Let me clarify - it's not a Flash-heavy site, because it's not a site. It's a course. It's an online course entirely written in Flash, not a Flash-heavy web site.
That's not entire true, and not everyone agrees with you.
The company I work for makes CBT courses like what you see here, and the military is one of our clients. We don't get broad open contracts, we have to bid and compete for them, and the scope of work is limited to the CBT that we're creating. The prices the military pays are the same prices that corporations pay (in fact, we even discount the military's price because they've been so consistent in giving us work).
And, finally, I'll add that our company has won several training industry awards (including [especially] for work we've done for the military), and we employ a staff of highly-qualified writers and artists. You can sit there and say the government spends too much money to get sub-par "pieces of crap" without detailing what exactly your "plenty of first-hand experience" is, but quality is all about the vendor. If you choose a good vendor, you get a good product. If you choose a sub-par piece of crap vendor, then you get a sub-par piece of crap product. And this comes from my own experience of working for a government vendor that produces exactly the type of thing you're critiquing (although the CBT in question is not ours).
Sorry if that influences your mod, but I don't think you're as insightful as you would like others to believe.
Just to point out, this isn't a "Flash-heavy" site, this is an online training course (CBT = computer-based training). The vast majority of CBT courses are done in Flash, for a variety of reasons (animation and audio are two). The company I work for creates CBT courses, including for the military. The LMS they run on disa.mil is the Meridian LMS I believe, we have several of our own courses sitting on their LMS. None of them are publicly-available though, I'm not sure why this course is.
It's nice that they bother to create a non-Flash version, that's not something that we normally offer. The vast majority of our clients are fine with having their courseware delivered as a Flash package.
Should setting up shop in order to take advantage of a law against spamming be allowed? HELL YES it should!
Maybe so, but CAN-SPAM makes specific provisions for who can sue and who can't sue.
Is the a provision in the CAN SPAM act that says you can't do this?
Yes, it says that only "Internet access providers" are allowed to sue for damages, and that they need to illustrate that the damages are the result of the spam and not simply the cost of normal network operation.
Is there any law, federal or state, that says you can't do this?
Many states set up their own anti-spam laws after CAN-SPAM (which CAN-SPAM was specifically trying to preempt), the judge in this case ruled that CAN-SPAM does in fact preempt the Washington State laws that Gordon was also using in the suit.
The bottom line is that someone set up a "honey net" for profit via the judicial system.
Right, and that is specifically what CAN-SPAM was trying to prevent - allowing any private person to sue any company for spam. This is why you must be an ISP to sue, and why you have to show damages directly related to the spam. Congress was afraid that if that provision were left out that it would harm legitimate marketers who would be sued by private people just because they didn't want to receive the marketing (even though it might be legally allowed). So yes, the reason the judge ruled against Gordon is because the judge realized that he set up a honey pot specifically to receive spam so that he could sue over it, and was not in fact a bona fide ISP sustaining actual damages from the spam. It should also be noted that Gordon had 10 other lawsuits pending in the same Washington court alone, and his entire income for 2006/2007 came from settlements and disputes. Apparently his "free email service" at gordonworks.com is also now offline.
Congress did not pass CAN-SPAM to enable people to make a living off of suing other people over advertising. That's what Gordon was doing, and that's why the judge tossed it out.
If they have an isolated ranch in Colorado yet run such a business that they -must- access their data, chances are they make lots of money.
Yeah, they do. I think that guy in particular was a lawyer, I'm not sure though.
Not necessarily $50k, but yeah you're essentially setting up your own infrastructure. Your programmer friend could find someone who does have broadband and get a long-range wireless network set up for the cost of the antennae plus the ISP fee. I actually wasn't aware that wireless even had that kind of range until I heard about this particular job. Turns out that there are quite a few high-gain antennae out there, for a couple hundred bucks. The difficulty is finding your nearest neighbor that wants to let you put an antenna on their property and split their ISP bill. I was just trying to make the point that it is generally possible to get broadband anywhere, as long as you're willing to spend the money. If you're not willing to do that, then yeah, your option is to wait for the ISP to do it for you.
If it's a priority that you have a decent connection, you'll get a decent connection. It's pretty hard to make an argument that there are "avid" gamers out there without a decent connection. If you're that "avid", you're going to do what it takes to get hooked up.
