Can you see the bug in this code? I didn't think so. Perhaps if you re-wrote it as an iterative loop it would be obvious... it will probably execute as an iterative loop at run-time anyway, so you shouldn't lose any performance unless you're incredibly bad at writing loops.
Adding a comment to the effect of "strip path to create untainted filename" would be nice, too.
This regex could be made even less comprehensible by eliminating the repeating \s,@;: in favor of a variable built with hex codes. Write it in sed for maximum obfuscation!
I agree with your major points, but a small quibble:
if a user MANUALLY enters https://mail.google.com/ I argue that google should INFER that the user wants to be SSL-only, at least until they explicitly log out.
Yes, that's how it's been working for me. I'd rather it always used SSL/TLS regardless, myself, but as long as I remember to type "https://gmail.google.com" in the URL bar before I log in, gMail will stay on SSL until I log out. It's been acting that way for about a year I guess; I used to have to do some much more complicated shenanigans to make it stay encrypted.
Security by mindlessly parroting buzzphrases is better? Here, I've got one too - Wikipedia says "it can be argued that a sufficiently well-implemented system based on security through obscurity simply becomes another variant on a key-based scheme, with the obscure details of the system acting as the secret key value."
If relying on restricted knowledge to control access is so bad, then tell me all your user IDs and passwords! You've got no need to hide them, right? Revealing these details of your security system is totally safe since you don't rely on obscurity, right?
The point is, why place data you are trying to keep secure in an environment where you give away the password, in clear text, every time you access it? Are you REALLY arguing that this is intelligent by design?
No, I have made no such argument, and there's no need to put such words in my mouth. The original poster asked a question, and somebody (you?) made a false statement which I refuted, and now you are throwing straw men around and contradicting yourself.
Secrecy is usually a vital part of good security in the Real World [tm]. The catchphrase "security by obscurity" is great in the lab, but most enterprises cannot afford security systems that will withstand full disclosure of all access mechanisms. Feel free to publish your passwords and prove me wrong.
I gave the kids OLPC XOs last December, and my 11 year old bricked his in less than a week... he tried to replace sugar with a full gnome desktop, (even though I told him it was a bad idea) and things just sort of devolved from there... he ended up with a horribly corrupted filesystem and couldn't boot.
Day before yesterday he finally managed to completely wipe and reload it with the latest XO build.
I didn't help, he fixed it himself. Probably spent about 20 hours on it all told.
Answer: there is NO SECURE STORAGE using a NON_SECURE PROTOCOL. Next.
Sure there is. I will encrypt my 10 KB file of sensitive data and bundle it up with 10,000,000 similarly sized files containing pure random gibberish, and upload the whole mess to two dozen different FTP sites. Only I will know the name of the one file that contains encrypted data, and you can have the time of your life wasting your botnet time on attempting to "decrypt" all that trash. Elaborations on this theme abound, I'm sure there are plenty of ways to securely store data over insecure protocols.
OK, there are ways that you can treat an FTP site as if it were a disk volume. Start by looking that up.
Now, encrypt the volume. If anyone mounts it without the volume crypto key they get gibberish.
Use Mike Rubel-style rsync-based backup methods (with or without batch mode files as you wish) to make your backups to the encrypted volume. The encryption will happen on your side so the keys and unencrypted data will never be passed over the insecure FTP connection to the insecure site.
You'll want some kind of checksum/hash/whatever so you can detect tampering or bit rot, but I'd expect that a good crypto filesystem will already have something of the sort.
Note, I haven't actually done this - I use SFTP instead of FTP and I don't use untrusted sites to store backups - but it'll work in theory, and I've seen all the pieces of it in various places.
Spammers and virus writers employed by spammers to create their zombie pools have been turning up dead for almost two years now.
Two bodies, and one of them by his own hand. Not exactly a trend... unfortunately....
I suppose if you didn't bother to do anything more than glance at the search page you'd get that impression.
Maybe if I was more public spirited I'd do the thirty minutes of research required to show you the trend, but honestly I don't care enough. Wait, here, try this, which was supplied by another poster who has better Google-fu.
Seriously though... if spammers started turning up dead where would the police even begin their investigation? There's only a pool of what, half a billion suspects?
