But a major problem is EDE's non-conformance to the popular freedesktop standards.
You know, what joker looked at the Unix world and said, "You know what we don't have enough of? Security holes based on file name extensions. That is really an advantage Windows has over us." and then implemented *.desktop?
Because it's the worst aspects of Windows's PIFs, and extension hiding, and everything else, all rolled into one. They couldn't be bothered to even make such files only work when executable.
Can't wait to see the first "FreeDesktop" exploit.
Clearly, below. Because anything after the "-- " signature marker is signature. Your whole message would be a signature, as you trim and reply to the inline quotes. If you're not doing the latter, shame on you.
I guess the whole 'Java' vs. 'Javascript' is confusing to n00bs (or 'us morons') since they both contain the (unrelated) root word:java.
Yes it is, and Sun decided to follow that resounding marketing success by renaming their GNOME/Linux and GNOME/Solaris distros to "Java Desktop System".
For Linux, or for RedHat on x86? Sad to see even Slashdot has fallen to the low of just pasting press releases instead of questioning these nonsensical claims.
I fixed your link. And shame on you for linking to the milquetoast "arXiv" URL instead of the canonical xxx.lanl.gov one, rich with historical significance. You are in alliance with the same idiotic filter vendors that block me from reading "documentation" from the Panera WiFi (I tunnel through, of course), and therefore a traitor.
You'll be first against the wall when the revolution comes.
general brokenness in the way ELF was designed (it doesn't seal off shared libraries from each other properly, so they can interfere and cause crashes)
Can you explain this further? I don't think I've ever encountered it.
"I thought you didn't believe in God," he asked bewilderedly.
"I don't," she sobbed.... "But the God I don't believe in is a good God, a just God, a merciful God. He's not the mean and stupid God you make him out to be."
Didn't watch the video so can't comment on that. But:
One of the most common features of Ron Paul's economic reasoning is to regularly use the concepts of inflation and exchange rates as if they were the same thing -- a mistake which no one with any knowledge of economics would make.
Every time I've seen Ron Paul talk about it he's mentioned how the dollar has fallen against other currencies as well as against precious metals and commodities. He's also addressed rising services costs.
The dollar has lost like 50% of its value to the euro; if that were to be explained by inflation, then prices in this country would have to have doubled during the same period, which obviously is not the case.
If the federal reserve created money to finance government spending, then the government wouldn't owe anything at the end of the day. Obviously this isn't true.
No, they would owe the same amount in dollars, which would be a smaller fraction of their money as tax revenues would have gone up by virtue of U.S. productivity costing more relative to the dollar (inflation). But they keep doing it so the debt keeps growing, and they have to print to pay the interest on it.
If you think they haven't been printing to finance military and empire, among other things, you're deluding yourself.
Does Google support other XMPP servers tying into their network now? I remember when it came out they didn't, worried about spam and such I guess. If they allow that now that would be awesome, and I would immediately set up my own server and join their network.
Jabber supports end-to-end encryption out of the box, right? Google is Big Brother, after all...
Rape, really? A little bit of a tangent, but okay.
FBI says 9 percent of rape accusations are unfounded. That's a not insignificant minority when you consider the "guilty until proven innocent" approach taken in rape cases, the lingering suspicion even after an acquittal, and the willingness of political entities to prosecute obviously false charges out of some kind of vindictiveness (witness the Duke case, and not just the prosecutor; look at all the concerned organizations that piled on).
All charges, rape or otherwise, should be in doubt. In case you forgot, that's the foundation of our court system. And you can be sympathetic to a victim, even interact with her on the assumption she's being truthful, without automatically assuming the suspect is guilty.
Ron Paul is not for a flat tax. He is for abolishing the IRS, trimming spending and inflation debt, and making up the rest with tarriffs and other mechanisms.
Goes to show it's not a good idea to get on a high horse about being an informed voter.
I wish you had read my post more clearly before replying. Linking the definition of a widely-known snarky phrase was a nice touch though. When you're on Fark you must be one of those people that mention "Rosebud" or "PC Load Letter" and then tag it with "/obscure?".
Had you read my comments in detail you would have seen me complaining about Yahoo much more than I was complaining about DKIM. (I have DKIM deployed on my mail servers and I acknowledge its usefulness within the constraints that you highlighted.) In fact, my chief complaint was and is that Yahoo doesn't support the standard DKIM — the spec of which they helped write! — and instead sticks to their original homegrown DomainKeys, which was superseded by DKIM for good reason.
Once you understand that, the rest of my comments should become more clear. For example, my comment about intermediate mail servers was limited to DomainKeys breaking when those relays add headers. You argue that DKIM lets you choose which header to sign, and you are absolutely correct, which is one of the improvements of DKIM over DomainKeys.