I've got a friend who runs a network services business. One of his clients has a ranch in Colorado, and he wanted to be able to access all of his data while on the ranch. Due to the fact that the ranch house was several miles away from the nearest paved road, he had no cable or DSL service. I suppose satellite was probably an option, but when you're trying to set up a VPN to another state it probably helps to have lower latency than what satellite can provide. So the solution was to find a wireless antenna with a range of several miles, and set that up. The guy paid whatever was necessary and got the connection that he needed to do what he wanted to do. The bandwidth even started out pretty low, but my friend who set up the network called the ISP and talked to one of the two engineers they had on staff, and got the guy to flip a switch to give them more bandwidth if they just agreed to pay more per month. This is pro-active, they aren't waiting for the cable company to get around to doing what they want to do, instead they make it happen themselves.
It sounds like a lot of people are not willing to spend the money to get the connection they want to have, but they still expect to have the same experience. At your parents' house, you can get satellite or you can set up a long-range wireless network, either way you can get a pretty respectable speed. I've been to some places pretty far out there that still had a decent connection because it was a priority for them to get it set up.
You are thinking of the it takes nine months to make a baby put 9 women on it. It *DOES NOT WORK*. You end up with product that does to much with too little focus.
Actually, I'm pretty sure you end up with 9 babies, or an average of 1 baby per month.
Actually, I'm thinking it's a US-centric application that doesn't even have an option for other countries. Or maybe just Canada.
Regardless, what the hell are the US credit bureaus doing tracking credit for residents of Micronesia? Micronesia has their own social security administration, can't they also track their own credit?
It's not like scammers work with a single domain. $6.75 * 1,000 or 10,000 is certainly going to discourage some people from being a douchebag. These are people who make tiny amounts of money from a ton of places, $6.75 is enough to destroy each small revenue stream for them.
It's sort of like when you take a penny from the tray at 7-11, except it's a much larger tray, and they take several million times.
That's correct, 2.6 has had more time to have its bugs exposed. That's about as good as this type of relatively meaningless comparison can get though. It doesn't look like bugs are tracked in the iterative versions, on Secunia anyway.
I thought these nonsensical cherry-picking comparisons using Secunia or any other site that doesn't track Linux, were dead?
I hadn't heard that, let me see if Netcraft confirms it.
Linux 2.0 : 1 Secunia advisory, 0 vulnerability Linux 2.5 : 2 Secunia advisory, 0 vulnerability I can be kind too : Linux 2.2 : 8 Secunia advisory, 5 vulnerability
People have been quick to point out that it wasn't a good comparison to include 2.0 or 2.2 because of how old they are. I frankly thought it would make the numbers for Linux look better if they covered 5 versions vs. 2 versions. 2.4 and 2.6 between them have 268 advisories for 468 vulnerabilities, I thought if I bumped that up a little to 279/473 and included 3 other versions it would be more kind to Linux. So that's where my agenda is.
I frankly find it funny that I asked a guy to back up his claims, quoted stats from Secunia (which he asked me to do, by the way), and now people assume I have an anti-Linux, pro-Microsoft agenda. That's not even remotely true, I haven't even stated my opinion on either OS (in this thread, before today, anyway). I've mentioned in a couple other replies today that I consider Linux to be the superior OS of the two, but people have become very defensive.
Moreover, comparing Windows Server 2008 with Linux kernel 2.6 with raw numbers doesn't take into account time and exposure. There's been a lot more time for people to find vulnerabilities in 2.6.
That's true, and a valid point, but it also indicates that Microsoft OSs have become increasingly secure. (many of)The bugs in Server 2003, for example, are not in 2008.
I haven't even stated my point, all I've done is quote stats. We all know how meaningful stats are. It might surprise you to know that I consider Linux the superior OS in many respects. Actually, pretty much every respect except usability.
Between 2.0 and 2.2 there are a total of 9 advisories for 5 vulnerabilities. They don't make a lot of difference. I thought the numbers would frankly be more impressive for Linux if they covered the 5 previous versions instead of the 3 previous versions. If you want to leave out the 9/5 for those two versions, and we can probably also get rid of the 2 vulnerabilities for 2.5 since it's an odd version number anyway, then that leaves 268 advisories and 468 vulnerabilities between versions 2.4 and 2.6 alone.
Better?
FYI: I think Linux is a superior OS, and have not claimed otherwise.
Clearly, and you could have stopped there. I wasn't trying to make a major point and get a +5 comment, he told me to look it up on Secunia and so I did. There are about 25 versions of Windows listed there, and I didn't even include XP or any consumer OS, so obviously it doesn't mean a lot.
