I'm assuming you're approaching this from a US centric point of view. If not, please ignore.
From a U.S point of view the courts have made it VERY clear that the police, and the state in general do NOT have a duty to protect you (they should, and most try, but it is not a requirement). To quote
" But there is no constitutional right to be protected by the state against being murdered by criminals or madmen. It is monstrous if the state fails to protect its residents against such predators but it does not violate the due process clause of the Fourteenth Amendment or, we suppose, any other provision of the Constitution. The Constitution is a charter of negative liberties; it tells the state to let people alone; it does not require the federal government or the state to provide services, even so elementary a service as maintaining law and order." (Bowers v. DeVito, 1982) see http://ftp.resource.org/courts.gov/c/F2/686/686.F2d.616.80-2078.80-1865.html, paragraph 6.
To continue. The state "... does not have an affirmative duty to protect individuals from private third parties" (Gonzales vs. City of Castle Rock, 2004).
If you really want an eye opener on just what the state can get away with not doing in regards to the protection of a private citizen, read the Gonzales vs. Castle Rock opinion. It's read that sounds like a bad "B" movie.
The key part of the Bowers decision, in regards to your argument is "...it does not require the federal government or the state to provide services, even so elementary a service as maintaining law and order" (Bowers v. DeVito, 1982). This doesn't (in my opinion) invalidate your argument, but you'll be hard pressed to argue that a service is, in of itself, a right, rather than a privilege.
One last point, you *DO* have the right "to not be killed by random strangers", but, as the court noted, it is up to you to claim that right. You can have Life, Liberty, and Happiness, but it's up to you to do what is necessary, within the confines of our society, to exercise those rights.
"You'd be surprised how Internet-savvy homeschool teachers are. They don't often post to/.,"...
Correct...
Posting unpopular view points to./ could be equated to showing up at a SBC meeting wearing a Save-the-Gay-Whales-for-Allah T-shirt while drinking a beer. Unwelcome, proven pointless, and more than likely to result in the larger "enlightened" group taking up virtual pitchforks and yelling "Get a rope, they ain't like us!"
"... but clearly something as wonderful as subversion.."
As I've pointed out before....
Until the Subversion folks learn about a little thing called "Security"*1 Subversion is pretty much unless for the real world.
Until Subversion has the ability to use a repository a bit more robust than sleepycat's db *2 (hey, sorry I'm corrupt, think I'll just go wipe 3000MB of commits now...) Subversion is pretty much unless for the real world.
notes:
1. Layering something as weak as HTTP AUTH/Basic on top of the Apache2 interface is not creating a "Secure" Subversion.
2. I know they have some sort of Filesystem repository now, but honestly, after watching Subversion's db repository "eat" several gigs of data in trials, I'll pass...
Article is interesting (I disagree with some of it, but hey, opinions are like strings, every yo-yo has one).
The one thing I want to point out is that the article is very *VERY* centered on consulting from a freelancer point of view. Working for a consulting company is an entirely different ball of wax. The emphasis on technical vs. soft-skill is different, and the politics are totally different. While the author does a decent job of talking about what it's like to be a freelancer, don't read this thinking it tells you much of anything about how things work outside of that.
Most Bush-voters think the Iraq war was justified,
Not me... Believed when it was started and believe now that it was unjustified, but frankly I did not see a damn thing that Kerry was going to do about it.
Kerry talked a good, slick talk, but I'm not sold on sound bites, I'm sold on concrete plans with milestones and goals. Kerry had none of those. Oh sure, he could talk about bringing "Other" countries in to help, but most of the likely countries are on record as saying that they will not, regardless of who's in office or the policies. That given with Kerry's past comments on the ones that HAVE helped are pretty negative, I simply did not belive him.
I'm CERTAINLY no GWB fanboy, but Kerry did not show how he could do any better in Iraq.
Couple that with the fact that Kerry's healthplan was unworkable and general misgivings that any man worth 160M can somehow "connect" with the "Average" american (who earns between 23K and 40K or so) and I voted for Bush.
The rest of the world may hate my vote, but honestly, it was not a choice of voting for metastopholies or $Diety. It was choice between voting for metastopholies and Beazelbub. Both are bad choices, but you gotta pick one.