You also missed my point about SPF versus DKIM/DomainKeys. If postmasters are unwilling or unable to even make a list of all their mail servers, they're much less likely to ensure that they're all signing outgoing mail and doing so properly. Therefore no one is going to deploy SSP, and you can't do anything with unsigned mail that should be signed, just like you can't do anything with GMail that didn't come from a Google mail server (or at least can't if you want to respect standards).
Finally I disagree strongly that doing anything on the envelope is a bad idea. With SPF, it is a great idea, because it's finally the single reliable piece of information about a message. You know who's responsible for it, and therefore once mail gets to you that irritates you (spam/phishing etc) you can talk to the appropriate postmaster, because you finally know who the postmaster is. Mailing lists work, and as for forwarders, these are all set up by the recipient so they know who to whitelist.
I do agree that SPF and DKIM solve different problems, although they do have a little overlap. Again, I have both deployed on outgoing and incoming mail. But in practice SPF proves far more useful for spam reduction, and would for phishing except for the problems discussed above.
DKIM is a cheesy hack. If you want crypto use PGP or I guess S/MIME. You can not only sign but encrypt and do other proper things as well.
For eliminating phishing and other forged mail, I've found it far more useful to implement SPF on my MX host. Surely forged mail (where the policy says -all) is summarily bounced. Mail which passes an SPF check is let right through. Finally the rest is greylisted for 15min.
The big problem is that no one seems ready to commit to SPF. Most "big names" seem to say "?all" (neutral) or occasionally "~all" (soft-fail), making it impossible to definitively reject forgeries. More importantly, if they refuse to commit to what mail server they will use, they certainly won't commit to whether all mail will be signed.
DKIM fails because it signs the headers and not just the SMTP envelope. This breaks forwarding more than SPF does. Mailing list implementations and others seem to ignore the semantics of multiple signatures despite info in RFCs. And no one is going to re-open mail relays so it's extra complication over SPF which merely codifies existing behavior.
Lastly, this important point: Yahoo does not support DKIM. Despite sitting on the standard committee, they refuse to send DKIM headers or even parse DKIM headers on mail they receive. Rather they stick to DomainKeys which is broken in numerous ways (example: it doesn't specify which headers are signed so any headers added by intermediate relays cause signature failure). Yahoo doesn't play nice with others and hold up standards. Guess it's obvious why Microsoft is buying them, but they've sold out long ago. Yahoo's HTML used to be clean and nice; now it's garbage.
All of Yahoo's fascism and rudeness does nothing to help them. I get far more spam to my (unused) Yahoo mail account than I do to my (unused) GMail account. Yet Yahoo greylists mail for long times even when the sender is SPF, DKIM, and DomainKey signed. They don't share the greylisting among servers in their farm. That means even after the greylisting should be over it bounces yet again. Even when they "accept" mail it takes forever to show up. Somehow GMail which supports higher volumes, more usable interface, larger files, and I'm guessing more overall traffic blocks almost all spam, lets real mail through instantly.
Grandparent made the positive claim, therefore grandparent has to provide supporting proof. The rest of us can cheerfully ignore his banter until then. Or, if we are intrigued by the claims, subscribe to the newsletter as it were and ask for more information.
Wow, POSIX provides linked lists and hash tables and memory pools and Windows compatibility and gettext interfaces? Support that assertion.
I realize GTK predated POSIX,
Wrong yet again
It just shows to me that GNU has the same "not invented here" mentality as Microsoft...
UC Berkeley XCF, not GNU. I give up; you're clearly trolling.
He is a religious man who confided into a local priest who had nothing better to do than walk from door to door and warn people about the dangerous paedophile who moved into town.
"Let the priest who dares to make known the sins of his penitent be deposed", and he goes on to say that the violator of this law should be made a life-long, ignominious wanderer. [...] "For whoever shall dare to reveal a sin disclosed to him in the tribunal of penance we decree that he shall be not only deposed from the priestly office but that he shall also be sent into the confinement of a monastery to do perpetual penance"
As for the "refreshing[] hard-headed" questions, all I see are questions about performance and silly flitting about with their own buzzwords and pipe dreams about getting rid of real applications in favor of their toys.
Here are some questions:
Whatever happened to degrading gracefully? If you look at the apps produced by Google, the poster child for "AJAX", you'll see that they took the time to make most or all of the functionality work without JavaScript, without images, without CSS, or with a deranged hodgepodge of those. I don't see others making the same efforts.
