MacJunkie will be proven right, and Apple will release something that doesn't look at all like those photos
Ben Apple will eat his hat, as he said he would
Ben Apple will eat his hockey puck mouse, as he said he would
Ben Apple will eat both his hat and hockey puck mouse, forced by angry Slashdotters shouting something about the news media being bought
MacJunkie will quietly let the days pass by and mysteriously remove the page claiming the photos were fake. (And of course, subsequently get slashdotted by rabid slashdotters who want to show everbody and their mom how dumb MacJunkie is)
There will be 1000 posts to the next article on the Mac about why slashdot sucks and shouldn't post every article it has posted and should post everything else in the universe.
Now, keep in mind the obvious results of this poll (assuming everyone tells the truth of course), and re-read the posts attached to this article. Am I the only one who thinks that these posts are rather funny, given that the majority of Slashdotters are not in category (4)?:-)
FYI, my post(s) are not trying to say that Open Source is inadequate by any means. I was just trying to point out that we take way too much comfort in open-source and think that it's the miraculous cure to security problems, which it's not. OTOH, closed-source software probably suffers from worse problems, because now you don't even have the source to check for visible backdoors.
Of course the binary may still be tampered with, therefore you should compile everything yourself with a compiler you _trust_ (keyword), or perhaps audit the binary comparing it with the assembler source/output.
Sorry, you have a good point, but you're missing the argument here. The author's argument is basically to show a chicken-and-egg problem: auditing the source code will guarantee you security if the compiler is trusted. But how would you trust the compiler? You cannot compile a compiler if there are no binary versions of it in the first place!!
OK, fine, you can verify it by comparing the assembler source/output. But using what? Surely using an executable (ie. binary) assembler/linker and/or disassembler. But now, you need to verify that the assembler/linker is trustworthy! But how would you be able to verify this if there are no trusted executables to begin with? Having the source is worthless, because it's non-executable. And even if you have a source interpreter, you will still have to trust the interpreter.
You can continue this argument in an infinite regression -- from assembler to hardware,... even the article mentions that a microcode bug embedded in the CPU will be almost undetectable. The further back you go, the more impractical it is to verify everything; yet that is the very thing that opens up the possibility of security exploits.
Having the source code does not help at all. Unless of course, you build your own CPU from ground up, and implement the assembler, linker and compiler by hand, using the source code. (Must be done manually; since you cannot trust pre-made binaries.) This gets quite impractical, so ultimately, we are all basing our complex software systems on the trustworthiness of our OS vendors, be it a proprietary company or an open-source company. The point is, if they really wanted to, they could easily screw us over and it's possible that the exploit will never be detected or be practically fixable.
Umm... since when is Open Source = security?? Somebody has already posted this link on a previous story already. It describes a kind of trojan that not even source code auditing can prevent.
But of course, seeing that slashdotters never bother to do their research (in spite of habitually telling newbies to RTFM), here comes my obligatory Slashdotter response poll:-P
Poll: Most typical response to this article:
See? It's right in your face and you still won't admit that Open Source is flawed! M$ forever!
What?? Open-source != security? Oh no!!! My world... collapsing!!
PGP is eVil! Down with PGP! Everybody use GnuPG! We all know that the GPL makes it secure! (huh?)
*ahem* *cough* umm..., yeah, IIRC, IANAL AFAIK, but *ahem* yeah, this doesn't prove anything, you see, open source is always right, *ahem* this is just a special case, blah blah *ahem* ok please gimme my daily dose of karma.
For your information, Signal11... (hmm, anyone know if the moron who posts this to every other article is a spam-bot?)
Hahaha, you obviously missed the whole point of my post. The punchline in my post wasn't in the parodying of Slashdot. It was in the fact that the post parodies itself.
What is the most likely Slashdot article to appear next?
Yet Another Fiasco involving Napster
Yet Another {DMCA, RIAA, UCITA, insert-your-favorite-enemy} bashing session.
Famous Person X (or not-so-famous person X) writes something inflammatory about {Napster, Open Source, Linux, GPL}. News site gets slashdotted, Slashdot gets filled with zealot posts.
You can run your Linux box off potatoes! Serious!
RAM prices are dropping! Run for cover! CPU prices are rising! Ride the tide!
Scientists have discovered Yet Another Innovation! Rabid slashdotters rush to post uninformed, nonsensical posts that get modded up to +5!
Hemos re-posts something redundant! Addicted slashdotters complain that slashdot isn't reading itself, but they're too hooked to find a better site!
