I'm sorry, I'll need a car analogy on that one. It means that you are never sure if your car is in gear or in reverse. So you don't know which direction you will go when step on the gas.
IMO the risk in the US that "they" will ever come for "me" is nil. Your risk of being involved in a terrorist incident in the US has been pretty much 0 always. More people have died as a result of anti-terrorist law enforcement (like the lady in Phoenix a few months ago) and the US-sanctioned Iraq war than at the hands of a terrorist.
They probably won't ever "come for you", but heaven help you if your name ever gets crossed up in the un-person TSA database and you try to leave. My name is mixed up with someone and so I get singled out for special processing every time. I know it's a mistake because they always ask me when I lived in Oakland (the answer is never).
If you've ever lived in a place where terrorism was a real threat (I lived in Mindanao for three years and approximately every year someone successfully set off a bomb in Davao City airport, for example) you would understand exactly how much of a sick joke "security" is in the United States. Something to inconvenience the innocent and nothing else.
How about this plan: anybody, who wishes to maintain an Internet-reachable computer, needs to be licensed Let's just not go there, O.K.? There isn't anyone I would trust as a licensing body and when you bring in the inevitable licsensing fees... er, let's just not go there.
The number of successful attacks is explained by the relative security of the various systems. The number of successful attacks is largely determined by the installed base of the attacked application.
W3 (and Gnus 5 with a Mime add-on, for that matter) on XEmacs 19.14 was easily compromised by a malformed jpeg. There existed numerous stack overflow possibilities in the core XEmacs jpeg code that were fixed in later months, but not released until almost a year later[1]. Did that matter?
As far as I know, and I read over all the bug reports during that time period, there were 0 reported cases of systems being pwned due to XEmacs 19.14 jpeg display bugs. Does that make it secure? Nope.
[1] I accept full blame for that as it became my responsibility after XEmacs 19.14 to release updated versions in timely fashion.
You would have to ask the author of the Storm code that question.
It undoubtedly skews the results and that was my point.
And no. The relative security *cannot* be inferred from the numbers they post. No doubt some, but not all of the infrequency of successful attacks against MacOS X and Linux desktop hosts contribute to their lower numbers, but since the Mac and some Linux distros do things just as evilly as Microsoft does it, their numbers would undoubtedly increase if the attacks against them increased.
The Microsoft Fanboys say that the number of successfully attacked Microsoft Windows XP desktops is due to the relative installation base (and they are correct). The same situation applies here, in the other direction.
The patent says they use audio analysis too. Yeah, that would make sense. Most videos have natural breakpoints built into them that would be suitable to inject advertisements into. Detecting that without a human involved would be innovative.
Books have natural breakpoints too, we call them "chapters".
I too was a Unix user in college and when I got to the real world, I needed to get real world things done so I continued to use it (demanding it at first, because I got hired into a VMS shop, during that time I got a Unix workstation at home which made the situation more comfortable). Later on, when Microsoft Windows started becoming popular and my employers started trying to foist Microsoft Windows on me I was in a quandry. What to do, what to do?
Unfortunately, I have a bad back and I can definitively say that I am most productive at work when I am sitting, reclined with my feet resting on top of a Microsoft Windows box beneath my desk, while typing at a Linux/Unix workstation. Microsoft Windows is too painful and broken to actually use, but it makes a great therapeutic device. I'm in the unfortunate situation now that I got permission at work to install a real O/S on that device (RHEL) and the Sun Workstation I also have makes a most inappropriate footrest. Ah well, it was nice going back to KDE after dealing with the mild unpleasantness of CDE.
Back to the article and interestingly enough, I'm right in the middle of a fascinating shell/command line discussion on the Tokyo Linux Users Group mailing list.
I use Linux because it is the system I've dreamed about having for all my adult life and I enjoy most running software that I've had a hand in developing. MacOS X is passable, but not quite the same thing.
By itself the figure is worthless. On the other hand stats indicating how the sites were compromised would be much more valuable. Whew. I was beginning to think no one posting here had a clue. Sad though, that you haven't been moderated up yet.
The most "popular" attack method recently has been the Storm botnet. It specifically *does not* target Microsoft Windows 2003 Server. It's very easy to get low numbers when you are not a popular target.
You missed the point too. The supposedly ultra-powerful, ultra-huge, botnet that has consumed a vast portion of the internet, Storm, is specifically coded to not attack Microsoft Windows 2003 servers and only attacks Linux/Apache servers.
And you were moderated +5 informative? Bah! I want my fair share of the crack everyone seems to be smoking.