How about semantics, and security? We're getting back into the mess of data intermingled with code. I'm seeing more and more sites out there have a blank page that loads, and then JavaScript that loads the content. Now you have to have scripting enabled for every site you visit. MS Office macros all over again. And forget trying to spider the content without having some sort of bizarre Turing machine debugger to try to get at the real content.
Yeah, how about mobile devices? If you were doing it right (see above) you wouldn't have to worry about the iPhone or about a special mobile AJAX. It would work fine within the constraints of any device. Google does.
How do you plan to interact with the local filesystem? Java has an effective sandbox, signed codebases, and granular user permissions (although the latter are kind of sucky). Are users not allowed to retain control over their own data?
How are users supposed to have any confidence about what you're doing to them? The previous model was good. Users knew when they were sending anything to the server, and if the UA vendors would do their jobs they would also know when they were affecting data. What are users supposed to do now, have wireshark running all the time? Not acceptable.
I'm implementing Web-based applications as of this writing, and I plan to have some dynamic features to simplify some of the UI (such as cascading follow-up questions during user signup). But these will be an optional extra.
These jokers forget that the World Wide Web is a repository for mutual citation of academic-style documents. New stuff is good, just don't break the old stuff.
Every improvement on the Internet has been in the direction of better user controls, decentralization, caching, peer-to-peer, transport tunnels, etc. The AJAX people are swimming against the tide and they need to realize it and shape up.
Slashdot Mirror
You know, what joker looked at the Unix world and said, "You know what we don't have enough of? Security holes based on file name extensions. That is really an advantage Windows has over us." and then implemented *.desktop?
Because it's the worst aspects of Windows's PIFs, and extension hiding, and everything else, all rolled into one. They couldn't be bothered to even make such files only work when executable.
Can't wait to see the first "FreeDesktop" exploit.
Benjamin Disraeli. Oh, and Samuel Clemens.
Clearly, below. Because anything after the "-- " signature marker is signature. Your whole message would be a signature, as you trim and reply to the inline quotes. If you're not doing the latter, shame on you.
For Linux, or for RedHat on x86? Sad to see even Slashdot has fallen to the low of just pasting press releases instead of questioning these nonsensical claims.
I still miss sunsite.unc.edu.
- How unlikely is a doomsday catastrophe?
I fixed your link. And shame on you for linking to the milquetoast "arXiv" URL instead of the canonical xxx.lanl.gov one, rich with historical significance. You are in alliance with the same idiotic filter vendors that block me from reading "documentation" from the Panera WiFi (I tunnel through, of course), and therefore a traitor.You'll be first against the wall when the revolution comes.
I notice you didn't mention nuclear. It's the only option.
"Stop it! Stop it!" Lieutenant Scheisskopf's wife screamed suddenly.... "Stop it!"
"I thought you didn't believe in God," he asked bewilderedly.
"I don't," she sobbed.... "But the God I don't believe in is a good God, a just God, a merciful God. He's not the mean and stupid God you make him out to be."
Good info. But that doesn't sound "end-to-end" to me. "End-to-end" means client A encrypts it so only client B can read it.
If you think they haven't been printing to finance military and empire, among other things, you're deluding yourself.
Does Google support other XMPP servers tying into their network now? I remember when it came out they didn't, worried about spam and such I guess. If they allow that now that would be awesome, and I would immediately set up my own server and join their network.
Jabber supports end-to-end encryption out of the box, right? Google is Big Brother, after all...
FBI says 9 percent of rape accusations are unfounded. That's a not insignificant minority when you consider the "guilty until proven innocent" approach taken in rape cases, the lingering suspicion even after an acquittal, and the willingness of political entities to prosecute obviously false charges out of some kind of vindictiveness (witness the Duke case, and not just the prosecutor; look at all the concerned organizations that piled on).
All charges, rape or otherwise, should be in doubt. In case you forgot, that's the foundation of our court system. And you can be sympathetic to a victim, even interact with her on the assumption she's being truthful, without automatically assuming the suspect is guilty.
Goes to show it's not a good idea to get on a high horse about being an informed voter.
I wish you had read my post more clearly before replying. Linking the definition of a widely-known snarky phrase was a nice touch though. When you're on Fark you must be one of those people that mention "Rosebud" or "PC Load Letter" and then tag it with "/obscure?".
Had you read my comments in detail you would have seen me complaining about Yahoo much more than I was complaining about DKIM. (I have DKIM deployed on my mail servers and I acknowledge its usefulness within the constraints that you highlighted.) In fact, my chief complaint was and is that Yahoo doesn't support the standard DKIM — the spec of which they helped write! — and instead sticks to their original homegrown DomainKeys, which was superseded by DKIM for good reason.
