one where you may have perfect visibility of potential dangers.
Speeding is always perfectly safe until it isn't. It's one of the leading cause of accidental death in developed countries and is THE number one cause of teen deaths.
Laws based on fixed speed/rules suck.
Translation: Speeding laws suck, they shouldn't apply to me. Only other people are bad drivers.
Traffic police should be required to prove that it was dangerous every time.
Yes, they I should have experiments and arrive at some sort of a "maximum speed." They could even put it on a sign.
Sure. "I've had enough of your bullshit" means you've been so intellectually outclassed that it was humiliating. What, I'm so wrong that you can't be moved to rebut even a single point with sound reasoning or logic?
You're incapable of understanding what is and is not possible
Yes...me and the rest of the world that lives in reality. Run along now, I think some other high-tech industry is in need of your bullshit speculation in microeconomics.
There is no solution to eliminate piracy because there is no DRM model that works.
Key validation works fine for online games, which is a very strange definition of "no." Game DRM is typically licensed, and is a fixed cost, so its cost is marginal relative actual development, and serves as an effective deterrence against casual pirating. Many people wouldn't even give it a second thought unless the DVD they burned for a friend refused to play.
And to say pricing is irrelevant to piracy indicates you really have no understanding of economics.
I'll try to say this as simply and directly as possible: you can't reduce piracy by lowering the price. That's why game companies implement DRM (which only has fixed cost) as opposed to just lowering the price (which gives up marginal revenue on every copy). To say price is relevant to piracy indicates you really have no understanding of economics.
Note that a lot of the income from World of Goo came from the name-your-price deal.
But it didn't necessarily raise their profits. The leakage that occurred was probably massive - the people who would've paid the full retail price, but paid far less because they they were able to name their own price. There is only a finite number of people who will buy your game. Thus, it is important to consider the price, and not just the number of sales. And I am 100% certain that the major game studios have studied this number longer than you have, with smarter people than you or me. Even someone as stupid and hardheaded as you would admit this is true.
Let's also consider that World of Goo is a special case, benefiting from heavy media coverage for using a novel pricing model. If they had perpetually sold the game at $2 instead of $20, they'd have to sell 10 times the number of copies they would've sold originally. Assuming those who would pay $20 would also pay $2, you'd have to find an additional 9 customers for every 1 who has already paid. This doesn't sound too implausible, until you realize it would never work if everyone did it, because there aren't that many people in the world. Think about it: if everyone in the games industry slashed their prices by 90%, existing customers would have to purchase games at 1000% of their current rate for it to work out for sellers.
And that's just to fucking break even.
The problem is that the marginal utility of games goes down sharply as you purchase more (because you only have a limited amount of free time to play them) and your purchases would not go up by a factor of 10 if the price dropped 90%, not even close.
Of course, there are new customers who would buy a game instead of pirating if the price were lowered. Your assumption, holding existing sales constant, is that these people outnumber current customers at a rate of 9:1. If we assume that current customers would double their purchases (rather generous in my opinion), you are still looking at a ratio of 4.5:1. The numbers don't look very plausible even if you triple, quadruple, or quintuple your assumptions from the first segment.
Considering that we already have evidence that suggests people pirate games about 9:1, what you are really saying is that there is a population of non-pirating, waiting-to-be gamers (which is mostly disjoint from current buyers and pirates) in the same order of magnitude as the population that currently pirates games.
Which is utter horseshit.
You may have found specific examples of second or third tier developers who are overpricing their software (and reaping suboptimal profits because of it), but that does not indicate there is a systematic problem with video game pricing. Notice that even Valve only ran their 75% discounts as an experiment, negating your theory that they can optimize profits by permanently lowering prices (or, you know, they would've done so, don't you think?).
Try reading what I wrote rather than what you think I wrote.
I quoted your words verbatim. Feel free to point out specific cases where I misquoted you, because I am willing to bet money that I didn't.
Your hypothesis seems to be that nobody would ever pay for a game they could get for free.
No...no, I didn't say that. I said your absurd idea for "fixing" the piracy problem by lowering prices is useless because we already both agree that the class of people who pirate games aren't going to pay for them even if it were only a nickel.