For reference there have been no exploits at all in IIS 6.0, which comes with Windows 2003 Well, duh. As you and the other Microsoft Fanboys here like to point out to us when it comes to desktop attacks, you're not being targeted and we are. The Storm botnet was aimed at Linux/Apache servers and specifically avoided Microsoft Windows 2003 Server.
And another quote from Microsoft Fanboys that I'll throw back at you, "you just don't have enough market share to care about."
Not to defend sloppy admin practices, but I despise hypocracy.
Given the proportion of Apache servers to IIS servers on the Internet, I don't think the ~280% difference is that strange. Please take into account the fact that Storm botnet attack specifically avoided attacking Microsoft Windows 2003 Server. That was posted here, some time ago.
How many of the Apache attacks came from Storm? Inquiring minds want to know!
*All* of the numbers are quite small compared to what I would have expected given the reported number of members of the Storm botnet.
Come on admit it, even microsoft can throw together some pretty neat stuff. Their BASIC interpreter was pretty neat, but what else have they thrown together that they didn't buy out?
The first thought on my mind is, who did they buy this technology from?
He may be a coauthor of string theory, but he was also an Art Bell regular on Coast to Coast. That says a lot to me about his thinking. And thinking of the guys who were posting about time travel up higher, I recall that Art Bell regularly opened the phone lines exclusively for people claiming to be time travelers. Whee!
Is there any legal indication that the GPL is revocable? Er, that's what all the commotion was about a few months ago regarding the GPL V3 and the licensing of the Linux Kernel. Specifically, if you add the "or any later version" clause, you are at the mercy of Richard Stallman to not change the license in a manner that you disagree with.
So yes, if some day there is a GPL V4 that had that kind of language in it and you had the code licensed with the "or any later version" clause, you could.
The fact that the GPL can be changed without your express consent is exactly why Linus made the kernel GPL V2 only.
I'm honestly worried that MS might use this as a chance to slip an infringing landmine into the linux source code. Don't be. The rules for inclusion of source into Linux state: (from Documentation/SubmittingPatches)
The sign-off is a simple line at the end of the explanation for the patch, which certifies that you wrote it or otherwise have the right to pass it on as a open-source patch. The rules are pretty simple: if you can certify the below:
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
then you just add a line saying
Signed-off-by: Random J Developer
using your real name (sorry, no pseudonyms or anonymous contributions.) Given Linus' current email address and the language of the above, I would presume that the Linux Foundation wrote it.
He's long since lost any semblance of credibility. Jeff Merkey never had any credibility to begin with. He's always been a kooky guy who sometimes like to post drunk. Oh and that was his own admission on lkml after a particularly bizaare rant. That was around 1996 or 1997.
Wikipedia is still one of the best bargains in the world. Could you explain this to me? Never mind the editing part. Why does Jeff Merkey rate a Wikipedia page at all? I know him as a guy who makes wild drunken posts to lkml from time to time.
Anyway, having an entry on Jeff Merkey sure brings new meaning to "You get what you pay for".
You are still paying for a Microsoft license that will never be used and you have no guarantee that there's driver coverage for that particular model.
There's no particular guarantee that *any* other O/S besides the one preinstalled will run on any given PC (particularly notebooks), including different versions of the same O/S, like Microsoft Windows XP and Vista.
I remember well the hundreds of pages of assembly language with no comments, Heh. The first project I ever worked on professionally had something like that. The module that computed partial differential equations had no comments whatsoever except for a comment at the top that read - "I had to strip the comments out of this because it overflowed the Apple ][ P-System's memory when assembling, sorry."
What Microsoft HAS proven (repeatedly) is that it considers compliance with standards to be a relative term. What Microsoft has proven repeatedly is that what they promise and what is finally delivered often bear little relationship to each other.
I have little faith in them to deliver a working product. Does anyone else remember the "free" streaming media player they released for Linux about 10 years ago when they were trying to kill RealAudio? I downloaded that expecting something, but I never got a sound nor any video out of it. I'm not sure if it was intended to work at all.
Truth be told, if Microsoft sold a (working) media player for Linux, I'd buy it. But they don't.
I'm surprised by this announcement, because I assumed the reason they made the decisions they did had to do with supporting old versions of their system. Maybe they came up with some convoluted work-around to not break them. Not that I particularly care. IE8 most certainly will not work on any system I use and I've become an Opera fan (why couldn't they sell Linux versions way back when? Stupid, stupid. Netscape was so broken and Opera is so good, it would have been worth paying a license fee for it) anyway.