Unfortunately America has a huge born again fundamentalist Christian block, something you probably dont have anything quite like in Europe. It has acquired huge power in and through the new Republican Party. They vote with their hearts and not their intellects
A few points my uninformed friend....
1. Actually, take a look at the polls (google for yourself), less than 35% of the US population belongs to a Evangelical organization, only a
percentage of that will be fundamentalist (looked, but could not find solid stats on Fundamentlists, sorry). (see http://www.christianitytoday.com/money/articles/ke ystatistics.html and more info at http://www.religioustolerance.org/chr_prac2.htm ).
2. They do not vote their hearts. They vote what they believe is their faith. While you (and I) may disagree with that *choice*, they are free to have whatever faith (or lack thereof) they choose. Understand that voting with your heart is not the same as voting your faith.
"They are very easily manipulated, reference how Jim and Tammy Fay Baker played them like a fiddle and how Bush/Cheney/Rove play them now"
3. Somehow I think throwing up a strawman of a 80's era televangelist and claiming that these poor misguided souls can't tell the difference between a "forgive me for I have sinned" televangelist and an election is not only a bit , IMHO, crude, but highly untrue, unless of course you can provide us with data that shows that former contributors to the Bakkers are now hard-core Republicans. I'm pretty sure you'll find that's not true, since most televangelists prey on the elderly, which have historically been much more democratic leaning.
Today's American Christians appear mostly intolerant of the poor, those who aren't Christian and those out of the main stream, and instead appear to favor wealth and people that are like them in defiance of the real teachings of their religion.
4. Really? not from what I've seen. Christians are bound by faith to serve (see http://www.svdpusa.org/ or http://www.opusdei.org/ as an example or two). I'm curious what you mean by "out of the main stream"...
5. One last 'itty bitty point, while I know it's considered "cool" and "correct" to claim that American Christians are somehow all Pro-War, and Pro-Bush, the polls don't support this.
Take a look at http://pewforum.org/docs/index.php?DocID=20 for a pretty good article on it. Another good article here http://www.christianitytoday.com/ct/2003/112/12.0. html
>If your the type that needs a service that allows servers, static ips, > 4 hour service resolutions, higher upload then you can pay extra for > those things and get a business class connection. That's really what > it boils down to.
You know, I tried. The problem is that Comcast wouldn't know a business class connection if it reached up and drove them to orgasm through prostate stimulation. The $95 a month "Pro" has a few itty b bitty problems...
1. Web servers (not allowed by the TOS of the Pro package, and they will smack your virtual fingers if you try).
2. The IP space is listed in the same blocks as the dynamic IP's. In other words AOL will still block your mail. I know they *claim* it's separated, but look a bit closer, and chat the friendly folks at AOL, it's not.
3. 384K upstream. for $95 a month you want me to pay for near IDSN speed upstream bandwidth?
4. No SLA. A 4 hour resolution is not a SLA. It's an expected problem ticket turnaround time.
They sell a "Workplace" solution, that's an upgrade to the Pro solution, it's $195 a month. For that you still have the problems 1 and 2. Web servers are allowed in the Workplace solution (remember kids, they are selling this as a business solution), only if they are non-public (they must be password protected). They also install a Comcast managed firewall on the customer premises with the Workplace solution. Extra is charged if you want ports open.
Business class connections, in a nutshell, mean sell me the bandwidth, meet a reasonable SLA, and make sure your architecture is robust.
I spent nearly a month trying to work out a mutually agreeable solution with Comcast business sales, in the end, they were simply not change any of the preexisting TOS term that apply to the "Business Class" connections they sell.
ok, this of off topic, but hey laing, how come no info on your solar page? how did you do it? what materials? who did the wiring for you? How large is your array?
Inquiring minds would love to know (if nothing else, I'd love to see how cost effective it can be).
Using the firefox + adblock + flash + proxomitron seems to work just fine with the sites I've been referred to so far
http://environmentalchemistry.com/yogi/periodic/ only, ads are the textual google ads. http://dilbert.com/comics/dilbert/archive/ only ads again, are google text ads http://www.kompas.com/ dear heaven look at all the flash that wants to play, (flash click to view stops them all).
Not sure if your.sig was referring to the top posters comment about the last official qmail release being old or not, but.... netqmail is "comprised of qmail-1.03 plus a patch file, some documentation, and a shell script which prepares the files for compilation" (to quote the site) Which means it's still been years since the last official qmail release. Netqmail is simply qmail (src) + patches + script to apply patches.