Here, let me break it down for you in plain english:
There are 3 classes of players:
Those who will buy the game at the asking price.
Those who would buy the game, but currently won't, because the price is too high.
Those who won't buy the game even if it were a nickel, because they can get it for free. These people do not value fairness or honesty.
You are advocating lowering the price of the game to increase sales to segment 2, but you already readily admitted that those in group 3 wont buy it no matter the price. This does absolutely nothing to lower piracy.
You also said that piracy losses are imaginary. I called you on it, and you still won't admit you were clearly wrong and factually incorrect about that.
Valve's price experiment was interesting, except you forgot to mention their games are multiplayer only and can't be pirated to work online. Thus, they have no free, perfect substitute and the economics are different from singleplayer games that can be cracked. Obviously, piracy is not a problem for Valve because more of the people from group 3 are forced into groups 1 and 2. This is actually proof that piracy losses are not imaginary, but very real.
The fact that games like World of Goo (which can be cracked unlike Valve's) has stunning piracy rates even though the seller had a name-your-price deal, offering the full legal game for as low as 1 penny is evidence that there is no known solution to piracy except a DRM model that works: online key validation and a multiplayer-only model. The pricing issue is completely irrelevant.
So you can continue misinterpreting your "evidence" and peddling naive solutions to a difficult problem on slashdot all you want, just don't delude yourself into thinking you are so smart you know how to fight piracy and price games better than the games industry, because you don't.
Apparently I learned it in a better school than you did.
Provably false. Your grasp of piracy and even basic economics is far from even plausible, nevermind factually true. Here is a choice quote:
Most piracy losses are imaginary. Most pirates are people who wouldn't buy the game even if it were a nickel.
This is incorrect, because if piracy were impossible, there is undoubtedly some proportion of the pirates (less than 100 percent to be sure) that would pay for the game, but they choose not to because there is a free alternative that is just as good. If the good you are selling has a perfect substitute and is free, how does that make your losses "imaginary?" Answer: it doesn't.
Your timed auctions idea is also terrible. You are living in a fantasy world where the seller gets to extract the highest price everyone is willing to pay, which only works if no one knows what everyone else is paying. When pricing information is shared among buyers, it falls apart. Why would someone be willing to bid 50 for something if he knows that someone else could get it for 20 by simply waiting a little longer? Answer: they wouldn't. You would rapidly get price convergence and be right back where you started, except now it takes longer to sell the product and more time for customers to get it.
The deadweight loss (that's the term by the way, its taught in introductory microeconomics) is already somewhat mitigated by price segmentation - that's what collectors' editions of games are for. For the lower end of the market, they can wait the 1 or 2 years to get the game in the bargain bin. In conclusion: game publishers already do market segmentation, except in a better way than you proposed.
In addition to not understanding what I proposed, you are making the common mistake of assuming that people place no value on fairness or honesty.
Nonsense. Your argument boils down to lowering the price to increase sales, which has absolutely nothing to do with reducing piracy at all, because we already established pirates don't buy no matter the price as long as they can get it for free.
The best way of pricing, might actually be an auction scheme. Where price is associated with demand, with the seller limiting daily or hourly supply.
Brilliant, why didn't they think of that? Since you are against DRM, they will be auctioning downloads of the game...without DRM, right? And that would work because...why again? Where did you learn economics again?
It works both ways because the pirates will also play from behind NATs and many pirates would decline to submit their scores, lowering the true count of actual pirated copies. The numbers could skew higher or lower depending on your assumptions. In fact, all the caveats are mentioned in your article.
So if people like you hate the demo you go and pirate the game instead of paying for it? Don't get me wrong - it does sound terrible, that doesn't justify not paying for something.
Customer implies a relationship with a specific company. Consumer is a broader term for one that participates in an economy by purchasing as opposed to producing - no inferior connotation is implied. You just made up that definition.
all seem to have this idea that they are entitled to more of the profits
Just a small nitpick: taking a larger share of gross revenue != more of the profits. Legitimate expenses such as editing and marketing come into play. There isn't anything I know of that indicates that publishers are getting more of the actual profits. Otherwise I agree with your assertion.