Spammers and virus writers employed by spammers to create their zombie pools have been turning up dead for almost two years now.
Property rights aren't always absolute. E. g. You might get some disagreement from a surprising source if you started exercising your property rights to remove your local cable provider's transmission lines from your yard
Yeah, Comcast got surprisingly upset when somebody took an axe and cut their cables at my property line. The cables were all neatly tied back to the nearest pole and everything, you'd think they'd appreciate the tidyness of it. There was no easement in my deed that applied to Comcast, so I refused their repair crew entry to my property and they had to route around me (in the power company right-of-way that they were supposed to be using in the first place). My property had a lot more curb appeal without their ugly, poorly maintained wiring draped over it, so I have no complaints.
At about the same time, I happened to find some nice abandoned coax with an integrated heavy steel suspension line, that was very useful to a project I was working on. Go figure!
I've installed FiOS twice now (Verizon will tell you their technicians installed it, but I was able to come to an agreement with the boys in the van) and I can tell you how it's laid out.
First, they bring glass off the nearest pole into a sheltered area with a 120 VAC power outlet, such as a basement or garage. If they can figure out a way to get power to an outside wall under an overhanging eave or porch roof, they probably will, unless you insist that it be inside. I like to run the glass through the wall right next to the power service entry (since there's no EMF issue to worry about) into the basement. Leaving the boxes outdoors benefits only the Verizon techs and not you! Your gear will last longer indoors.
Verizon techs prefer to use premade fiber links, since glass termination is time-consuming and requires patience and training that many of them don't have. This might result in them stuffing huge loops of glass inside walls or behind your furnace (or even cable-tying a dozen loops to the phone pole) if they don't happen to have the right length in the van with them. Don't let them do anything ridiculous.
If they can mount their gear on a wall with studs on 16" centers (as in standard western platform construction houses) they will use a pre-configured all-on-one-backboard unit that includes a small BBU (battery backup unit) and UPS (uninterruptable power supply) as well as an ONT (Optical Network Terminator - usually an AFC/Tellabs box). The ONT will be connected via cat5 to an incredibly crappy Actiontec router/firewall/wireless unit. Lately these are MoCA enabled and consequently you might find it difficult to source more reliable equipment to replace the Actiontec. Verizon warranties it, but will not replace it for free if you lose or destroy it. If you have a home network or do a lot of simultaneous connections expect to reboot the actiontec frequently.
If you've got ancient stone walls and timber framing, or something equally alien to the Verizon tech mindset that will not easily accomodate the single-backboard rig, they can mount each of these items separately. If you are mounting on a stone wall you may find that the Verizon tech's idea of a secure mount is different from your own!
Once they've installed the ONC and verified connectivity to the CO (central office) they will disconnect your existing copper telephone line and run a line from your existing POTS demarc to the ONC. The CO operator will type some stuff into their phone switch and your existing phone number will be reassigned to the POTS port on the ONC reasonably instantaneously.
WARNING: The existing copper POTS line entering your house has some sort of lightning protection - typically there's a ground rod driven into the soil next to the entry point. When the tech kicks you over to glass, the glass line does not need any such protection for (hopefully) obvious reasons. If the copper is cut back to the pole, great, but if that's not possible for some reason MAKE SURE THE OLD LINE REMAINS GROUNDED. Best to get rid of it entirely, unless it's buried.
If you get Verizon's TV offering you'll get set-top boxes and a DVR (usually Motorola, I'm told) as well. I don't do the TV thing so I'm less qualified to speak to that.
The verizon tech will want to install a CD full of hideous Verizon bloat and spyware onto at least one of your computer systems, and will probably try to tell you that you can't use Verizon email or web services without doing so. Since I don't use any operating systems that they support, I declined to do this, and used firefox on linux to register my system. Their web interfaces are very badly designed and rely heavily on cookies so you have to fiddle with your noscript, adblock and cookie management settings to make it work right. I also had to set firefox to identify itself as IE6 running on windows.
The BBU is rated for eight hours voice-only - if the ONC is configured to also provide internet
I cannot independently verify the motives or reasons my phone battery operates the way it does, not can I verify any motives for manufacturers or phone companies to mess with my signal bars.