Now if only I could link XEmacs as an external editing widget to Opera (or any browser), browsers wouldn't be broken any more.
That is strange as hell. Well, I can understand why you didn't like the chanting - that freaks me out as well but it's hardly just Soka Gakkai, they all do that, and Christians freak me out too. But *dragged*? That's a figure of speech. The marriage went downhill very fast the Saturday morning she expected me to go to Shinanomachi and I was hung over from a sanjikai with my company the evening before (and she punched me).
Never mind Christians. That is not part of the discussion. I tolerate all religions, I do not tolerate in the *slightest* proselytism. Period. Maybe you can grok from that where I stand on Christianity.
Was this a long time ago, btw? Around 2000. Her family was from Ishioka, Ibaraki-ken and I visited there once (after we were married) and she wore a big hat and hood and generally tried very hard not to recognizable when she was with me. When it came time to visit her family, she had me wait around town and the looks I got from some of the people while I was alone still make me shudder. I like Japan a lot and I've had pleasant experiences there, but *not* in Ishioka. This is a separate issue, her family was not Soka Gakkai.
I bet your ex-wife's parents had a bad experience with a gaijin once, and will always despise them! Well, um, yes and because of her. Her previous "boyfriend", a married(!) Iranian, was one of the most horrible people I've ever had to clean up after, he left her with a huge debt that I paid off. Sigh.
Now this is where it starts getting weird for me. Why the fucking hell did you show up for a job interview with the fucking Scientologists. This was something like 1987, before they started getting really evil on Usenet.
And what the hell is this about Ikeda? And I can see that you've never been subscribed to the daily SGI newspaper like I was, nor have you talked to SGI people in Japan.
The top of the headline page, just about every day is a story on Ikeda.
What kind of ordinary person considers it significant to announce renouncing nuclear weapons when he is a citizen of a country that does not possess them?
Hubbard and Ikeda are nutcases.
I don't mean to sound like an asshole here but your tarring a whole race with the brush of a single experience is pretty bad. Nope. I have nothing against Japanese in general. Under certain circumstances, I'd even consider going back to work and live there. I have *everything* against SGI and I despise them. They are nutcases and they abandoned my ex-wife when she needed them the most.
Everyone I know who's involved with Japan has a love/hate relationship with the place. Hell, I have that towards most countries including America - which also takes my fingerprints btw. Yours is tending unhealthily towards hate and I suggest trying to get over that or just get out of there, it'll eat you up. It's not. Other things being equal, I'd love to go back and work in Central Tokyo and have season tickets to see my beloved Yakult Swallows and go to the Ryugokukokugikan every few months to see live Sumo. I certainly enjoyed being there a lot more than where I am now. California has been taken over by Nazis and it is far from the place I grew up in.
I watched Sumo on TV as recently as a couple months ago and that's about as recent as it gets, until the Haru Basho in Nagoya starts.
I guess I better add that I've been to the Church Of Scientology chief temple too - on a job interview back in the 1980s. The job interview didn't go anywhere, they really weren't interested in a non-Scino for the job, but the emotions I felt there were similar to those I felt in Shinanomachi and the way they worship Ikeda (like the altar to L. Ron Hubbard in LA) is something I do not care for.
I have been to the headquarters of both of those organizations and I say they are basically the same.
Slashdot Mirror
I like people who think. I think I'll have another beer.
They probably won't ever "come for you", but heaven help you if your name ever gets crossed up in the un-person TSA database and you try to leave. My name is mixed up with someone and so I get singled out for special processing every time. I know it's a mistake because they always ask me when I lived in Oakland (the answer is never).
If you've ever lived in a place where terrorism was a real threat (I lived in Mindanao for three years and approximately every year someone successfully set off a bomb in Davao City airport, for example) you would understand exactly how much of a sick joke "security" is in the United States. Something to inconvenience the innocent and nothing else.
W3 (and Gnus 5 with a Mime add-on, for that matter) on XEmacs 19.14 was easily compromised by a malformed jpeg. There existed numerous stack overflow possibilities in the core XEmacs jpeg code that were fixed in later months, but not released until almost a year later[1]. Did that matter?
As far as I know, and I read over all the bug reports during that time period, there were 0 reported cases of systems being pwned due to XEmacs 19.14 jpeg display bugs. Does that make it secure? Nope.
[1] I accept full blame for that as it became my responsibility after XEmacs 19.14 to release updated versions in timely fashion.
You would have to ask the author of the Storm code that question.