What I do find interesting is how closely related all of this is to music piracy and DRM. Everyone on slashdot seems to think it is a crime to want to sell music with drm, and conclude that the artist deserves to be pirated for such an offense. However, I don't see that argument being made here with respect to ebooks.
The drm and copyright problem is more sinister and nuanced than most people realize. Many people argue that music artists shouldn't have the right to sell their music, they should give it away for free and perform live to make their livings.
Only if you think reviewing the thousands of "reports" submitted to claim a bounty can be done for free. You could easily spend millions (e.g., ~10 employees) going through the list and not find a single actionable bug. You think every report is going to be a genuine, original vulnerability? Get real.
Do you think that offering a bounty provides a disincentive, and would result in fewer reports?
There is substantial evidence from the field of psychology that paying for something displaces the original incentive to do it for free. If Google and Mozilla ever ended their bounty program, their rate of reports is virtually guaranteed to fall below the reporting rate from before the bounty was offered. I encourage you to look at the contemporary research in human motivation.
NASA doesn't make the details of their designs available to the general public
...and you've inadvertently stumbled on the answer, congratulations. Microsoft's programs are closed source, which is an important difference. Their testers can do full white-box vulnerability assessments and will be able to do more than some guy who picked up the DVD at Best Buy.
You're implying that Microsoft is either stupid or stingy and that they made the wrong call. I'm pretty sure they thought about it longer than you did, with more metrics and research than you have, and just decided it wasn't worth it. Perhaps you should consider this a possibility instead of just assuming you're right.
How many of those "large number of (well paid) test engineers whose full time jobs are to find bugs" are focused on discovering new vulnerabilities
A: More than you could get by offering Joe Public 3000 dollars to look for buffer overflows in Microsoft Outlook. Granted, both approaches are not mutually exclusive.
Why doesn't NASA offer $3000 for each reported flaw in their space vehicle designs? A: It probably couldn't hurt, but it's most likely a giant waste of time.
And, since your argument now seems to be that money is not what drives people to find vulnerabilities...
Not an argument. A fact. Many people report bugs to Microsoft without compensation, why start paying for them now?
...what do you propose drives the "bad guys" to find them?
Assuming that you're saying Microsoft should try to bribe malware authors into reporting the vulnerabilities they are exploiting: It won't work. The "bad guys" aren't going to give up their living for some petty one-time cash payment. That pretty much leaves the white hats, who are already paid, and Joe Public. See above for why Joe Public is not the best source of vulnerability reports.
Might also have to do with the fact that their products are closed source. Certainly makes it harder to do anything much more than brute force guess-and-check type exploits.
Actually, my claim doesn't support his. He claimed that Microsoft "can't afford" or chooses not to pay people to find bugs in their software. I asserted this was false because of the large number of (well paid) test engineers whose full time jobs are to find bugs.
Are you trying to claim that all those test engineers find all the vulnerabilities in MS products before release?
I never even came close to making such a claim. Nice try though.
If there weren't lots of bugs to be found, they wouldn't need so many test engineers.
I'm not sure what point you're trying to make. Anyone with even rudimentary exposure to software development or testing theory understands that having tests is not a sign that a product is buggy. Quite the opposite actually.
The fact is that Microsoft's products are heavily tested and they care a lot about security (backed up with money to pay for testers -- lots of them). This isn't to say that they are perfect or never make bad security design decisions, but any assertion that they don't care about security or bugs is provably false.
Or it could be because they would be bankrupt within the week.
But why? It's not like there's likely to be millions and millions of bugs that Microsoft doesn't already know about. Bounties are only awarded for previously unreported bugs, otherwise there would be no limit to how much anyone could collect from the company. It is doubtful that Microsoft's decision was primarily because of what it would actually cost them in payouts.
A lot of Microsoft teams have more test engineers than dev engineers. On more mature products, it has been this way for decades now. So your jab, while comical, is far from the truth.
