Re:The devs were notified and ignored it
on
GitHub Hacked
·
· Score: 2
am I reading it right - the devs were essentially saying "pro users know how to secure their installs!" and then got pwned themselves with the exact hack that Homakov had reported?
You're reading it right. And he actually had to blatantly pwn them repeatedly before they would deign to take notice, and even then they didn't do anything abou it until they got ridiculed across the entire Internet.
Makes the (broken) PHP development community look relatively sane.
Try writing the documentation in a text file before you write the code. Lead every line with whatever the comment character is for the language you're working in.
Then write the actual code in the same file, between the lines of documentation as appropriate. If architecture changes during coding, revise the doco on the fly.
If somebody changes something, the doc's right there, so they'll change it too. (Unless that person is malicious or grossly incompetent, of course. You can't stop a BOFH, so don't waste time trying.)
With this system you never lose the docs, and they will never go out of date if the maintenance programmers are even halfway competent.
If at any point someone actually asks you for docs you look at them blankly and say "it's in the source files, of course. Where else would you look?". If they say "it's company policy that docs should be in the CMS" (or wiki, or moldering file cabinet in the basement) look at them like they are completely insane and tell them you aren't a tech writer. And if your boss insists you write something for the CMS/wiki/moldpile etc. you write the most compact, densely technical mumbo-jumbo possible and then tell everyone involved that you tried real hard to dumb it down enough for non-technical users - since anyone clueful would just look in the sources. If they complain and say to make the docs easier to read, you look helpless and say "but it's already at kindergarten level, I'm not a tech writer! How much simpler could it be?".
Tell the PHB you're here to rebuild the Transverse Array of Chronicled Objects on their Structured Hierarchy Instancing Test Suite. I bet he gives you root "in case you need it."
Are you mad? Never let a PHB have root. Give him a fake account and password and tell him it's better than root, only the VIPs can have it because it's so powerful.
Oh, c'mon, that's covered in RFC1918, isn't it? I didn't even have to look the number up. Step One was observe the standards.
The real problem is 800 lb gorillas who ignore and subvert Internet standards for competitive advantage, and the ITU is not exactly set up to chastise that sort of actor. These are the people who gave us X.500, for chrissakes! If there's anybody less trustworthy than the US government it would be a consortium of telecommunications giants.
You're bitching because they aren't continuing to give you a free ride which benefits them in absolutely no way what so ever.
Wait, what? How did you miraculously come to that conclusion?
douche bags like yourself bitch no matter how much they contribute back. This is why you're group of zealots will always be ignored.
Ignoring your inability to use the apostrophe, what the hell are you talking about? Apple hasn't given me anything for free, ever.
What you'd rather do is bitch about someone else not doing exactly what you want them to do, and giving it to you at no cost while you have nothing to do with any of their products
Look, buddy, I realize you're probably about twelve, but let me lay something on you: My employer paid for CUPS support on our linux machines for years. We still pay for support through Red Hat, but CUPS stopped taking our money when Apple bought them out.
But don't let me interfere with your Apple Rage! Please carry on. I'm sure Steve Jobs is sprinkling magic fairy dust on you from heaven.
Congratulations, you posted in this thread without calling some other poster names! Oh, wait, you're first post. D'Oh!
I just wish they'd fix the syntax for the AuthLDAPUrl Directive so that you could specify unencrypted binds on a local socket and failover to encrypted binds over the network. It's the basic use case for well-structured large networks, which will have a local LDAP slave for speed and a central node somewhere else on the LAN.
I do love apache, though, warts and all. Great software.
Meh. Maybe I'm just cynical, but I'd think "moving forward" would involve building a new product, not just hacking out chunks of one that's shared with one's competitors and spinning them off.
You make a good point about choices, though. The ancient, spaghetti-coded Berkeley LPD still works on modern platforms, and it's probably significantly more efficient than CUPS (I haven't actually checked, but that's where I'd lay my bets).
It's still wrong, though. "Most" environmentalists are not against "all" nuclear power. It's simply not true.
The majority of environmentalists are against all the existing implementations. You need that existing caveat in there or it's not a fair statement.