Good points; I did not realize from your brief post that you were interested in substantiating the article's vague claims of conspiracy - I thought you were concerned with the few claims it makes that are actually verifiable.
Make sure you read the article- I'm not arguing that these effects don't exist. I'm aruging that he's crying conspiracy, and doesn't have much more than anecdotal evidence. That needs a citation- somebody of authority within a cell or battery company who can confirm their motive. Anything else is speculation.
Hmmm, yes, OK. We have different interests so I misinterpreted your post. I didn't pay any attention to the "they are lying" gimmick the authors used as a hook for the story, and assumed that we were both talking about the technical issues. Sorry about the confusion!
In this day and age, though, "independent verification" basically means "citing a different source" -
No. It does not mean that. I am sympathetic with your basic theme here, but you do not get to redefine the English language and the scientific method because "science is hard". Piling up endorsements does not inherently substantiate truth.
it does NOT mean "giving you all the information you need to re-perform the situation/experiment yourself".
Correct. It DOES mean supplying enough information to allow others to fully understand one's claims, which might entail describing an experiment or referencing other works that do so.
There are any number of fields where it is beyond a regular persons' means or ability to prove something. In other words, you can't say "Hey, I don't believe you about this [nanotech/medical/particle physics/complex chemistry/deep space/supercomputer job/massively-scaled statistical analysis] thing, please give me a full report of your methodology, and only when I have successfully replicated your results will I believe you".
Yes I can. In fact, I frequently do - I prefer actual knowledge, rather than well-documented hearsay, if I can get it.
At some point, you're going to HAVE to weigh up the likelihood between whether they're telling you the truth, or whether they're part of a massive elaborate conspiracy (this is where checking their vested interests, biases and accountability is extremely helpful).
I generally discount the possibility of massive elaborate scientific conspiracies, because I never met a scientist capable of creating such a thing. And you know what? I almost never HAVE to have an opinion on the truth or falsehood of scientific claims that I can't personally verify.
Still, sometimes you have to have faith. But don't fool yourself into thinking that you've given up faith just because you've substituted Stephen Hawking or Nature Magazine for Muhammad and the Q'ran.
Cites are not required for independently verifiable claims.
What on earth do you mean? Of course citations are needed. Without citation, claims are just that: claims, hearsay, anecdote. Its citation and accountability that makes claims usable as evidence.
Very well, then. "The hare, because he cheweth the cud, but divideth not the hoof; he is unclean unto you." (Leviticus 11:6). Prove me wrong without resort to independently verifiable physical reality. No human is a more reliable cite than God, so you lose the cite war before it begins.
[snip]
There's a reason peer-reviewed journals don't accept papers without citation.
Yes there is. I doubt we'd agree on what that reason is, though.
The article was indeed interesting, and believable. But it has a bad case of [Citation-Needed].
Cites are not required for independently verifiable claims.
This is the difference between faith and science. If you give someone information that they can independently verify, and they base their belief on the results of their independent results, that's science (even if they are wrong, it's still application of the scientific method). If you ask someone to believe something based on the idea that a person who says it is trustworthy, that's faith (although not necessarily religious faith). Insistence on credible "cites" to bolster physically verifiable claims or observable reality is not functionally different from a belief in biblical inerrancy. Believing something "because [insert authority figure here] wrote it in a science book" is just swapping one shibboleth for another.
128 Megs of ram is useless. I am speaking from incompetence.
Fixed that for ya.
To be fair, most people don't have the specialized competence needed to run a computer properly.
Most people in the affluent West are just consumers. Typically they can't tune their own cars, heat their own homes or hunt their own food either. In the worst cases, some people haven't been educated to do anything more useful than consume corn syrup and TV shows... they are like big ol' plants.
It's not that there is anything wrong with it, it's just that it's so ridiculously primitive. I mean, rwxrwxrwx is such a incredibly limiting mindset... if you've never developed a large complex system on a more advanced filesystem (like VMS or Novell's Netware file system) you probably aren't aware of what you are missing.
Limiting files to only one group membership, and only five possible file manipulation properties (rwxts) is really lame, it's a 30 year old paradigm that several other OSes surpassed 20 years ago. Novell even used to have "rename inhibit" as a filesystem attribute!