Re:United States Government Accountability Office?
on
Top Secret America
·
· Score: 1, Insightful
Evidently, PBS and the WP think the little stuff you know about national security is going to aid you in your decision to determine whether or not your tax dollars are being appropriately spent.
Brilliant. You've highlighted the paradox. We can't judge the effectiveness of security programs because they rely on secrecy to be effective, and knowing enough to judge their effectiveness destroys their effectiveness.
A cruel and unusual system for which there is no obvious solution, and which there is really no one to blame.
Rapid application development has its place. The point is to iterate quickly and have short milestones, it doesn't have anything to do with "shove stuff out the door and stop maintaining it."
That said, the majority of software projects, in my experience, would be much better off adopting a more waterfall-like development model rather than that agile crap or whatever the latest buzzword is. Obviously a system designed that affects the entire fricken internet is one such example.
...Says the person who enjoys the right to peace and quiet in his own home. Free speech rights are necessarily abridged to protect the rights of private property owners, among other things such as public safety and the reputations of private citizens. You don't have an unlimited right to say whatever you want wherever you want; that's not what free speech means. You sure you want to make this argument?
this is purely academic, but said padding would not be entirely consistent across different calls to the sleep() method since the os only guarantees a minimum sleep time, not necessarily an exact sleep time. This can happen if the thread or process is switched out and the thread is not made active again until after the minimum time has already elapsed.
That said, this delay-padding method should effectively reduce the delay to random statistical noise rather than any pattern that can identify the results of the string comparisons, so it should work regardless.
Compromise by tyranny is paradoxical, and thus your argument fails to hold any water. And I don't see how you could read from his statement about 'stealing' that he somehow "supports" it.
Methinks youre just a troll.
default configs on routers are a joke. Last I checked, linksys routers still tended towards unsecured wireless networks and default passwords. While extremely convenient, most users will abruptly drop the setup process once they can connect to the internet on their laptop. What the router firmware needs to do is force the user to set up a password and a security protocol before allowing direct access to the internet.
Before this step is taken, every other "security" exploit is a joke in comparison.
The onus is on proponents to show that that interference is fully justified
The legal authority of the patent system is encoded in the US constitution, so your statement is a few hundred years too late. Luckily the constitution has a framework in place to change it, if the people will it.
Slashdot Mirror
one where you may have perfect visibility of potential dangers.
Speeding is always perfectly safe until it isn't. It's one of the leading cause of accidental death in developed countries and is THE number one cause of teen deaths.
Laws based on fixed speed/rules suck.
Translation: Speeding laws suck, they shouldn't apply to me. Only other people are bad drivers.
Traffic police should be required to prove that it was dangerous every time.
Yes, they I should have experiments and arrive at some sort of a "maximum speed." They could even put it on a sign.
You're incapable of understanding what is and is not possible
Yes...me and the rest of the world that lives in reality. Run along now, I think some other high-tech industry is in need of your bullshit speculation in microeconomics.
There is no solution to eliminate piracy because there is no DRM model that works.
Key validation works fine for online games, which is a very strange definition of "no." Game DRM is typically licensed, and is a fixed cost, so its cost is marginal relative actual development, and serves as an effective deterrence against casual pirating. Many people wouldn't even give it a second thought unless the DVD they burned for a friend refused to play.
And to say pricing is irrelevant to piracy indicates you really have no understanding of economics.
I'll try to say this as simply and directly as possible: you can't reduce piracy by lowering the price. That's why game companies implement DRM (which only has fixed cost) as opposed to just lowering the price (which gives up marginal revenue on every copy). To say price is relevant to piracy indicates you really have no understanding of economics.
Note that a lot of the income from World of Goo came from the name-your-price deal.
But it didn't necessarily raise their profits. The leakage that occurred was probably massive - the people who would've paid the full retail price, but paid far less because they they were able to name their own price. There is only a finite number of people who will buy your game. Thus, it is important to consider the price, and not just the number of sales. And I am 100% certain that the major game studios have studied this number longer than you have, with smarter people than you or me. Even someone as stupid and hardheaded as you would admit this is true.