That same majority would hail you as the green messiah if you came up with a working cold fusion system, or even a clean hot system that generated no radioactive waste stream. But safer commercial reactors simply do not exist outside the fevered imaginations of science-fiction authors and Long Now presenters. (Meaning such people no disrespect - the dream has to come first!)
If American greens had as much real power as the smallest multinational corporation in the world, the Bush administration wouldn't have allowed the NRC to re-license all our obsolete, over-aged boiling water reactors. Greens are politically ineffective and they couldn't stop research or prevent progress towards safer reactors if they tried. Reason and evidence point to peaceniks, warmongers and accountants being responsible for that.
Also, American environmentalists are probably one of the most ineffective mass movements in the history of mankind. Even Islamist terrorists, total losers who kill less people every year than whisky or automobiles, are more politically effective than greens are in the USA.
I'm sorry to hear that you believe that. It's pure anti-environmentalist propaganda. Are you normally in the company of "greens", and friendly with them? Do you read extensively in environmental science?
Because I am, and I do, and have done so for about forty years, and your statement has been entirely false in my experience.
The vast majority of American "greens" stand united against all existing commercial nuclear reactors (possibly excepting the unproven eCat) which makes perfect sense given their priorities.
However, a large minority of American "greens" are strongly pro-nuke because they feel it's a better option than continuing to rely on coal. They want better, safer reactors. Some of them are starry-eyed thorium fanatics, which I find tedious (since I'm not living in India, where thorium makes perfect sense). Look at the page I just linked, at the Americans listed there. Stewart Brand is pretty damn viridian.
I have never once met a person I'd call an environmentalist who is opposed to safer reactors, although admittedly such reactors are at this time imaginary and do not actually exist. Opposition to safer reactors is entirely from cost-cutting amoral energy corporations and from nuclear fanatics in government, most of whom are obsessive war-hawks who want a steady supply of bomb technologies. Which only makes sense, logically.
Faux News and their ilk make insane claims about green opposition to safer technologies because their job is to demonize anyone who opposes corporate control of government, and greens are in that category. Don't let them pull the wool over your eyes.
"I am a Green, and I entreat my friends in the movement to drop their wrongheaded objection to nuclear energy". -- Dr. James Lovelock, environmentalist saint
You're really bumming me out with these insightful and depressing posts.
Howabouts we go with a heavily armed populace instead of a vast military infrastructure? A cannon on every courthouse lawn, a shot tower in every village! Hmmm, still depressing, except on July fourth, I guess.
Yeah, but be careful not to make the unwarranted assumption that our economic and political systems can ever result in well sited, well-engineered reactors staffed by highly competent workers. Our history says this is extremely unlikely, although I guess it's not entirely impossible.
The reason the GE designs dominated the market in the United States is because they were touted as the cheapest reactor you could possibly build. Marketing materials from GE trumpeted the thinner containment vessels, less expensive steel and other material costs. And since taxpayers and power consumers aren't free to use their money to direct more profit to safer reactors (and deny it to the "low bidder specials") there's no form of check or balance within the marketplace.
Canonically, the way to make money in a capitalist system is to conserve and grow capital - and the way you do that in a competitive market where commodity prices are based on supply and demand is to eliminate unnecessary jobs, materials, and processes, stripping any industrial effort down the absolute barest functional minimum. In the absence of effective government regulation (and remember, the AEC was a textbook example of regulatory capture, which is why it was disbanded, and the NRC isn't much better) this leads us inevitably to our position today, where poorly designed reactors are going to be run indefinitely - far past their design lifetimes - until one of them catastrophically fails.
As you've probably figured out, I'm not really anti-fission, I'm against stupid, obsolete implementations. Which is all we currently have, in my country. We have nothing but crappy reactors that mostly sit in densely populated areas and/or critical watersheds.
It also bugs the shit out of me when corporate tools blame environmentalism for this apotheosis of corrupt governance and corporate greed. The "Greens are keeping us from having safe reactors" mantra may be the stupidest damn thing I've ever heard, and flies in the face of all history and evidence.
I am reminded, though, of Winston Churchill saying "The Americans will always do what's right. After they've tried everything else."
If we'd built out nuclear power the way the old AEC had envisioned, flattening the Appalachians and Rockies with nuclear blasts and putting a Fukushima-style plant in every city in the US, I think we'd regret it by now. So maybe the batshit No Nukes people served a purpose.