From the gforge faq, on why it doesn't support Mysql (see http://gforge.org/docman/view.php/1/24/faq.html) "You could do it, but why bother? To quote Tim Perdue - "GForge could not be made to run on the primitive MySQL database without serious hacking, and I won't accept those kinds of changes back into the system. For the amount of work involved in such a project, you'd be better off taking an hour to learn postgres. It's a superior database in every way, with the only point of debate being speed on simple 'hello world' type applications".
It'd be a lot of work because:
1. GForge uses Postgres stored procedures, so you'd have to convert those into PHP functions
2. GForge uses Postgres functions like pg_connect, so you'd have to replace those with the MySQL equivalents
3. GForge uses subselects, so you'd have to rewrite those to use temporary tables or whatever (MySQL 4.1 supports subselects, so once it becomes production-ready, this won't be a barrier anymore) "
So what they are telling me is that this thing is hard coded around PG specific routines..... That's NOT a good thing, I don't care what they think about Mysql (ditto applies to DB2, SapDB (Now MaxDB), Informix or Sybase).
I've seen this, and a company using the mod_auth_mysql plugin, the prob is that it still doesn't address the core fact that svn still really doesn't the issue that, add-ons (and that's really all the mod_auth_* plugins are) aside, it wasn't really designed with security as a primary focus.
If I'm going to pitch a SCM tool for a company to use, it's got to have a decent security model, with good accountability. svn as it now stands, just doesn't cut it.
I saw one guy pointing out after reading my post that people might want to read the SVN anti-fud faq. I'd highly agree, especially the parts about blanket read/write permissions for svn native protocol, or the parts about http basic......:).
You forgot to add the insanity of db3/4 to the "horrible things added" (see the SVN anti-fud page, where it rants about the proper care and feeding of db3/4....).
Frankly, the one big problem I see with Subversion is that it, like many of the OSS SCM tools I see out there, has little to no sense of security. This is not a dig to the SVN guys, but how can I reccomend a tool that show so little thought with regards to security when that tool may be the only thing standing between our developers and someone sticking a backdoor/trojan/virus in a piece of code?
From reading the svn book, the only login security I see that's really supported is HTTP Basic (I dont' see really any docs on SVN's own protocol with regards to this), which is a joke. Looking at it further I see you *could* try and use it with the various mod_auth_* modules (only the ones that work with apache2) , but only to the point where they mimic HTTP Basic.
Unless someone reworks HTTP Basic so it has concepts like account lockout, proper account management, address restrictions (actually you can mimic that with htaccess parms, but it's a PITA), and decent logging, it's not a wise choice.
Digging deeper, SVN uses db3/4 for it's storage, which again, has no idea of resource limitations or access restrictions (and doesn't handle large binaries check-ins well either).
SVN looks like a decent SCM for a really open project, but it doesn't go nearly far enough in fixing the basic problems of CVS with regards to security. The last time I broached this with the SVN guys, the response was more or less "just tunnel it over ssh". That doesn't fix the basic lack of security in the SVN design, and doesn't work with many of the popular SVN add-ons.
my.02c from someone who spent the better part of a quarter trying to find a decent OSS SCM tool to replace our CVS and QVCS repositories.
http://www.no-smoking.org/july03/07-25-03-2.html note, however "The law also prohibits sales of so-called "children's packs," which have less than 19 cigarettes and popular among youths because they are cheaper."
also http://fr.news.globalink.org/248182.shtml for more about the so called "Children's packs"
Slashdot Mirror
The subject says it all Rob. As another poster noted -- from a guy you never met, we wish you well and will miss you.
As an aside, with 'Taco gone, what will the default poll option be??!
Minor correction.. it's HIPAA, not HIPPA.
I'm assuming you're approaching this from a US centric point of view. If not, please ignore.