Stacking ACLs on top of other architectures has always been a way to create system maintenance nightmares, ACLs enable as many problems as they solve in unskilled hands (at least you can back them up with the files they apply to these days, though, that's a recent improvement in the *nix world).
These days, good version of unix have filesystems with versioning, such as: http://wayback.sourceforge.net/. In this case, the versioning is implemented using a very general machanism, instead of being built in. This allows, as a result, many more things than just versioning filesystems. You should look in to FUSE.
Thanks for the link; I'm already familiar with FUSE. Wayback looks nice, especially for anyone who doesn't already have something based on Mike Rubel's paper set up, but it's not solving the same problem as a file system that cleanly implements version numbering.
There's nothing wrong with a sharp rock. But I'd rather have a nice steel axe when I need to chop down trees. Once you've used a better toolset it's hard to go back to the stone age.
It's really optimal in rolling piedmont type terrain, you get the benefits of "pulse and glide" without actually doing anything. On totally flat ground I'd be tempted to buy an old Mercedes diesel and run it off vegetable oil.
Like you said earlier, "what people think they need and what they actually do need are worlds apart"... There are plenty of cars on the road with significantly less horsepower than the Prius, so you can figure that anyone complaining just didn't do their homework, they're looking at the car based on hype and not their actual needs.
Slashdot Mirror
s!(?:^|\w*/|\.\./|\./)[^\s,@;:]*(?<=/)([^\s,@;:]+?)(?=[\s,@;:]|$)!$1!g;
Can you see the bug in this code? I didn't think so. Perhaps if you re-wrote it as an iterative loop it would be obvious... it will probably execute as an iterative loop at run-time anyway, so you shouldn't lose any performance unless you're incredibly bad at writing loops.
Adding a comment to the effect of "strip path to create untainted filename" would be nice, too.
This regex could be made even less comprehensible by eliminating the repeating \s,@;: in favor of a variable built with hex codes. Write it in sed for maximum obfuscation!
Bad coders can write bad code in any language.
I use gawk (Gnu Awk) for that job. It's the best tool I've found for rapidly re-writing hundreds of source code files on a running production system.
Arnold Robbins: "AWK is a language similar to PERL, only considerably more elegant."
Larry Wall, from audience: "Hey!"
find \corp\perl -type f -name \*.pl -exec fixbug.awk {} \;
Better be sure you know what you're doing before you press the button, though! I recommend building a cloned test environment.
Perl is the enfant terrible of the programming world. A very smart one, but requiring the same smartness of its users.
I'm not disagreeing, but haven't we heard this before?
Ah, yes, s/perl/lisp/.
I don't recognize the acronym "GX".
I've got "always use SSL" checked now, of course, and glad of it.
I agree with your major points, but a small quibble:
if a user MANUALLY enters https://mail.google.com/ I argue that google should INFER that the user wants to be SSL-only, at least until they explicitly log out.
Yes, that's how it's been working for me. I'd rather it always used SSL/TLS regardless, myself, but as long as I remember to type "https://gmail.google.com" in the URL bar before I log in, gMail will stay on SSL until I log out. It's been acting that way for about a year I guess; I used to have to do some much more complicated shenanigans to make it stay encrypted.
Security by obscurity isn't security.
Security by mindlessly parroting buzzphrases is better? Here, I've got one too - Wikipedia says "it can be argued that a sufficiently well-implemented system based on security through obscurity simply becomes another variant on a key-based scheme, with the obscure details of the system acting as the secret key value."
If relying on restricted knowledge to control access is so bad, then tell me all your user IDs and passwords! You've got no need to hide them, right? Revealing these details of your security system is totally safe since you don't rely on obscurity, right?
The point is, why place data you are trying to keep secure in an environment where you give away the password, in clear text, every time you access it? Are you REALLY arguing that this is intelligent by design?
No, I have made no such argument, and there's no need to put such words in my mouth. The original poster asked a question, and somebody (you?) made a false statement which I refuted, and now you are throwing straw men around and contradicting yourself.
Secrecy is usually a vital part of good security in the Real World [tm]. The catchphrase "security by obscurity" is great in the lab, but most enterprises cannot afford security systems that will withstand full disclosure of all access mechanisms. Feel free to publish your passwords and prove me wrong.