Let's also consider that World of Goo is a special case, benefiting from heavy media coverage for using a novel pricing model. If they had perpetually sold the game at $2 instead of $20, they'd have to sell 10 times the number of copies they would've sold originally. Assuming those who would pay $20 would also pay $2, you'd have to find an additional 9 customers for every 1 who has already paid. This doesn't sound too implausible, until you realize it would never work if everyone did it, because there aren't that many people in the world. Think about it: if everyone in the games industry slashed their prices by 90%, existing customers would have to purchase games at 1000% of their current rate for it to work out for sellers.
And that's just to fucking break even. The problem is that the marginal utility of games goes down sharply as you purchase more (because you only have a limited amount of free time to play them) and your purchases would not go up by a factor of 10 if the price dropped 90%, not even close.
Of course, there are new customers who would buy a game instead of pirating if the price were lowered. Your assumption, holding existing sales constant, is that these people outnumber current customers at a rate of 9:1. If we assume that current customers would double their purchases (rather generous in my opinion), you are still looking at a ratio of 4.5:1. The numbers don't look very plausible even if you triple, quadruple, or quintuple your assumptions from the first segment.
Considering that we already have evidence that suggests people pirate games about 9:1, what you are really saying is that there is a population of non-pirating, waiting-to-be gamers (which is mostly disjoint from current buyers and pirates) in the same order of magnitude as the population that currently pirates games.
Which is utter horseshit.
You may have found specific examples of second or third tier developers who are overpricing their software (and reaping suboptimal profits because of it), but that does not indicate there is a systematic problem with video game pricing. Notice that even Valve only ran their 75% discounts as an experiment, negating your theory that they can optimize profits by permanently lowering prices (or, you know, they would've done so, don't you think?).
An market with unlimited supply and limite
Try reading what I wrote rather than what you think I wrote.
I quoted your words verbatim. Feel free to point out specific cases where I misquoted you, because I am willing to bet money that I didn't.
Your hypothesis seems to be that nobody would ever pay for a game they could get for free.
No...no, I didn't say that. I said your absurd idea for "fixing" the piracy problem by lowering prices is useless because we already both agree that the class of people who pirate games aren't going to pay for them even if it were only a nickel.
Here, let me break it down for you in plain english:
There are 3 classes of players:
You are advocating lowering the price of the game to increase sales to segment 2, but you already readily admitted that those in group 3 wont buy it no matter the price. This does absolutely nothing to lower piracy.
You also said that piracy losses are imaginary. I called you on it, and you still won't admit you were clearly wrong and factually incorrect about that.
Valve's price experiment was interesting, except you forgot to mention their games are multiplayer only and can't be pirated to work online. Thus, they have no free, perfect substitute and the economics are different from singleplayer games that can be cracked. Obviously, piracy is not a problem for Valve because more of the people from group 3 are forced into groups 1 and 2. This is actually proof that piracy losses are not imaginary, but very real.
The fact that games like World of Goo (which can be cracked unlike Valve's) has stunning piracy rates even though the seller had a name-your-price deal, offering the full legal game for as low as 1 penny is evidence that there is no known solution to piracy except a DRM model that works: online key validation and a multiplayer-only model. The pricing issue is completely irrelevant.
So you can continue misinterpreting your "evidence" and peddling naive solutions to a difficult problem on slashdot all you want, just don't delude yourself into thinking you are so smart you know how to fight piracy and price games better than the games industry, because you don't.
Apparently I learned it in a better school than you did.
Provably false. Your grasp of piracy and even basic economics is far from even plausible, nevermind factually true. Here is a choice quote:
Most piracy losses are imaginary. Most pirates are people who wouldn't buy the game even if it were a nickel.
This is incorrect, because if piracy were impossible, there is undoubtedly some proportion of the pirates (less than 100 percent to be sure) that would pay for the game, but they choose not to because there is a free alternative that is just as good. If the good you are selling has a perfect substitute and is free, how does that make your losses "imaginary?" Answer: it doesn't.