That's not even considering the fact that one bug that lasted over several versions ends up counting as more than one.
Sorry, next time I'll use 2.8 instead. Or, if you want to get Secunia to track 2.6.30.4, or any other minor version, I'll be happy to look that up also. But they don't track that.
Why did you include 2.0 kernels in those figures, 2.2.0 was released in 1999.
2.0 only had 1 advisory and no vulnerabilities, it could have been left out and the numbers wouldn't have changed. 2.6 actually turned out to be the major offender.
I guess if you're going to admit defeat in our stupid little argument, that makes me a little bit happy. At least for as long as it takes to type this, anyway.
I never even stated a position, I only asked you to back up your claims and quoted some statistics, but if you want to concede to someone without a position then I guess I'll take it.
My opinion? What opinion is that? Let's see what I've said...
Citation needed.
Surely you can link to a few examples of privilege escalation exploits for Windows coming out every two Sundays. I mean, we've had a lot of Sundays since Windows has been out.
Possibly, for sufficiently loose definitions of "much more".
Linux kernel 2.0-2.6: 279 Secunia advisories, 473 vulnerabilities
Windows 2000 Server + Windows Server 2003 Standard + Windows Server 2008: 472 Secunia advisories, 580 vulnerabilities
It's also worth noting that kernel 2.6 alone contains 186 advisories for 352 vulnerabilities with 6% unpatched. Windows Server 2008 contains 40 advisories for 82 vulnerabilities with 0% unpatched.
So there's the math. Keep in mind that's comparing an entire server OS with just the Linux kernel.
I ask the guy to back up his claims, and I quote statistics from Secunia after being asked to do so. Which part of that has my opinion in it? Why don't you tell me what my opinion is, you know so much? Did I state an opinion and strike a nerve without realizing it?
Let me clarify - it's not a Flash-heavy site, because it's not a site. It's a course. It's an online course entirely written in Flash, not a Flash-heavy web site.
That's not entire true, and not everyone agrees with you.
The company I work for makes CBT courses like what you see here, and the military is one of our clients. We don't get broad open contracts, we have to bid and compete for them, and the scope of work is limited to the CBT that we're creating. The prices the military pays are the same prices that corporations pay (in fact, we even discount the military's price because they've been so consistent in giving us work).
And, finally, I'll add that our company has won several training industry awards (including [especially] for work we've done for the military), and we employ a staff of highly-qualified writers and artists. You can sit there and say the government spends too much money to get sub-par "pieces of crap" without detailing what exactly your "plenty of first-hand experience" is, but quality is all about the vendor. If you choose a good vendor, you get a good product. If you choose a sub-par piece of crap vendor, then you get a sub-par piece of crap product. And this comes from my own experience of working for a government vendor that produces exactly the type of thing you're critiquing (although the CBT in question is not ours).
Sorry if that influences your mod, but I don't think you're as insightful as you would like others to believe.
Just to point out, this isn't a "Flash-heavy" site, this is an online training course (CBT = computer-based training). The vast majority of CBT courses are done in Flash, for a variety of reasons (animation and audio are two). The company I work for creates CBT courses, including for the military. The LMS they run on disa.mil is the Meridian LMS I believe, we have several of our own courses sitting on their LMS. None of them are publicly-available though, I'm not sure why this course is.
It's nice that they bother to create a non-Flash version, that's not something that we normally offer. The vast majority of our clients are fine with having their courseware delivered as a Flash package.
Should setting up shop in order to take advantage of a law against spamming be allowed? HELL YES it should!
Maybe so, but CAN-SPAM makes specific provisions for who can sue and who can't sue.
Is the a provision in the CAN SPAM act that says you can't do this?
Yes, it says that only "Internet access providers" are allowed to sue for damages, and that they need to illustrate that the damages are the result of the spam and not simply the cost of normal network operation.
Is there any law, federal or state, that says you can't do this?
Many states set up their own anti-spam laws after CAN-SPAM (which CAN-SPAM was specifically trying to preempt), the judge in this case ruled that CAN-SPAM does in fact preempt the Washington State laws that Gordon was also using in the suit.
The bottom line is that someone set up a "honey net" for profit via the judicial system.