I gave the kids OLPC XOs last December, and my 11 year old bricked his in less than a week... he tried to replace sugar with a full gnome desktop, (even though I told him it was a bad idea) and things just sort of devolved from there... he ended up with a horribly corrupted filesystem and couldn't boot.
Day before yesterday he finally managed to completely wipe and reload it with the latest XO build.
I didn't help, he fixed it himself. Probably spent about 20 hours on it all told.
Answer: there is NO SECURE STORAGE using a NON_SECURE PROTOCOL. Next.
Sure there is. I will encrypt my 10 KB file of sensitive data and bundle it up with 10,000,000 similarly sized files containing pure random gibberish, and upload the whole mess to two dozen different FTP sites. Only I will know the name of the one file that contains encrypted data, and you can have the time of your life wasting your botnet time on attempting to "decrypt" all that trash. Elaborations on this theme abound, I'm sure there are plenty of ways to securely store data over insecure protocols.
OK, there are ways that you can treat an FTP site as if it were a disk volume. Start by looking that up.
Now, encrypt the volume. If anyone mounts it without the volume crypto key they get gibberish.
Use Mike Rubel-style rsync-based backup methods (with or without batch mode files as you wish) to make your backups to the encrypted volume. The encryption will happen on your side so the keys and unencrypted data will never be passed over the insecure FTP connection to the insecure site.
You'll want some kind of checksum/hash/whatever so you can detect tampering or bit rot, but I'd expect that a good crypto filesystem will already have something of the sort.
Note, I haven't actually done this - I use SFTP instead of FTP and I don't use untrusted sites to store backups - but it'll work in theory, and I've seen all the pieces of it in various places.
Spammers and virus writers employed by spammers to create their zombie pools have been turning up dead for almost two years now.
Two bodies, and one of them by his own hand. Not exactly a trend... unfortunately....
I suppose if you didn't bother to do anything more than glance at the search page you'd get that impression.
Maybe if I was more public spirited I'd do the thirty minutes of research required to show you the trend, but honestly I don't care enough. Wait, here, try this, which was supplied by another poster who has better Google-fu.
Nice query link; I'll be using that trick! Thanks!
Seriously though ... if spammers started turning up dead where would the police even begin their investigation? There's only a pool of what, half a billion suspects?
Spammers and virus writers employed by spammers to create their zombie pools have been turning up dead for almost two years now.
Property rights aren't always absolute. E. g. You might get some disagreement from a surprising source if you started exercising your property rights to remove your local cable provider's transmission lines from your yard
Yeah, Comcast got surprisingly upset when somebody took an axe and cut their cables at my property line. The cables were all neatly tied back to the nearest pole and everything, you'd think they'd appreciate the tidyness of it. There was no easement in my deed that applied to Comcast, so I refused their repair crew entry to my property and they had to route around me (in the power company right-of-way that they were supposed to be using in the first place). My property had a lot more curb appeal without their ugly, poorly maintained wiring draped over it, so I have no complaints.
At about the same time, I happened to find some nice abandoned coax with an integrated heavy steel suspension line, that was very useful to a project I was working on. Go figure!
I've installed FiOS twice now (Verizon will tell you their technicians installed it, but I was able to come to an agreement with the boys in the van) and I can tell you how it's laid out.
First, they bring glass off the nearest pole into a sheltered area with a 120 VAC power outlet, such as a basement or garage. If they can figure out a way to get power to an outside wall under an overhanging eave or porch roof, they probably will, unless you insist that it be inside. I like to run the glass through the wall right next to the power service entry (since there's no EMF issue to worry about) into the basement. Leaving the boxes outdoors benefits only the Verizon techs and not you! Your gear will last longer indoors.
Verizon techs prefer to use premade fiber links, since glass termination is time-consuming and requires patience and training that many of them don't have. This might result in them stuffing huge loops of glass inside walls or behind your furnace (or even cable-tying a dozen loops to the phone pole) if they don't happen to have the right length in the van with them. Don't let them do anything ridiculous.