Your timed auctions idea is also terrible. You are living in a fantasy world where the seller gets to extract the highest price everyone is willing to pay, which only works if no one knows what everyone else is paying. When pricing information is shared among buyers, it falls apart. Why would someone be willing to bid 50 for something if he knows that someone else could get it for 20 by simply waiting a little longer? Answer: they wouldn't. You would rapidly get price convergence and be right back where you started, except now it takes longer to sell the product and more time for customers to get it.
The deadweight loss (that's the term by the way, its taught in introductory microeconomics) is already somewhat mitigated by price segmentation - that's what collectors' editions of games are for. For the lower end of the market, they can wait the 1 or 2 years to get the game in the bargain bin. In conclusion: game publishers already do market segmentation, except in a better way than you proposed.
In addition to not understanding what I proposed, you are making the common mistake of assuming that people place no value on fairness or honesty.
Nonsense. Your argument boils down to lowering the price to increase sales, which has absolutely nothing to do with reducing piracy at all, because we already established pirates don't buy no matter the price as long as they can get it for free.
Thanks for playing though.
The best way of pricing, might actually be an auction scheme. Where price is associated with demand, with the seller limiting daily or hourly supply.
Brilliant, why didn't they think of that? Since you are against DRM, they will be auctioning downloads of the game...without DRM, right? And that would work because...why again? Where did you learn economics again?
It works both ways because the pirates will also play from behind NATs and many pirates would decline to submit their scores, lowering the true count of actual pirated copies. The numbers could skew higher or lower depending on your assumptions. In fact, all the caveats are mentioned in your article.
So if people like you hate the demo you go and pirate the game instead of paying for it? Don't get me wrong - it does sound terrible, that doesn't justify not paying for something.
Customer implies a relationship with a specific company. Consumer is a broader term for one that participates in an economy by purchasing as opposed to producing - no inferior connotation is implied. You just made up that definition.
False dichotomy. I'm both a consumer and a citizen, aren't you?
all seem to have this idea that they are entitled to more of the profits
Just a small nitpick: taking a larger share of gross revenue != more of the profits. Legitimate expenses such as editing and marketing come into play. There isn't anything I know of that indicates that publishers are getting more of the actual profits. Otherwise I agree with your assertion.
What I do find interesting is how closely related all of this is to music piracy and DRM. Everyone on slashdot seems to think it is a crime to want to sell music with drm, and conclude that the artist deserves to be pirated for such an offense. However, I don't see that argument being made here with respect to ebooks.
The drm and copyright problem is more sinister and nuanced than most people realize. Many people argue that music artists shouldn't have the right to sell their music, they should give it away for free and perform live to make their livings.
What would the book authors do?
Paying a bounty is paying only for results.
Only if you think reviewing the thousands of "reports" submitted to claim a bounty can be done for free. You could easily spend millions (e.g., ~10 employees) going through the list and not find a single actionable bug. You think every report is going to be a genuine, original vulnerability? Get real.
Do you think that offering a bounty provides a disincentive, and would result in fewer reports?
There is substantial evidence from the field of psychology that paying for something displaces the original incentive to do it for free. If Google and Mozilla ever ended their bounty program, their rate of reports is virtually guaranteed to fall below the reporting rate from before the bounty was offered. I encourage you to look at the contemporary research in human motivation.
NASA doesn't make the details of their designs available to the general public
...and you've inadvertently stumbled on the answer, congratulations. Microsoft's programs are closed source, which is an important difference. Their testers can do full white-box vulnerability assessments and will be able to do more than some guy who picked up the DVD at Best Buy.
You're implying that Microsoft is either stupid or stingy and that they made the wrong call. I'm pretty sure they thought about it longer than you did, with more metrics and research than you have, and just decided it wasn't worth it. Perhaps you should consider this a possibility instead of just assuming you're right.
How many of those "large number of (well paid) test engineers whose full time jobs are to find bugs" are focused on discovering new vulnerabilities
A: More than you could get by offering Joe Public 3000 dollars to look for buffer overflows in Microsoft Outlook. Granted, both approaches are not mutually exclusive.