Once you understand that, the rest of my comments should become more clear. For example, my comment about intermediate mail servers was limited to DomainKeys breaking when those relays add headers. You argue that DKIM lets you choose which header to sign, and you are absolutely correct, which is one of the improvements of DKIM over DomainKeys.
You also missed my point about SPF versus DKIM/DomainKeys. If postmasters are unwilling or unable to even make a list of all their mail servers, they're much less likely to ensure that they're all signing outgoing mail and doing so properly. Therefore no one is going to deploy SSP, and you can't do anything with unsigned mail that should be signed, just like you can't do anything with GMail that didn't come from a Google mail server (or at least can't if you want to respect standards).
Finally I disagree strongly that doing anything on the envelope is a bad idea. With SPF, it is a great idea, because it's finally the single reliable piece of information about a message. You know who's responsible for it, and therefore once mail gets to you that irritates you (spam/phishing etc) you can talk to the appropriate postmaster, because you finally know who the postmaster is. Mailing lists work, and as for forwarders, these are all set up by the recipient so they know who to whitelist.
I do agree that SPF and DKIM solve different problems, although they do have a little overlap. Again, I have both deployed on outgoing and incoming mail. But in practice SPF proves far more useful for spam reduction, and would for phishing except for the problems discussed above.
Please explain how you don't accept it.
DKIM is a cheesy hack. If you want crypto use PGP or I guess S/MIME. You can not only sign but encrypt and do other proper things as well.
For eliminating phishing and other forged mail, I've found it far more useful to implement SPF on my MX host. Surely forged mail (where the policy says -all) is summarily bounced. Mail which passes an SPF check is let right through. Finally the rest is greylisted for 15min.
The big problem is that no one seems ready to commit to SPF. Most "big names" seem to say "?all" (neutral) or occasionally "~all" (soft-fail), making it impossible to definitively reject forgeries. More importantly, if they refuse to commit to what mail server they will use, they certainly won't commit to whether all mail will be signed.
DKIM fails because it signs the headers and not just the SMTP envelope. This breaks forwarding more than SPF does. Mailing list implementations and others seem to ignore the semantics of multiple signatures despite info in RFCs. And no one is going to re-open mail relays so it's extra complication over SPF which merely codifies existing behavior.
Lastly, this important point: Yahoo does not support DKIM. Despite sitting on the standard committee, they refuse to send DKIM headers or even parse DKIM headers on mail they receive. Rather they stick to DomainKeys which is broken in numerous ways (example: it doesn't specify which headers are signed so any headers added by intermediate relays cause signature failure). Yahoo doesn't play nice with others and hold up standards. Guess it's obvious why Microsoft is buying them, but they've sold out long ago. Yahoo's HTML used to be clean and nice; now it's garbage.
All of Yahoo's fascism and rudeness does nothing to help them. I get far more spam to my (unused) Yahoo mail account than I do to my (unused) GMail account. Yet Yahoo greylists mail for long times even when the sender is SPF, DKIM, and DomainKey signed. They don't share the greylisting among servers in their farm. That means even after the greylisting should be over it bounces yet again. Even when they "accept" mail it takes forever to show up. Somehow GMail which supports higher volumes, more usable interface, larger files, and I'm guessing more overall traffic blocks almost all spam, lets real mail through instantly.
Yahoo's time is over. Let's let them die quietly.
STFU
S
T
F
U
Grandparent made the positive claim, therefore grandparent has to provide supporting proof. The rest of us can cheerfully ignore his banter until then. Or, if we are intrigued by the claims, subscribe to the newsletter as it were and ask for more information.
Wow, POSIX provides linked lists and hash tables and memory pools and Windows compatibility and gettext interfaces? Support that assertion.
Wrong yet again
UC Berkeley XCF, not GNU. I give up; you're clearly trolling.
Is AFI the same as GFCI?
http://www.newadvent.org/cathen/13649b.htm
http://www.anglican.org.au/docs/BISPrivateConfession%20080306.pdf
It does suck.
As for the "refreshing[] hard-headed" questions, all I see are questions about performance and silly flitting about with their own buzzwords and pipe dreams about getting rid of real applications in favor of their toys.
Here are some questions:
I'm implementing Web-based applications as of this writing, and I plan to have some dynamic features to simplify some of the UI (such as cascading follow-up questions during user signup). But these will be an optional extra.
These jokers forget that the World Wide Web is a repository for mutual citation of academic-style documents. New stuff is good, just don't break the old stuff.
Every improvement on the Internet has been in the direction of better user controls, decentralization, caching, peer-to-peer, transport tunnels, etc. The AJAX people are swimming against the tide and they need to realize it and shape up.