If they can mount their gear on a wall with studs on 16" centers (as in standard western platform construction houses) they will use a pre-configured all-on-one-backboard unit that includes a small BBU (battery backup unit) and UPS (uninterruptable power supply) as well as an ONT (Optical Network Terminator - usually an AFC/Tellabs box). The ONT will be connected via cat5 to an incredibly crappy Actiontec router/firewall/wireless unit. Lately these are MoCA enabled and consequently you might find it difficult to source more reliable equipment to replace the Actiontec. Verizon warranties it, but will not replace it for free if you lose or destroy it. If you have a home network or do a lot of simultaneous connections expect to reboot the actiontec frequently.
If you've got ancient stone walls and timber framing, or something equally alien to the Verizon tech mindset that will not easily accomodate the single-backboard rig, they can mount each of these items separately. If you are mounting on a stone wall you may find that the Verizon tech's idea of a secure mount is different from your own!
Once they've installed the ONC and verified connectivity to the CO (central office) they will disconnect your existing copper telephone line and run a line from your existing POTS demarc to the ONC. The CO operator will type some stuff into their phone switch and your existing phone number will be reassigned to the POTS port on the ONC reasonably instantaneously.
WARNING: The existing copper POTS line entering your house has some sort of lightning protection - typically there's a ground rod driven into the soil next to the entry point. When the tech kicks you over to glass, the glass line does not need any such protection for (hopefully) obvious reasons. If the copper is cut back to the pole, great, but if that's not possible for some reason MAKE SURE THE OLD LINE REMAINS GROUNDED. Best to get rid of it entirely, unless it's buried.
If you get Verizon's TV offering you'll get set-top boxes and a DVR (usually Motorola, I'm told) as well. I don't do the TV thing so I'm less qualified to speak to that.
The verizon tech will want to install a CD full of hideous Verizon bloat and spyware onto at least one of your computer systems, and will probably try to tell you that you can't use Verizon email or web services without doing so. Since I don't use any operating systems that they support, I declined to do this, and used firefox on linux to register my system. Their web interfaces are very badly designed and rely heavily on cookies so you have to fiddle with your noscript, adblock and cookie management settings to make it work right. I also had to set firefox to identify itself as IE6 running on windows.
The BBU is rated for eight hours voice-only - if the ONC is configured to also provide internet
IBM ... helped Adolph Hitler with IBM Mainframes to run his concentration camps.
Got a source for that?
Bad education is often fixable... unless of course we're talking about a son-of-a-boss.
I cannot independently verify the motives or reasons my phone battery operates the way it does, not can I verify any motives for manufacturers or phone companies to mess with my signal bars.
Good points; I did not realize from your brief post that you were interested in substantiating the article's vague claims of conspiracy - I thought you were concerned with the few claims it makes that are actually verifiable.
Make sure you read the article- I'm not arguing that these effects don't exist. I'm aruging that he's crying conspiracy, and doesn't have much more than anecdotal evidence. That needs a citation- somebody of authority within a cell or battery company who can confirm their motive. Anything else is speculation.
Hmmm, yes, OK. We have different interests so I misinterpreted your post. I didn't pay any attention to the "they are lying" gimmick the authors used as a hook for the story, and assumed that we were both talking about the technical issues. Sorry about the confusion!
In this day and age, though, "independent verification" basically means "citing a different source" -
No. It does not mean that. I am sympathetic with your basic theme here, but you do not get to redefine the English language and the scientific method because "science is hard". Piling up endorsements does not inherently substantiate truth.
it does NOT mean "giving you all the information you need to re-perform the situation/experiment yourself".
Correct. It DOES mean supplying enough information to allow others to fully understand one's claims, which might entail describing an experiment or referencing other works that do so.
There are any number of fields where it is beyond a regular persons' means or ability to prove something. In other words, you can't say "Hey, I don't believe you about this [nanotech/medical/particle physics/complex chemistry/deep space/supercomputer job/massively-scaled statistical analysis] thing, please give me a full report of your methodology, and only when I have successfully replicated your results will I believe you".
Yes I can. In fact, I frequently do - I prefer actual knowledge, rather than well-documented hearsay, if I can get it.
At some point, you're going to HAVE to weigh up the likelihood between whether they're telling you the truth, or whether they're part of a massive elaborate conspiracy (this is where checking their vested interests, biases and accountability is extremely helpful).