Slashdot posts a movie review. Sane slashdotters complain that the movie sucks. Insane slashdotters elaborately explain why Natalie Portman is hotter than the lead actress.
Help! such-and-such a state is adopting the DMCA! Big Brother is Taking Over(tm)! It's the End of the World!
Call For Arms(tm)! All Slashdotters respond, but none show up for the real thing! (they have Vaporware, Slashdot has Vaporprotests)
Write your congressmen! (email routers crash and burn in flame mails two days later)
The DMCA actually {has some redeeming points, isn't that bad, actually helps something or other} (-1 flamebait, or +5 Insightful, depending on moderators' collective moods)
You all are software pirates, that's why you hate the DMCA! (-1 Troll)
*Click on Back button* *Click on reload* Hmph, why doesn't/. post a real story?!
I've always wanted something like this on/. Slashdot polls really should be run by Slashdot readers themselves. Everyone should be able to create their own polls, and the moderators will help decide which polls are worthwhile to read / participate in. Then of course, everyone can post comments or even attach new polls, etc..
I can't wait till something like this is implemented in Slashcode... this could be the best thing that happened to Slashdot since the SPSC:-)
Hmm, seeing that there is apparently no factual report about why/. has been so unstable this week, I guess it's time to take a conspiracy theory poll...
Poll: Slashdot is very unstable this week because...
Giv'em a break, guys, they just switched servers and are still ironing out the problems. It will turn out OK.
Microsoft has secretly set up a task force with the sole purpose of DDOS'ing Slashdot so that people won't be able to get a copy of the Kerberos spec without clicking through the license.
These conspiracy theories are nonsense! Slashdot has just been getting too much popularity (think, how many people read Wired and see the Slashdot link?) -- it's Slashdotting itself!
The Trolls Are Taking Over(tm)!!!
It's the WAN routers that are at fault! Slashdot is infallible!
CmdrTaco, Hemos, & co. obviously have lived up their promise of not sleeping until Monday. These server problems are a clear sign of drowsy admins who have been living off caffeine several days too long! "Caffeine overflow, Brain Dumped."
A Perl attachment (I dread the day executable content becomes a "normal" part of stuff like email)
A Linux "advisory" message that goes "For blah-blah-blahh reason, you really should fix up your mail client... If you're using Mutt, type |bash"... (who says Mutt is immune to viruses?!)
In order to continue reading the pr0n trolls on Slashdot, you must pour a bowl of hot grits into your hard drive right now, and click OK. Do you wish to continue?
Yes
OK
(Glossary: "hard drive" is usually used to denote the secondary storage device on your computer...)
This is more like a speculation on what might happen than a poll, but hey, it could work as a poll too. (Don't blame me, I'm the Poll Mastah, I express myself using polls.:-)
What will happen when Slashdot moves to a new server?
Everything will be fine, and everybody will be happier with better bandwidth, better response time, and of course, faster hot grits;-)
Slashdot will cease being Slashdotted.
Unexpected problems will arise and Slashdot will once again Slashdot itself.
The trolls will be happier because now they have more bandwidth to burn.
The karma whores will be happier because now they can collect karma points faster
The Obsessive, Compulsive Slashdot reloaders will be happier now that they can hit a reload rate of 10 reloads/second.
There will be a mad rush to first-post on the new server. (Mark my words, you better bet this is coming!!)
Those wonderful long JonKatz stories with the typical 500+ comments attached will finally take less than 20 minutes to load!
Many Anonymous Cowards will complain and threaten to _____ (sue, flame, murder, you-fill-in-the-blank) CmdrTaco, Hemos, JonKatz, their relatives, their friends, etc., etc., because a certain 1-line post was inadvertantly lost during the data transfer.
Hmm, this gives me an interesting idea... for another Slashdot poll suggestion, of course:-)
Why does Win2K have more lines of code than all the open source projects combined?
Because open source projects are lean and mean, and pack a lot of punch; not spongy and flabby like M$ bloatware:-)
Because open source programmers don't like their programs to have any features. Features are for M$ spoon-fed victims. (sarcasm)
Because Win2K actually does something, unlike open source software which merely rides on hype (I mean, it takes a lot of effort to cause Linux kernel panic whereas under Win2K it's so easy that sometimes it's even spontaneous -- obviously M$ understands, unlike OSS fanatics, the need for an easy way to crash!)
Because Open Source is just hype, and cannot produce anything close to a real system.
Face it, people, M$ knows what it's doing and ain't a bunch of loud-mouthed teenagers shouting Long Live Open Source without knowing how the real world works.
Because... how else would there be enough room for all those 64000+ bugs to hide?!