From a U.S point of view the courts have made it VERY clear that the police, and the state in general do NOT have a duty to protect you (they should, and most try, but it is not a requirement). To quote
" But there is no constitutional right to be protected by the state against being murdered by criminals or madmen. It is monstrous if the state fails to protect its residents against such predators but it does not violate the due process clause of the Fourteenth Amendment or, we suppose, any other provision of the Constitution. The Constitution is a charter of negative liberties; it tells the state to let people alone; it does not require the federal government or the state to provide services, even so elementary a service as maintaining law and order." (Bowers v. DeVito, 1982) see http://ftp.resource.org/courts.gov/c/F2/686/686.F2d.616.80-2078.80-1865.html, paragraph 6.
To continue. The state "... does not have an affirmative duty to protect individuals from private third parties" (Gonzales vs. City of Castle Rock, 2004).
If you really want an eye opener on just what the state can get away with not doing in regards to the protection of a private citizen, read the Gonzales vs. Castle Rock opinion. It's read that sounds like a bad "B" movie.
The key part of the Bowers decision, in regards to your argument is "...it does not require the federal government or the state to provide services, even so elementary a service as maintaining law and order" (Bowers v. DeVito, 1982). This doesn't (in my opinion) invalidate your argument, but you'll be hard pressed to argue that a service is, in of itself, a right, rather than a privilege.
One last point, you *DO* have the right "to not be killed by random strangers", but, as the court noted, it is up to you to claim that right. You can have Life, Liberty, and Happiness, but it's up to you to do what is necessary, within the confines of our society, to exercise those rights.
"You'd be surprised how Internet-savvy homeschool teachers are. They don't often post to /.,"...
Correct...
Posting unpopular view points to ./ could be equated to showing up at a SBC meeting wearing a Save-the-Gay-Whales-for-Allah T-shirt while drinking a beer. Unwelcome, proven pointless, and more than likely to result in the larger "enlightened" group taking up virtual pitchforks and yelling "Get a rope, they ain't like us!"
Yup, this is exactly why I donated to his opponent.
Why should a guy get elected just because he happens to be a geek? How about electing someone who has a clue about getting things done.
"... but clearly something as wonderful as subversion.."
As I've pointed out before....
Until the Subversion folks learn about a little thing called "Security"*1 Subversion is pretty much unless for the real world.
Until Subversion has the ability to use a repository a bit more robust than sleepycat's db *2 (hey, sorry I'm corrupt, think I'll just go wipe 3000MB of commits now...) Subversion is pretty much unless for the real world.
notes:
1. Layering something as weak as HTTP AUTH/Basic on top of the Apache2 interface is not creating a "Secure" Subversion.
2. I know they have some sort of Filesystem repository now, but honestly, after watching Subversion's db repository "eat" several gigs of data in trials, I'll pass...
dropped you a line via email.
Article is interesting (I disagree with some of it, but hey, opinions are like strings, every yo-yo has one).
The one thing I want to point out is that the article is very *VERY* centered on consulting from a freelancer point of view. Working for a consulting company is an entirely different ball of wax. The emphasis on technical vs. soft-skill is different, and the politics are totally different.
While the author does a decent job of talking about what it's like to be a freelancer, don't read this thinking it tells you much of anything about how things work outside of that.
> Like 13 blowjobs from a hooker? ;-)
I dunno 'bout you, but you'd probably die or at least wish you were after 13 blowjobs....
> By definition, people of above average intelligence are outnumbered.
Chuckle, Actually, by definition, they are equal*.
(Well, actually it depends on how the average is calculated, but for grins and giggles I used http://www.wordreference.com/definition/average )
Most Bush-voters think the Iraq war was justified,
Not me... Believed when it was started and believe now that it was unjustified, but frankly I did not see a damn thing that Kerry was going to do about it.
Kerry talked a good, slick talk, but I'm not sold on sound bites, I'm sold on concrete plans with milestones and goals.
Kerry had none of those. Oh sure, he could talk about bringing "Other" countries in to help, but most of the likely countries are on record as saying that they will not, regardless of who's in office or the policies. That given with Kerry's past comments on the ones that HAVE helped are pretty negative, I simply did not belive him.
I'm CERTAINLY no GWB fanboy, but Kerry did not show how he could do any better in Iraq.
Couple that with the fact that Kerry's healthplan was unworkable and general misgivings that any man worth 160M can somehow "connect" with the "Average" american (who earns between 23K and 40K or so) and I voted for Bush.
The rest of the world may hate my vote, but honestly, it was not a choice of voting for metastopholies or $Diety. It was choice between voting for metastopholies and Beazelbub. Both are bad choices, but you gotta pick one.