Why doesn't NASA offer $3000 for each reported flaw in their space vehicle designs? A: It probably couldn't hurt, but it's most likely a giant waste of time.
And, since your argument now seems to be that money is not what drives people to find vulnerabilities...
Not an argument. A fact. Many people report bugs to Microsoft without compensation, why start paying for them now?
...what do you propose drives the "bad guys" to find them?
Assuming that you're saying Microsoft should try to bribe malware authors into reporting the vulnerabilities they are exploiting: It won't work. The "bad guys" aren't going to give up their living for some petty one-time cash payment. That pretty much leaves the white hats, who are already paid, and Joe Public. See above for why Joe Public is not the best source of vulnerability reports.
Might also have to do with the fact that their products are closed source. Certainly makes it harder to do anything much more than brute force guess-and-check type exploits.
Are you trying to claim that all those test engineers find all the vulnerabilities in MS products before release?
I never even came close to making such a claim. Nice try though.
If there weren't lots of bugs to be found, they wouldn't need so many test engineers.
I'm not sure what point you're trying to make. Anyone with even rudimentary exposure to software development or testing theory understands that having tests is not a sign that a product is buggy. Quite the opposite actually.
The fact is that Microsoft's products are heavily tested and they care a lot about security (backed up with money to pay for testers -- lots of them). This isn't to say that they are perfect or never make bad security design decisions, but any assertion that they don't care about security or bugs is provably false.
Or it could be because they would be bankrupt within the week.
But why? It's not like there's likely to be millions and millions of bugs that Microsoft doesn't already know about. Bounties are only awarded for previously unreported bugs, otherwise there would be no limit to how much anyone could collect from the company. It is doubtful that Microsoft's decision was primarily because of what it would actually cost them in payouts.
A lot of Microsoft teams have more test engineers than dev engineers. On more mature products, it has been this way for decades now. So your jab, while comical, is far from the truth.
Evidently, PBS and the WP think the little stuff you know about national security is going to aid you in your decision to determine whether or not your tax dollars are being appropriately spent.
Brilliant. You've highlighted the paradox. We can't judge the effectiveness of security programs because they rely on secrecy to be effective, and knowing enough to judge their effectiveness destroys their effectiveness.
A cruel and unusual system for which there is no obvious solution, and which there is really no one to blame.
Rapid application development has its place. The point is to iterate quickly and have short milestones, it doesn't have anything to do with "shove stuff out the door and stop maintaining it."
That said, the majority of software projects, in my experience, would be much better off adopting a more waterfall-like development model rather than that agile crap or whatever the latest buzzword is. Obviously a system designed that affects the entire fricken internet is one such example.
...Says the person who enjoys the right to peace and quiet in his own home. Free speech rights are necessarily abridged to protect the rights of private property owners, among other things such as public safety and the reputations of private citizens. You don't have an unlimited right to say whatever you want wherever you want; that's not what free speech means. You sure you want to make this argument?
this is purely academic, but said padding would not be entirely consistent across different calls to the sleep() method since the os only guarantees a minimum sleep time, not necessarily an exact sleep time. This can happen if the thread or process is switched out and the thread is not made active again until after the minimum time has already elapsed.
That said, this delay-padding method should effectively reduce the delay to random statistical noise rather than any pattern that can identify the results of the string comparisons, so it should work regardless.
Compromise by tyranny is paradoxical, and thus your argument fails to hold any water. And I don't see how you could read from his statement about 'stealing' that he somehow "supports" it. Methinks youre just a troll.
default configs on routers are a joke. Last I checked, linksys routers still tended towards unsecured wireless networks and default passwords. While extremely convenient, most users will abruptly drop the setup process once they can connect to the internet on their laptop. What the router firmware needs to do is force the user to set up a password and a security protocol before allowing direct access to the internet.
Before this step is taken, every other "security" exploit is a joke in comparison.
The onus is on proponents to show that that interference is fully justified
The legal authority of the patent system is encoded in the US constitution, so your statement is a few hundred years too late. Luckily the constitution has a framework in place to change it, if the people will it.
i wanted to post this comment, but does anyone have change for a dollar?