Right, and that is specifically what CAN-SPAM was trying to prevent - allowing any private person to sue any company for spam. This is why you must be an ISP to sue, and why you have to show damages directly related to the spam. Congress was afraid that if that provision were left out that it would harm legitimate marketers who would be sued by private people just because they didn't want to receive the marketing (even though it might be legally allowed). So yes, the reason the judge ruled against Gordon is because the judge realized that he set up a honey pot specifically to receive spam so that he could sue over it, and was not in fact a bona fide ISP sustaining actual damages from the spam. It should also be noted that Gordon had 10 other lawsuits pending in the same Washington court alone, and his entire income for 2006/2007 came from settlements and disputes. Apparently his "free email service" at gordonworks.com is also now offline.
Congress did not pass CAN-SPAM to enable people to make a living off of suing other people over advertising. That's what Gordon was doing, and that's why the judge tossed it out.
If they have an isolated ranch in Colorado yet run such a business that they -must- access their data, chances are they make lots of money.
Yeah, they do. I think that guy in particular was a lawyer, I'm not sure though.
Not necessarily $50k, but yeah you're essentially setting up your own infrastructure. Your programmer friend could find someone who does have broadband and get a long-range wireless network set up for the cost of the antennae plus the ISP fee. I actually wasn't aware that wireless even had that kind of range until I heard about this particular job. Turns out that there are quite a few high-gain antennae out there, for a couple hundred bucks. The difficulty is finding your nearest neighbor that wants to let you put an antenna on their property and split their ISP bill. I was just trying to make the point that it is generally possible to get broadband anywhere, as long as you're willing to spend the money. If you're not willing to do that, then yeah, your option is to wait for the ISP to do it for you.
If it's a priority that you have a decent connection, you'll get a decent connection. It's pretty hard to make an argument that there are "avid" gamers out there without a decent connection. If you're that "avid", you're going to do what it takes to get hooked up.
I've got a friend who runs a network services business. One of his clients has a ranch in Colorado, and he wanted to be able to access all of his data while on the ranch. Due to the fact that the ranch house was several miles away from the nearest paved road, he had no cable or DSL service. I suppose satellite was probably an option, but when you're trying to set up a VPN to another state it probably helps to have lower latency than what satellite can provide. So the solution was to find a wireless antenna with a range of several miles, and set that up. The guy paid whatever was necessary and got the connection that he needed to do what he wanted to do. The bandwidth even started out pretty low, but my friend who set up the network called the ISP and talked to one of the two engineers they had on staff, and got the guy to flip a switch to give them more bandwidth if they just agreed to pay more per month. This is pro-active, they aren't waiting for the cable company to get around to doing what they want to do, instead they make it happen themselves.
It sounds like a lot of people are not willing to spend the money to get the connection they want to have, but they still expect to have the same experience. At your parents' house, you can get satellite or you can set up a long-range wireless network, either way you can get a pretty respectable speed. I've been to some places pretty far out there that still had a decent connection because it was a priority for them to get it set up.
You are thinking of the it takes nine months to make a baby put 9 women on it. It *DOES NOT WORK*. You end up with product that does to much with too little focus.
Actually, I'm pretty sure you end up with 9 babies, or an average of 1 baby per month.
You fail at reading comprehension. These two statements:
"Even worse news for Microsoft is that only 3.8% said they would buy another Xbox"
"Impressively, only 4% of respondents said they wouldn't buy a new 360 because of hardware failures."
..mean the opposite of each other. It's not about 3.8% vs 4%, it's about whether the 4% of people would or would not buy another console.
Actually, I'm thinking it's a US-centric application that doesn't even have an option for other countries. Or maybe just Canada.
Regardless, what the hell are the US credit bureaus doing tracking credit for residents of Micronesia? Micronesia has their own social security administration, can't they also track their own credit?
Eventually someone is going to revolt against someone somewhere.
Thanks, Nostradamus.
It's designed and programmed in Web 2.0
Spoken like a true corporate suit.
It's not like scammers work with a single domain. $6.75 * 1,000 or 10,000 is certainly going to discourage some people from being a douchebag. These are people who make tiny amounts of money from a ton of places, $6.75 is enough to destroy each small revenue stream for them.
It's sort of like when you take a penny from the tray at 7-11, except it's a much larger tray, and they take several million times.
That's correct, 2.6 has had more time to have its bugs exposed. That's about as good as this type of relatively meaningless comparison can get though. It doesn't look like bugs are tracked in the iterative versions, on Secunia anyway.
Sorry, when the posts are nested this deeply it loses the formatting. I'm confusing myself now.
I thought these nonsensical cherry-picking comparisons using Secunia or any other site that doesn't track Linux, were dead?