And all the batshit idiocy hasn't completely closed off the possibilities for new technologies, regardless of whether it's LENR, submarine-style mini-reactors, Bussard polywells, or something even better. I like sustainable, carbon-neutral biofuels for solving the USA's immediate power problems - but it's pretty clear that strategy won't work for a lot of countries, particularly densely populated ones. India is wise to pursue thorium, since they are rolling in the stuff, for example. And if Rossi's eCat works out nearly every other fission technology is going to look pretty stupid (and the price of nickel is going to soar too).
It's slightly different since We The People are voluntarily handing out a lot of dollars for fossil fuels, but realistically most of us haven't any other choice if we're going to feed our families, and the government subsidizes the hell out of those industries too. Oh, and there was that colossal taxpayer investment in fossil fuel technology during the World Wars and the Cold War.
The reasons can be debated, and it's not unfair to put the lion's share of blame on politicians who first co-operated in the "selling" of nuclear power by the AEC but then succumbed to fear-mongering after the plants were built.
But right now operating extensions have been given to all the aging plants who were denied them under the Reagan, Bush I, and Clinton administrations. The George W. Bush administration basically reversed the populist policies of their predecessors, directly defying public opinion, in order to prevent nuke plant operators from having to bear the huge, only partly subsidized costs of decommissioning. You can say this is only fair since the US government did not build the waste storage facility the plant's builders were promised, but they are still running plants far past their design lifetime in densely populated areas and in critical watersheds, just waiting for the lesson of Fukushima (which is "corporations can fuck up") to be demonstrated again.
So the fact that some nuclear plants have been profitable in the middle term doesn't prove that they are economically viable - especially since nearly all energy production has some form of goofy subsidy due to regulatory capture - you have to factor in the costs of insurance (Price Anderson Act again) and the high front-end and back-end costs, before you can say they were profitable overall. You're skipping that - you're ignoring how much money these "profitable" plants saving by not paying for insurance and not paying for waste disposal. The taxpayer (in the US, at least) is paying for that - socializing risk and privatizing profit.
See, now you're being rational, which means you are likely to get shouted down.
I'm against building anything resembling the current generation of nuclear power plants but I strongly support tax-funded research into new fission and fusion technologies. So I'm out of the mainstream too.
Now that Cheney's out of office the non-enforcement of decommissioning set-asides will hopefully be a thing of the past. Obama's record on energy issues is not exactly spectacular so far, though.
I'm not a big fan of Greenpeace, so I don't pay much attention to their propaganda.
I'm kind of glad organizations like Greenpeace and PETA and the National Rifle Association exist, though. As long as there are batshit crazy people on one side I'm just as glad to see batshit crazy people balancing them out on the other.
Greenpeace balances out Tea Party fanatics who think it's rational to drill for oil four miles under the ocean, yet won't support fusion research because it might raise their taxes by one cent per decade.
You'll need to provide some evidence of that claim before I'll be convinced.
We may both be right, though - you say "nobody made it through the process" and I say "a free market will not support it" and these may simply be two ways of saying the same thing. As far as I'm concerned, if the people don't want something, the market will select against it, and under any truly representative government political barriers are just part of that process.
Most anti-nuke and pro-nuke arguments involve shoving nuclear technology down people's throats like it or not, because they presume Everyman is too stupid to have a valid opinion. Personally, I believe people are making their decision to oppose nukes because they recognize that it's an obsolete technology that weakens national defense and entrenches existing corrupt economic and political powers.
Thank you for all the information. The differences in the challenges faced by Germany as compared to the USA are very interesting!
For example, you stated that biofuels aren't scalable - here in the USA, they should scale just fine, because of our geography and population distribution. Biofuels are a high-tech way to seasonally store solar energy that is completely carbon neutral, and lately the biotech boffins are claiming they can turn cellulosic agricultural waste directly into burnable biogasoline with nothing but solar inputs and tailored germs.
Has Germany made any serious consideration of mechanical energy storage? That probably won't scale for you either, but it could be part of a heterogenous solution. Driving a million tons of stone up a mountain with electric traction motors on a cogged track, for example? It's nice and simple in concept, although not as easy to maintain as turbine-pumped water based systems.
Of course if Rossi's eCat turns out to be real it'll change everything.