Unfortunately America has a huge born again fundamentalist Christian block, something you probably dont have anything quite like in Europe. It has acquired huge power in and through the new Republican Party. They vote with their hearts and not their intellects
e ystatistics.html and more info at http://www.religioustolerance.org/chr_prac2.htm ).
...
. html
A few points my uninformed friend....
1. Actually, take a look at the polls (google for yourself), less than 35% of the US population belongs to a Evangelical organization, only a percentage of that will be fundamentalist (looked, but could not find solid stats on Fundamentlists, sorry). (see http://www.christianitytoday.com/money/articles/k
2. They do not vote their hearts. They vote what they believe is their faith. While you (and I) may disagree with that *choice*, they are free to have whatever faith (or lack thereof) they choose. Understand that voting with your heart is not the same as voting your faith.
"They are very easily manipulated, reference how Jim and Tammy Fay Baker played them like a fiddle and how Bush/Cheney/Rove play them now"
3. Somehow I think throwing up a strawman of a 80's era televangelist and claiming that these poor misguided souls can't tell the difference between a "forgive me for I have sinned" televangelist and an election is not only a bit , IMHO, crude, but highly untrue, unless of course you can provide us with data that shows that former contributors to the Bakkers are now hard-core Republicans. I'm pretty sure you'll find that's not true, since most televangelists prey on the elderly, which have historically been much more democratic leaning.
Today's American Christians appear mostly intolerant of the poor, those who aren't Christian and those out of the main stream, and instead appear to favor wealth and people that are like them in defiance of the real teachings of their religion.
4. Really? not from what I've seen. Christians are bound by faith to serve (see http://www.svdpusa.org/ or http://www.opusdei.org/ as an example or two). I'm curious what you mean by "out of the main stream"
5. One last 'itty bitty point, while I know it's considered "cool" and "correct" to claim that American Christians are somehow all Pro-War, and Pro-Bush, the polls don't support this.
Take a look at http://pewforum.org/docs/index.php?DocID=20 for a pretty good article on it.
Another good article here http://www.christianitytoday.com/ct/2003/112/12.0
>If your the type that needs a service that allows servers, static ips,
> 4 hour service resolutions, higher upload then you can pay extra for
> those things and get a business class connection. That's really what
> it boils down to.
You know, I tried. The problem is that Comcast wouldn't know a business class connection if it reached up and drove them to orgasm through prostate stimulation. The $95 a month "Pro" has a few itty b bitty problems...
1. Web servers (not allowed by the TOS of the Pro package, and they will smack your virtual fingers if you try).
2. The IP space is listed in the same blocks as the dynamic IP's. In other words AOL will still block your mail. I know they *claim* it's separated, but look a bit closer, and chat the friendly folks at AOL, it's not.
3. 384K upstream. for $95 a month you want me to pay for near IDSN speed upstream bandwidth?
4. No SLA. A 4 hour resolution is not a SLA. It's an expected problem ticket turnaround time.
They sell a "Workplace" solution, that's an upgrade to the Pro solution, it's $195 a month. For that you still have the problems 1 and 2. Web servers are allowed in the Workplace solution (remember kids, they are selling this as a business solution), only if they are non-public (they must be password protected). They also install a Comcast managed firewall on the customer premises with the Workplace solution. Extra is charged if you want ports open.
Business class connections, in a nutshell, mean sell me the bandwidth, meet a reasonable SLA, and make sure your architecture is robust.
I spent nearly a month trying to work out a mutually agreeable solution with Comcast business sales, in the end, they were simply not change any of the preexisting TOS term that apply to the "Business Class" connections they sell.
ok, this of off topic, but hey laing, how come no info on your solar page? how did you do it? what materials? who did the wiring for you? How large is your array?
Inquiring minds would love to know (if nothing else, I'd love to see how cost effective it can be).
-- Tadghe
t a d g h e at b a d c o d e dot o r g.
Using the firefox + adblock + flash + proxomitron seems to work just fine with the sites I've been referred to so far
/ only, ads are the textual google ads.
http://environmentalchemistry.com/yogi/periodic
http://dilbert.com/comics/dilbert/archive/ only ads again, are google text ads
http://www.kompas.com/ dear heaven look at all the flash that wants to play, (flash click to view stops them all).
any other examples to try ?