I generally discount the possibility of massive elaborate scientific conspiracies, because I never met a scientist capable of creating such a thing. And you know what? I almost never HAVE to have an opinion on the truth or falsehood of scientific claims that I can't personally verify.
Still, sometimes you have to have faith. But don't fool yourself into thinking that you've given up faith just because you've substituted Stephen Hawking or Nature Magazine for Muhammad and the Q'ran.
Cites are not required for independently verifiable claims.
What on earth do you mean? Of course citations are needed. Without citation, claims are just that: claims, hearsay, anecdote. Its citation and accountability that makes claims usable as evidence.
Very well, then. "The hare, because he cheweth the cud, but divideth not the hoof; he is unclean unto you." (Leviticus 11:6). Prove me wrong without resort to independently verifiable physical reality. No human is a more reliable cite than God, so you lose the cite war before it begins.
[snip]
There's a reason peer-reviewed journals don't accept papers without citation.
Yes there is. I doubt we'd agree on what that reason is, though.
The article was indeed interesting, and believable. But it has a bad case of [Citation-Needed].
Cites are not required for independently verifiable claims.
This is the difference between faith and science. If you give someone information that they can independently verify, and they base their belief on the results of their independent results, that's science (even if they are wrong, it's still application of the scientific method). If you ask someone to believe something based on the idea that a person who says it is trustworthy, that's faith (although not necessarily religious faith). Insistence on credible "cites" to bolster physically verifiable claims or observable reality is not functionally different from a belief in biblical inerrancy. Believing something "because [insert authority figure here] wrote it in a science book" is just swapping one shibboleth for another.
128 Megs of ram is useless. I am speaking from incompetence.
Fixed that for ya.
To be fair, most people don't have the specialized competence needed to run a computer properly.
Most people in the affluent West are just consumers. Typically they can't tune their own cars, heat their own homes or hunt their own food either. In the worst cases, some people haven't been educated to do anything more useful than consume corn syrup and TV shows... they are like big ol' plants.
What's wrong with UNIX file semantics?
It's not that there is anything wrong with it, it's just that it's so ridiculously primitive. I mean, rwxrwxrwx is such a incredibly limiting mindset... if you've never developed a large complex system on a more advanced filesystem (like VMS or Novell's Netware file system) you probably aren't aware of what you are missing.
Limiting files to only one group membership, and only five possible file manipulation properties (rwxts) is really lame, it's a 30 year old paradigm that several other OSes surpassed 20 years ago. Novell even used to have "rename inhibit" as a filesystem attribute!
Stacking ACLs on top of other architectures has always been a way to create system maintenance nightmares, ACLs enable as many problems as they solve in unskilled hands (at least you can back them up with the files they apply to these days, though, that's a recent improvement in the *nix world).
These days, good version of unix have filesystems with versioning, such as: http://wayback.sourceforge.net/. In this case, the versioning is implemented using a very general machanism, instead of being built in. This allows, as a result, many more things than just versioning filesystems. You should look in to FUSE.
Thanks for the link; I'm already familiar with FUSE. Wayback looks nice, especially for anyone who doesn't already have something based on Mike Rubel's paper set up, but it's not solving the same problem as a file system that cleanly implements version numbering.
There's nothing wrong with a sharp rock. But I'd rather have a nice steel axe when I need to chop down trees. Once you've used a better toolset it's hard to go back to the stone age.
It's really optimal in rolling piedmont type terrain, you get the benefits of "pulse and glide" without actually doing anything. On totally flat ground I'd be tempted to buy an old Mercedes diesel and run it off vegetable oil.
Like you said earlier, "what people think they need and what they actually do need are worlds apart"... There are plenty of cars on the road with significantly less horsepower than the Prius, so you can figure that anyone complaining just didn't do their homework, they're looking at the car based on hype and not their actual needs.
More than 60,000 Windows programs won't run on Linux.
Wow, I didn't know there were that many crappy programmers.
Really - Is it "possible" or pretense?
That really is the question. Is it possible that the delivered price of Solar PV could drop 50% in a period of 18 months year after year?
I see what you did there.
No, the question is, is Chewbacca a wookie?