Slashdot Mirror
You're reading it right. And he actually had to blatantly pwn them repeatedly before they would deign to take notice, and even then they didn't do anything abou it until they got ridiculed across the entire Internet.
Makes the (broken) PHP development community look relatively sane.
I don't think these guys are going to get what they are looking for.
Or maybe they are - if they are going to sell the data to Durex and Trojan...
Thank you for the Knuth/Wikipedia link! I share your skepticism.
Try writing the documentation in a text file before you write the code. Lead every line with whatever the comment character is for the language you're working in.
Then write the actual code in the same file, between the lines of documentation as appropriate. If architecture changes during coding, revise the doco on the fly.
If somebody changes something, the doc's right there, so they'll change it too. (Unless that person is malicious or grossly incompetent, of course. You can't stop a BOFH, so don't waste time trying.)
With this system you never lose the docs, and they will never go out of date if the maintenance programmers are even halfway competent.
If at any point someone actually asks you for docs you look at them blankly and say "it's in the source files, of course. Where else would you look?". If they say "it's company policy that docs should be in the CMS" (or wiki, or moldering file cabinet in the basement) look at them like they are completely insane and tell them you aren't a tech writer. And if your boss insists you write something for the CMS/wiki/moldpile etc. you write the most compact, densely technical mumbo-jumbo possible and then tell everyone involved that you tried real hard to dumb it down enough for non-technical users - since anyone clueful would just look in the sources. If they complain and say to make the docs easier to read, you look helpless and say "but it's already at kindergarten level, I'm not a tech writer! How much simpler could it be?".
Works like a charm for me!
Are you mad? Never let a PHB have root. Give him a fake account and password and tell him it's better than root, only the VIPs can have it because it's so powerful.
You just have to get the trolls on your side, and you won't have anything to worry about from the elves. Trolls are highly reliable.
Oh, c'mon, that's covered in RFC1918, isn't it? I didn't even have to look the number up. Step One was observe the standards.
The real problem is 800 lb gorillas who ignore and subvert Internet standards for competitive advantage, and the ITU is not exactly set up to chastise that sort of actor. These are the people who gave us X.500, for chrissakes! If there's anybody less trustworthy than the US government it would be a consortium of telecommunications giants.
Wait, what? How did you miraculously come to that conclusion?
Ignoring your inability to use the apostrophe, what the hell are you talking about? Apple hasn't given me anything for free, ever.
Look, buddy, I realize you're probably about twelve, but let me lay something on you: My employer paid for CUPS support on our linux machines for years. We still pay for support through Red Hat, but CUPS stopped taking our money when Apple bought them out.
But don't let me interfere with your Apple Rage! Please carry on. I'm sure Steve Jobs is sprinkling magic fairy dust on you from heaven.
Do you talk to your mother with that mouth, coward?
Go live in a bubble, if you are so terrified of disease.
Congratulations, you posted in this thread without calling some other poster names! Oh, wait, you're first post. D'Oh!
I just wish they'd fix the syntax for the AuthLDAPUrl Directive so that you could specify unencrypted binds on a local socket and failover to encrypted binds over the network. It's the basic use case for well-structured large networks, which will have a local LDAP slave for speed and a central node somewhere else on the LAN.
I do love apache, though, warts and all. Great software.
Meh. Maybe I'm just cynical, but I'd think "moving forward" would involve building a new product, not just hacking out chunks of one that's shared with one's competitors and spinning them off.
You make a good point about choices, though. The ancient, spaghetti-coded Berkeley LPD still works on modern platforms, and it's probably significantly more efficient than CUPS (I haven't actually checked, but that's where I'd lay my bets).
Breaking compatibility for market advantage is so noble of them, clearly we all must approve.
It's still wrong, though. "Most" environmentalists are not against "all" nuclear power. It's simply not true.
The majority of environmentalists are against all the existing implementations. You need that existing caveat in there or it's not a fair statement.
That same majority would hail you as the green messiah if you came up with a working cold fusion system, or even a clean hot system that generated no radioactive waste stream. But safer commercial reactors simply do not exist outside the fevered imaginations of science-fiction authors and Long Now presenters. (Meaning such people no disrespect - the dream has to come first!)