Not sure if your .sig was referring to the top posters comment about the last official qmail release being old or not, but....
netqmail is "comprised of qmail-1.03 plus a patch file, some documentation, and a shell script which prepares the files for compilation"
(to quote the site) Which means it's still been years since the last official qmail release. Netqmail is simply qmail (src) + patches + script to apply patches.
Actually, the better response would be to move Gforge to PEAR or the like and move the DB logic where it belongs (in the DB).
From the gforge faq, on why it doesn't support Mysql (see http://gforge.org/docman/view.php/1/24/faq.html)
"You could do it, but why bother? To quote Tim Perdue - "GForge could not be made to run on the primitive MySQL database without serious hacking, and I won't accept those kinds of changes back into the system. For the amount of work involved in such a project, you'd be better off taking an hour to learn postgres. It's a superior database in every way, with the only point of debate being speed on simple 'hello world' type applications".
It'd be a lot of work because:
1. GForge uses Postgres stored procedures, so you'd have to convert those into PHP functions
2. GForge uses Postgres functions like pg_connect, so you'd have to replace those with the MySQL equivalents
3. GForge uses subselects, so you'd have to rewrite those to use temporary tables or whatever (MySQL 4.1 supports subselects, so once it becomes production-ready, this won't be a barrier anymore)
"
So what they are telling me is that this thing is hard coded around PG specific routines..... That's NOT a good thing, I don't care what they think about Mysql (ditto applies to DB2, SapDB (Now MaxDB), Informix or Sybase).
Someone call me when these guys get a clue.
ackthpt, thank you,
I needed a laugh today.
I'm printing this out for my wall of quotes.
The power of Obj C and the speed of Python...
I'll pass....
I've seen this, and a company using the mod_auth_mysql plugin, the prob is that it still doesn't address the core fact that svn still really doesn't the issue that, add-ons (and that's really all the mod_auth_* plugins are) aside, it wasn't really designed with security as a primary focus.
If I'm going to pitch a SCM tool for a company to use, it's got to have a decent security model, with good accountability. svn as it now stands, just doesn't cut it.
I saw one guy pointing out after reading my post that people might want to read the SVN anti-fud faq. I'd highly agree, especially the parts about blanket read/write permissions for svn native protocol, or the parts about http basic......:).
You forgot to add the insanity of db3/4 to the "horrible things added" (see the SVN anti-fud page, where it rants about the proper care and feeding of db3/4....).
Frankly, the one big problem I see with Subversion is that it, like many of the OSS SCM tools I see out there, has little to no sense of security. This is not a dig to the SVN guys, but how can I reccomend a tool that show so little thought with regards to security when that tool may be the only thing standing between our developers and someone sticking a backdoor/trojan/virus in a piece of code?
.02c from someone who spent the better part of a quarter trying to find a decent OSS SCM tool to replace our CVS and QVCS repositories.
From reading the svn book, the only login security I see that's really supported is HTTP Basic (I dont' see really any docs on SVN's own protocol with regards to this), which is a joke. Looking at it further I see you *could* try and use it with the various mod_auth_* modules (only the ones that work with apache2) , but only to the point where they mimic HTTP Basic.
Unless someone reworks HTTP Basic so it has concepts like account lockout, proper account management, address restrictions (actually you can mimic that with htaccess parms, but it's a PITA), and decent logging, it's not a wise choice.
Digging deeper, SVN uses db3/4 for it's storage, which again, has no idea of resource limitations or access restrictions (and doesn't handle large binaries check-ins well either).
SVN looks like a decent SCM for a really open project, but it doesn't go nearly far enough in fixing the basic problems of CVS with regards to security. The last time I broached this with the SVN guys, the response was more or less "just tunnel it over ssh". That doesn't fix the basic lack of security in the SVN design, and doesn't work with many of the popular SVN add-ons.
my
I'm not the orig poster, but here's your links..
l
http://www.no-smoking.org/july03/07-25-03-2.htm
note, however
"The law also prohibits sales of so-called "children's packs," which have less than 19 cigarettes and popular among youths because they are cheaper."
also
http://fr.news.globalink.org/248182.shtml
for more about the so called "Children's packs"
lol! Where are my Mod points when I need them damnit!