
Opting out most certainly is not abuse. I think Blue Frog is in a rather greyer area than you're making out, but I'm not convinced that it constitutes abuse either - and if it does, I'm not convinced that it isn't a warranted, reasonable response in any case.
After all, if the opt-out link worked, and the spam stopped, so would the response. To stretch an analogy, if I hit someone every time they hit me, I don't think they'd get too far complaining that I was hitting them back. (Although of course in real life, a lot depends on the context)
That's certainly true of consumer batteries, but a great many devices come with batteries pre-installed, many of which are not user-removable. How many power tools still use batteries containing mercury or cadmium? How many of those can have those batteries removed and replaced?
Besides which, even if this is something of a non-issue, introducing the legislation will at least prevent it from becoming an issue again in the future. Not to mention that if the opposite were true, that most batteries would be affected by this, you'd have people here screaming blue murder about how impractical it was.
The fact that we democratically decided that it should be.
The fact that it's basic human decency to help those less fortunate than yourself, particularly those in potentially dire need.
The fact that when a single life is needlessly cut short, the whole society is affected in some way.
Failing all that, simple enlightened self interest. Even if you can afford to pay for your healthcare or insurance now, can you be sure of that in the future? Heaven help you if you fall on hard times, or require treatment that your insurance won't cover.
Actually, I can't remember the last time I heard someone refer to an American as a "Yank". I'm sure some people probably do, just as I'm sure there are some Americans who call us "Limeys", but for the life of me I can't remember the last time I heard it.
I joined Blue Security because I already receive 100 spam mails PER DAY.
I used to receive a couple of dozen per week.
Then some bright spark decided to use my domain to spoof email addresses from for their spam.
I checked my email at around 10pm last night. A little while ago, about 14 hours later, I checked again; I had 593. Now, it's not all spam, as I also get a metric shitload of bounces, along with the odd out of office response, an occasional "die spammer die!" mail, etc.
So anyway, I sympathise with your predicament, and confirm your opinion - once you're at this level, 500 a day is nothing. Thunderbird's junk mail controls catch most of them, most of the rest have easy to spot subjects, and all my friends filtered off to separate folders.
So the spammers are fighting back? I say let them; it will just spur the anit-spam groups to ever greater efforts.
That's all well and good, but the OP was talking about books, not CDs. Clearly musicians can tour, but what about authors? I can't see that there's a great deal of money to be made giving readings (unless you're insanely famous), and what if you're an excellent author but truly suck at public speaking?
Aw, count me out then - I can handle one or the other, but not both!
I've met a few people who have the certificates, but don't have the in-depth knowledge or experience to really cut it.
I've also known a few people who have both of those things in spades, and still have the certifications too.
(And of course I've known people fitting the other two possibilities)
Contrary to popular belief round these parts, having certifications in IT subjects does not automatically mean that a person has no real useful knowledge or experience; it is entirely possible to have both. The submitter might do well to think about where his clear bias comes from...
(Disclaimer: I have no certifications myself; I never seem to quite find the time to go for them, despite my employer being willing and indeed keen to fund them)
I don't see why people are getting so uptight about this.
Because it's stupid, eltist and counter-productive. If you want to design sites that work in Firefox and don't care about supporting IE, fine - don't support IE. But there's no need to block the user if they visit in IE. Hell, what's wrong with a small but noticable banner on the front page (just the front page) informing the user that the site is best viewed in Firefox/Opera/whatever*, that it will work in IE but it won't be as pretty as it should be? You could even provide a link to a screenshot of what it's supposed to look like, so they can see what they're missing out on.
If you just outright block a user, how many of them do you think are going to take the time and trouble to download and install an alternative just to view your site? Unless it's compelling, very few will, and no offence, but the chances of any given site being compelling are pretty damn slim.
(* Although I had hoped that the days of the ever-present "Best viewed with..." legends were long-gone)
Here in the UK the possible link between the MMR jab and autism was all over the press a few years ago, and is still mentioned now and again as yet another study proves or disproves it. Uncomfortably enough, the stoyr was at its height around the time we had to get our daughter vaccinated. After some soul-searching, we went ahead with it, with (as far as we can tell) no ill effects.