Because that's how M$ programmers avoid getting laid off: Pad every source file with lots of newlines and useless comments (not to mention the occasional bug) so that their employee record shows a high count of number-of-lines-of-code they wrote.
Because Win2K is written in a verbose language known as VB.
What do you think, is this "new technology" by HP any good?
Umm, isn't it cheaper and easier just to buy and setup screen capture equipment?
Well, at least those who have no idea how to set up screen capture equipment can now print screenshots from their favorite show!
Gah! What a waste of ink! Who wants to print anything from TV, of all things?!
HP is just trying Yet Another Way of selling Ink! Beeg, Baad, Coorprashen! Beeg! Baad!
Yes!! I mean, now I can actually print nice screen captures of Natalie Portman when she appears on screen, plus all those other shows past a certain time of the night...
No!! The forests are dying! We do not need another way of killing trees!
*Yawn* *clicks on Back button* Hmm, why doesn't Slashdot post better stories nowadays? CmdrTaco must be getting old. Slashdot is going down the tubes. Look at all the worthless posts on this article. Trolls, karma whores, and what-not. Yeah, it's all the trolls' fault. Blame it on them. Yeah, and blame it on those lame moderators who always seem to mark useless posts as Funny.
So what do you people think about this recent streak of losses against the "Big Bad Corporations"?
It's inevitable. Whether you like it or not, Napster and MP3.com are (as far as the public eye is concerned) pirating tools, and they don't stand a chance in court.
Lawsuits are controlled by money these days. What with giants like the RIAA, there is very slim chance of Napster and MP3.com winning out in court.
Call for Arms! This is an infringement of our constitutional rights! If only All Geeks(tm) would get together and Go On Strike! (Yeah, like that accomplishes anything)
It just shows what kind of boneheads are in charge of the US right now.
Slashdot is just a bunch of lawyer wannabes shouting clueless opinions under the cover of the IANAL (and other such acronyms) banner.
I will just go underground then. They have never been able to stop us, they cannot stop us, and they never will stop us.
Slashdot is becoming boring. When are we going to have an interesting story? (why are you still reading Slashdot BTW??)
Disclaimer: I am the Poll Mastah. I express my opinions in terms of poll suggestions.
Yeah, I mean, yeah, you know, it's the FSF, you know, and it's good, you know, Open Source and all, they're the good guys, you know, and IANAL, but, you know, AFAIK, IIRC, it's the GPL and everything, so it's good, you know... the Good Thing (tm), you know.
GPL is the only way to go! Therefore you must assign all your copyrights to the FSF otherwise unknown, unseen loopholes will bite you!
Because you need the FSF's financial backing to cover your behind when you get into a lawsuit.
Because resistance is futile. This is Slashborg. You will be infested with the GPL virus(tm) and become one of us.
Gah, this is a non-issue. Those RMS-worshipping freaks are all commies anyway, and commies don't have no copying-rights.
GPL is a virus! FSF is evil! Everyone should use one of the *BSD licenses instead!
OOG SAY YOU MUST ASSIGN COPYRIGHT TO FSF, ELSE OOG BREAK HEAD WITH OPENSOURCE CD!
Can we please have a more interesting article? Slashdot is going down the tubes!
Disclaimer: the above is meant as a parody on the typical Slashdot Response. Don't read if you do not have a sense of humour.
Language is created by usage. Very few attempts to engineer the use of language are successful, unless there is some real-world social or political tumult associated with it.
Hmm, looking at the impact we techies are having on the world today, I would not be very surprised if our usage of language will well become the "standard". After all, we are the ones who use hacker and cracker in the "proper" way, and if we come to have a great influence over the world, our usage will become standard. (According to the same argument.)
Slashdot Mirror
No!!!It's because Ben Apple doesn't want to eat his hat for claiming those photos of the G4 were fake!
Poll: what will happen to the MacJunkie tomorrow?
(Quote from parent post's sig, in case you turned off sigs):
LOL!!! I have several other funny expansions of the acronym "IBM" too. Time for another Poll Mastah poll I guess :-)
Poll: what does IBM stand for?
Slashdot Poll: I am
Now, keep in mind the obvious results of this poll (assuming everyone tells the truth of course), and re-read the posts attached to this article. Am I the only one who thinks that these posts are rather funny, given that the majority of Slashdotters are not in category (4)? :-)
FYI, my post(s) are not trying to say that Open Source is inadequate by any means. I was just trying to point out that we take way too much comfort in open-source and think that it's the miraculous cure to security problems, which it's not. OTOH, closed-source software probably suffers from worse problems, because now you don't even have the source to check for visible backdoors.