If American greens had as much real power as the smallest multinational corporation in the world, the Bush administration wouldn't have allowed the NRC to re-license all our obsolete, over-aged boiling water reactors. Greens are politically ineffective and they couldn't stop research or prevent progress towards safer reactors if they tried. Reason and evidence point to peaceniks, warmongers and accountants being responsible for that.
I thought Viet Nam proved you can't really take rough country with air power. West Virginia is pretty rough country.
Also, American environmentalists are probably one of the most ineffective mass movements in the history of mankind. Even Islamist terrorists, total losers who kill less people every year than whisky or automobiles, are more politically effective than greens are in the USA.
I'm sorry to hear that you believe that. It's pure anti-environmentalist propaganda. Are you normally in the company of "greens", and friendly with them? Do you read extensively in environmental science?
Because I am, and I do, and have done so for about forty years, and your statement has been entirely false in my experience.
The vast majority of American "greens" stand united against all existing commercial nuclear reactors (possibly excepting the unproven eCat) which makes perfect sense given their priorities.
However, a large minority of American "greens" are strongly pro-nuke because they feel it's a better option than continuing to rely on coal. They want better, safer reactors. Some of them are starry-eyed thorium fanatics, which I find tedious (since I'm not living in India, where thorium makes perfect sense). Look at the page I just linked, at the Americans listed there. Stewart Brand is pretty damn viridian.
I have never once met a person I'd call an environmentalist who is opposed to safer reactors, although admittedly such reactors are at this time imaginary and do not actually exist. Opposition to safer reactors is entirely from cost-cutting amoral energy corporations and from nuclear fanatics in government, most of whom are obsessive war-hawks who want a steady supply of bomb technologies. Which only makes sense, logically.
Faux News and their ilk make insane claims about green opposition to safer technologies because their job is to demonize anyone who opposes corporate control of government, and greens are in that category. Don't let them pull the wool over your eyes.
"I am a Green, and I entreat my friends in the movement to drop their wrongheaded objection to nuclear energy". -- Dr. James Lovelock, environmentalist saint
Oy veh, mutual assured destruction...
You're really bumming me out with these insightful and depressing posts.
Howabouts we go with a heavily armed populace instead of a vast military infrastructure? A cannon on every courthouse lawn, a shot tower in every village! Hmmm, still depressing, except on July fourth, I guess.
Yeah, but be careful not to make the unwarranted assumption that our economic and political systems can ever result in well sited, well-engineered reactors staffed by highly competent workers. Our history says this is extremely unlikely, although I guess it's not entirely impossible.
The reason the GE designs dominated the market in the United States is because they were touted as the cheapest reactor you could possibly build. Marketing materials from GE trumpeted the thinner containment vessels, less expensive steel and other material costs. And since taxpayers and power consumers aren't free to use their money to direct more profit to safer reactors (and deny it to the "low bidder specials") there's no form of check or balance within the marketplace.
Canonically, the way to make money in a capitalist system is to conserve and grow capital - and the way you do that in a competitive market where commodity prices are based on supply and demand is to eliminate unnecessary jobs, materials, and processes, stripping any industrial effort down the absolute barest functional minimum. In the absence of effective government regulation (and remember, the AEC was a textbook example of regulatory capture, which is why it was disbanded, and the NRC isn't much better) this leads us inevitably to our position today, where poorly designed reactors are going to be run indefinitely - far past their design lifetimes - until one of them catastrophically fails.
As you've probably figured out, I'm not really anti-fission, I'm against stupid, obsolete implementations. Which is all we currently have, in my country. We have nothing but crappy reactors that mostly sit in densely populated areas and/or critical watersheds.
It also bugs the shit out of me when corporate tools blame environmentalism for this apotheosis of corrupt governance and corporate greed. The "Greens are keeping us from having safe reactors" mantra may be the stupidest damn thing I've ever heard, and flies in the face of all history and evidence.
That's another thing we can agree on.
I am reminded, though, of Winston Churchill saying "The Americans will always do what's right. After they've tried everything else."
If we'd built out nuclear power the way the old AEC had envisioned, flattening the Appalachians and Rockies with nuclear blasts and putting a Fukushima-style plant in every city in the US, I think we'd regret it by now. So maybe the batshit No Nukes people served a purpose.