I don't recall the supposed link being blamed on anything but the vaccine itself; certainly, when people were calling for separate jabs to be offered, no-one pointed out that it wouldn't make any difference because the preservative was the same. (In fact, the argument was that the jab was safe and that there was no hard evidence for the link)
it is about time the IE users get some of the treatment dished out on the rest of us who don't use IE.
I'd agree with you, if it was their fault; but it isn't. As it is, preventing access to IE is every bit as bad as preventing access to non-IE browsers.
If you want to code to the standards as Opera and/or Firefox implement them and let IE fend for itself, fine. If you check the user agent and simply block IE, then that's just plain dumb.
There are any number of possible reasons for hackers attacking IIS more than Apache:
1) IIS only runs on Windows, and so the host is definitely Windows, and so your pre-packaged exploit has a greater chance of running if you manage to crak the server (not so a *nix, which you don't have a 'spolit for)
2) *nix admins are more diligent/security aware than Windows ones
3) the attackers do it because they hate M$
4) IIS is a softer target than Apache (definitely true historically, not so much so now)
5) Apache doesn't actually host significantly many more sites than IIS, certainly not so many that IIS-hosted sites are hard to find
I could go on, but you get the idea. The basic premise is that Apache is just harder enough to crack than IIS that it simply isn't worth the bother; there are plenty enough IIS sites to crack as it is. These people mostly aren't in it for the challenge, they're just using prepackaged scripts they've downloaded from a darknet IRC channel somewhere and sent off indiscriminately looking for a victim.
As Firefox (and Linux for that matter) gains market share and becomes more popular, it will be more worthwhile trying to create exploits for it. Sure, most of these will be social-engineering ones rather than true remote exploits, but so what? It makes little difference to the end user who's tricked into installing an extension that zombies their machine.
Well now, in many ways warez distributors are no different to GPL violators - both take something written by someone else and distribute it in ways that are against the wishes of the original author.
I'm not saying that they're identical (larger cmomercial warez groups have links with organised crime, for one thing), but morally speaking they're pretty similar.
You think they send all those emails for free, out of the goodness of their hearts? You think the lists of "confirmed working" emails are free?
Well, seems to me that they have two choices.
Either they go ahead with the prosecution and risk creating this precedent that you fear. Or, they do not, and the government gets away with it.
Either way, with no consequences to their actions, the government is (or might as well be) above the law. At least with the EFF trying to prosecute, they
a) have a chance of doing something about it
b) bring it to people's attention
c) in the event of losing, sow the seed in people's minds that they *must* have been up to something in order to quash the case like that
Incidentally, you also mustn't forget that precedent is a guide, not an iron clad rule. Judges are free to rule differently; precedent just gives them something to use as guidance, and to point at in the event of their ruling being questioned.
That was my first thought too. However, it is just possible that it could also mean "we're not doing that, but in order to prove it we'd have to tell you stuff that we simply can't tell you - ie, the real reason why all those packets are coming to us. We're not spying on you, but the truth (and proof of that) is classified."
The cynic in me says "that proves it!". The scientist in me says that we can't be certain of that.
Yes and no; I've never heard any such rumour about the ZX80 or the BBC Micro. I heard that POKEing a certain memory location on the Commodore Pet would cause it to burst into flames, but never saw it happen so can't confirm it. A quick google turned up this page, which has details about the Pet rumour and the BBC Micro one, but nothing about the ZX80.
These huge monolithic desktops are an annoying departure from The Unix Way.
I don't think that's true at all. The "Unix Way" is to have lots of small scripts, apps, etc that all do one thing, do it well, and are constructed so as to be able to work together in order to perform more complex tasks. Your criticism of Gnome and KDE would be true if they were single, monolithic apps, but they're not. They're both composed of lots of little apps, libraries and scripts, all of which are (more or less) single-responsibility, all of which are used together to perform a more complex task - in this case, operating as a desktop environment.
If Gnome and KDE are a departure from the "unix way", then so is the OS itself.
The OP's comment was along the lines of "MS money going to a good cause? Gates must be spinning in his grave!". My reply was to point out that actually, Gates has already given a lot of money to good causes.
Neither of us made any comment as to how the money was made in the first place, which is irrelevant to the point he made or my refutation, as is the question of Gates' respectability or lack thereof (which again, neither of us commented on).