I hadn't heard that, let me see if Netcraft confirms it.
Linux 2.0 : 1 Secunia advisory, 0 vulnerability
Linux 2.5 : 2 Secunia advisory, 0 vulnerability
I can be kind too :
Linux 2.2 : 8 Secunia advisory, 5 vulnerability
People have been quick to point out that it wasn't a good comparison to include 2.0 or 2.2 because of how old they are. I frankly thought it would make the numbers for Linux look better if they covered 5 versions vs. 2 versions. 2.4 and 2.6 between them have 268 advisories for 468 vulnerabilities, I thought if I bumped that up a little to 279/473 and included 3 other versions it would be more kind to Linux. So that's where my agenda is.
I frankly find it funny that I asked a guy to back up his claims, quoted stats from Secunia (which he asked me to do, by the way), and now people assume I have an anti-Linux, pro-Microsoft agenda. That's not even remotely true, I haven't even stated my opinion on either OS (in this thread, before today, anyway). I've mentioned in a couple other replies today that I consider Linux to be the superior OS of the two, but people have become very defensive.
Moreover, comparing Windows Server 2008 with Linux kernel 2.6 with raw numbers doesn't take into account time and exposure. There's been a lot more time for people to find vulnerabilities in 2.6.
That's true, and a valid point, but it also indicates that Microsoft OSs have become increasingly secure. (many of)The bugs in Server 2003, for example, are not in 2008.
It is also worth noting that Kernel 2.6 was introduced in 2004 and Windows Server 2008 four years later.
I don't see how that would factor in. 2.6 and Windows Server 2008 are the most recent offerings of the competing camps, correct?
I haven't even stated my point, all I've done is quote stats. We all know how meaningful stats are. It might surprise you to know that I consider Linux the superior OS in many respects. Actually, pretty much every respect except usability.
Between 2.0 and 2.2 there are a total of 9 advisories for 5 vulnerabilities. They don't make a lot of difference. I thought the numbers would frankly be more impressive for Linux if they covered the 5 previous versions instead of the 3 previous versions. If you want to leave out the 9/5 for those two versions, and we can probably also get rid of the 2 vulnerabilities for 2.5 since it's an odd version number anyway, then that leaves 268 advisories and 468 vulnerabilities between versions 2.4 and 2.6 alone.
Better?
FYI: I think Linux is a superior OS, and have not claimed otherwise.
Yeah. Clint Eastwood sucks.
Your comparison is very flawed and meaningless.
Clearly, and you could have stopped there. I wasn't trying to make a major point and get a +5 comment, he told me to look it up on Secunia and so I did. There are about 25 versions of Windows listed there, and I didn't even include XP or any consumer OS, so obviously it doesn't mean a lot.
That's not even considering the fact that one bug that lasted over several versions ends up counting as more than one.
Sorry, next time I'll use 2.8 instead. Or, if you want to get Secunia to track 2.6.30.4, or any other minor version, I'll be happy to look that up also. But they don't track that.
Why did you include 2.0 kernels in those figures, 2.2.0 was released in 1999.
2.0 only had 1 advisory and no vulnerabilities, it could have been left out and the numbers wouldn't have changed. 2.6 actually turned out to be the major offender.
I guess if you're going to admit defeat in our stupid little argument, that makes me a little bit happy. At least for as long as it takes to type this, anyway.
I never even stated a position, I only asked you to back up your claims and quoted some statistics, but if you want to concede to someone without a position then I guess I'll take it.
My opinion? What opinion is that? Let's see what I've said...
Citation needed.
Surely you can link to a few examples of privilege escalation exploits for Windows coming out every two Sundays. I mean, we've had a lot of Sundays since Windows has been out.
Possibly, for sufficiently loose definitions of "much more".
Linux kernel 2.0-2.6: 279 Secunia advisories, 473 vulnerabilities
Windows 2000 Server + Windows Server 2003 Standard + Windows Server 2008: 472 Secunia advisories, 580 vulnerabilities
It's also worth noting that kernel 2.6 alone contains 186 advisories for 352 vulnerabilities with 6% unpatched. Windows Server 2008 contains 40 advisories for 82 vulnerabilities with 0% unpatched.
So there's the math. Keep in mind that's comparing an entire server OS with just the Linux kernel.
I ask the guy to back up his claims, and I quote statistics from Secunia after being asked to do so. Which part of that has my opinion in it? Why don't you tell me what my opinion is, you know so much? Did I state an opinion and strike a nerve without realizing it?