And all the batshit idiocy hasn't completely closed off the possibilities for new technologies, regardless of whether it's LENR, submarine-style mini-reactors, Bussard polywells, or something even better. I like sustainable, carbon-neutral biofuels for solving the USA's immediate power problems - but it's pretty clear that strategy won't work for a lot of countries, particularly densely populated ones. India is wise to pursue thorium, since they are rolling in the stuff, for example. And if Rossi's eCat works out nearly every other fission technology is going to look pretty stupid (and the price of nickel is going to soar too).
It's slightly different since We The People are voluntarily handing out a lot of dollars for fossil fuels, but realistically most of us haven't any other choice if we're going to feed our families, and the government subsidizes the hell out of those industries too. Oh, and there was that colossal taxpayer investment in fossil fuel technology during the World Wars and the Cold War.
Hmmm, I guess I have to agree with you.
The reasons can be debated, and it's not unfair to put the lion's share of blame on politicians who first co-operated in the "selling" of nuclear power by the AEC but then succumbed to fear-mongering after the plants were built.
But right now operating extensions have been given to all the aging plants who were denied them under the Reagan, Bush I, and Clinton administrations. The George W. Bush administration basically reversed the populist policies of their predecessors, directly defying public opinion, in order to prevent nuke plant operators from having to bear the huge, only partly subsidized costs of decommissioning. You can say this is only fair since the US government did not build the waste storage facility the plant's builders were promised, but they are still running plants far past their design lifetime in densely populated areas and in critical watersheds, just waiting for the lesson of Fukushima (which is "corporations can fuck up") to be demonstrated again.
So the fact that some nuclear plants have been profitable in the middle term doesn't prove that they are economically viable - especially since nearly all energy production has some form of goofy subsidy due to regulatory capture - you have to factor in the costs of insurance (Price Anderson Act again) and the high front-end and back-end costs, before you can say they were profitable overall. You're skipping that - you're ignoring how much money these "profitable" plants saving by not paying for insurance and not paying for waste disposal. The taxpayer (in the US, at least) is paying for that - socializing risk and privatizing profit.
See, now you're being rational, which means you are likely to get shouted down.
I'm against building anything resembling the current generation of nuclear power plants but I strongly support tax-funded research into new fission and fusion technologies. So I'm out of the mainstream too.
Now that Cheney's out of office the non-enforcement of decommissioning set-asides will hopefully be a thing of the past. Obama's record on energy issues is not exactly spectacular so far, though.
I'm not a big fan of Greenpeace, so I don't pay much attention to their propaganda.
I'm kind of glad organizations like Greenpeace and PETA and the National Rifle Association exist, though. As long as there are batshit crazy people on one side I'm just as glad to see batshit crazy people balancing them out on the other.
Greenpeace balances out Tea Party fanatics who think it's rational to drill for oil four miles under the ocean, yet won't support fusion research because it might raise their taxes by one cent per decade.
You'll need to provide some evidence of that claim before I'll be convinced.
We may both be right, though - you say "nobody made it through the process" and I say "a free market will not support it" and these may simply be two ways of saying the same thing. As far as I'm concerned, if the people don't want something, the market will select against it, and under any truly representative government political barriers are just part of that process.
Most anti-nuke and pro-nuke arguments involve shoving nuclear technology down people's throats like it or not, because they presume Everyman is too stupid to have a valid opinion. Personally, I believe people are making their decision to oppose nukes because they recognize that it's an obsolete technology that weakens national defense and entrenches existing corrupt economic and political powers.
Thank you for all the information. The differences in the challenges faced by Germany as compared to the USA are very interesting!
For example, you stated that biofuels aren't scalable - here in the USA, they should scale just fine, because of our geography and population distribution. Biofuels are a high-tech way to seasonally store solar energy that is completely carbon neutral, and lately the biotech boffins are claiming they can turn cellulosic agricultural waste directly into burnable biogasoline with nothing but solar inputs and tailored germs.
Has Germany made any serious consideration of mechanical energy storage? That probably won't scale for you either, but it could be part of a heterogenous solution. Driving a million tons of stone up a mountain with electric traction motors on a cogged track, for example? It's nice and simple in concept, although not as easy to maintain as turbine-pumped water based systems.
Of course if Rossi's eCat turns out to be real it'll change everything.