Sorry, you have a good point, but you're missing the argument here. The author's argument is basically to show a chicken-and-egg problem: auditing the source code will guarantee you security if the compiler is trusted. But how would you trust the compiler? You cannot compile a compiler if there are no binary versions of it in the first place!!
OK, fine, you can verify it by comparing the assembler source/output. But using what? Surely using an executable (ie. binary) assembler/linker and/or disassembler. But now, you need to verify that the assembler/linker is trustworthy! But how would you be able to verify this if there are no trusted executables to begin with? Having the source is worthless, because it's non-executable. And even if you have a source interpreter, you will still have to trust the interpreter.
You can continue this argument in an infinite regression -- from assembler to hardware, ... even the article mentions that a microcode bug embedded in the CPU will be almost undetectable. The further back you go, the more impractical it is to verify everything; yet that is the very thing that opens up the possibility of security exploits.
Having the source code does not help at all. Unless of course, you build your own CPU from ground up, and implement the assembler, linker and compiler by hand, using the source code. (Must be done manually; since you cannot trust pre-made binaries.) This gets quite impractical, so ultimately, we are all basing our complex software systems on the trustworthiness of our OS vendors, be it a proprietary company or an open-source company. The point is, if they really wanted to, they could easily screw us over and it's possible that the exploit will never be detected or be practically fixable.
Umm... since when is Open Source = security?? Somebody has already posted this link on a previous story already. It describes a kind of trojan that not even source code auditing can prevent.
But of course, seeing that slashdotters never bother to do their research (in spite of habitually telling newbies to RTFM), here comes my obligatory Slashdotter response poll :-P
Poll: Most typical response to this article:
Hahaha, you obviously missed the whole point of my post. The punchline in my post wasn't in the parodying of Slashdot. It was in the fact that the post parodies itself.
What is the most likely Slashdot article to appear next?
The Poll Mastah answers in the form of a Poll:
What should you answer when someone asks you about Perl security?
Oh I forgot one more option:
11. Boycott the DMCA! Boycott Amazon! Boycott everything! Move to a mountain and boycott modern society!
Here comes another DMCA-bashing session. So, here comes another obligatory Typical Slashdot Response Parody poll from the Poll Mastah...
What would you post in response to this article?
Hey, this is a cool idea!!!!
I've always wanted something like this on /. Slashdot polls really should be run by Slashdot readers themselves. Everyone should be able to create their own polls, and the moderators will help decide which polls are worthwhile to read / participate in. Then of course, everyone can post comments or even attach new polls, etc..
I can't wait till something like this is implemented in Slashcode... this could be the best thing that happened to Slashdot since the SPSC :-)
Hmm, seeing that there is apparently no factual report about why /. has been so unstable this week, I guess it's time to take a conspiracy theory poll...
Poll: Slashdot is very unstable this week because ...
What do you think is the most likely virus to hit Linux?
Slashdot poll suggestion:
In order to continue reading the pr0n trolls on Slashdot, you must pour a bowl of hot grits into your hard drive right now, and click OK. Do you wish to continue?
(Glossary: "hard drive" is usually used to denote the secondary storage device on your computer...)
This is more like a speculation on what might happen than a poll, but hey, it could work as a poll too. (Don't blame me, I'm the Poll Mastah, I express myself using polls. :-)
What will happen when Slashdot moves to a new server?
Hmm, this gives me an interesting idea... for another Slashdot poll suggestion, of course :-)
Why does Win2K have more lines of code than all the open source projects combined?
What do you think, is this "new technology" by HP any good?
So what do you people think about this recent streak of losses against the "Big Bad Corporations"?
Disclaimer: I am the Poll Mastah. I express my opinions in terms of poll suggestions.
Why should I assign my copyrights to the FSF?
Disclaimer: the above is meant as a parody on the typical Slashdot Response. Don't read if you do not have a sense of humour.
No it's not Haquer, it's H4X0R!!!!!
But of course, seeing that H4X0R is used more by scr1pt k1dd135, perhaps that should be the spelling for the "bad" meaning of hacker...
Side note: the topic "Hack vs. Crack" seems to conjure up the phrase "Wanna smoke some hack?", but I don't know why... :-)
Hmm, looking at the impact we techies are having on the world today, I would not be very surprised if our usage of language will well become the "standard". After all, we are the ones who use hacker and cracker in the "proper" way, and if we come to have a great influence over the world, our usage will become standard. (According to the same argument.)
Opinion poll: tech stocks will ...
Who do you think best fits the job for producing Geeks in Space?