It undoubtedly skews the results and that was my point.
And no. The relative security *cannot* be inferred from the numbers they post. No doubt some, but not all of the infrequency of successful attacks against MacOS X and Linux desktop hosts contribute to their lower numbers, but since the Mac and some Linux distros do things just as evilly as Microsoft does it, their numbers would undoubtedly increase if the attacks against them increased.
The Microsoft Fanboys say that the number of successfully attacked Microsoft Windows XP desktops is due to the relative installation base (and they are correct). The same situation applies here, in the other direction.
Books have natural breakpoints too, we call them "chapters".
Eh? -ENOSENSE.
It was coded not to infect Microsoft Windows 2003 Server. It attacks Microsoft Windows desktop machines. The article is about server attacks.
I too was a Unix user in college and when I got to the real world, I needed to get real world things done so I continued to use it (demanding it at first, because I got hired into a VMS shop, during that time I got a Unix workstation at home which made the situation more comfortable). Later on, when Microsoft Windows started becoming popular and my employers started trying to foist Microsoft Windows on me I was in a quandry. What to do, what to do?
Unfortunately, I have a bad back and I can definitively say that I am most productive at work when I am sitting, reclined with my feet resting on top of a Microsoft Windows box beneath my desk, while typing at a Linux/Unix workstation. Microsoft Windows is too painful and broken to actually use, but it makes a great therapeutic device. I'm in the unfortunate situation now that I got permission at work to install a real O/S on that device (RHEL) and the Sun Workstation I also have makes a most inappropriate footrest. Ah well, it was nice going back to KDE after dealing with the mild unpleasantness of CDE.
Back to the article and interestingly enough, I'm right in the middle of a fascinating shell/command line discussion on the Tokyo Linux Users Group mailing list.
I use Linux because it is the system I've dreamed about having for all my adult life and I enjoy most running software that I've had a hand in developing. MacOS X is passable, but not quite the same thing.
The most "popular" attack method recently has been the Storm botnet. It specifically *does not* target Microsoft Windows 2003 Server. It's very easy to get low numbers when you are not a popular target.
What's the frequency, Kenneth?
You missed the point too. The supposedly ultra-powerful, ultra-huge, botnet that has consumed a vast portion of the internet, Storm, is specifically coded to not attack Microsoft Windows 2003 servers and only attacks Linux/Apache servers.
And you were moderated +5 informative? Bah! I want my fair share of the crack everyone seems to be smoking.
And another quote from Microsoft Fanboys that I'll throw back at you, "you just don't have enough market share to care about."
Not to defend sloppy admin practices, but I despise hypocracy.
How many of the Apache attacks came from Storm? Inquiring minds want to know!
*All* of the numbers are quite small compared to what I would have expected given the reported number of members of the Storm botnet.
The first thought on my mind is, who did they buy this technology from?
He may be a coauthor of string theory, but he was also an Art Bell regular on Coast to Coast. That says a lot to me about his thinking. And thinking of the guys who were posting about time travel up higher, I recall that Art Bell regularly opened the phone lines exclusively for people claiming to be time travelers. Whee!
So yes, if some day there is a GPL V4 that had that kind of language in it and you had the code licensed with the "or any later version" clause, you could.
The fact that the GPL can be changed without your express consent is exactly why Linus made the kernel GPL V2 only.
patch, which certifies that you wrote it or otherwise have the right to
pass it on as a open-source patch. The rules are pretty simple: if you
can certify the below:
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
then you just add a line saying
Signed-off-by: Random J Developer
using your real name (sorry, no pseudonyms or anonymous contributions.) Given Linus' current email address and the language of the above, I would presume that the Linux Foundation wrote it.
Anyway, having an entry on Jeff Merkey sure brings new meaning to "You get what you pay for".
You live up to your alias at least.
You are still paying for a Microsoft license that will never be used and you have no guarantee that there's driver coverage for that particular model.
There's no particular guarantee that *any* other O/S besides the one preinstalled will run on any given PC (particularly notebooks), including different versions of the same O/S, like Microsoft Windows XP and Vista.
Whee!
Hell, a better solution is to get a divorcee to do it. Many of us would love to be millions of miles away from an ex-wife.
I have little faith in them to deliver a working product. Does anyone else remember the "free" streaming media player they released for Linux about 10 years ago when they were trying to kill RealAudio? I downloaded that expecting something, but I never got a sound nor any video out of it. I'm not sure if it was intended to work at all.
Truth be told, if Microsoft sold a (working) media player for Linux, I'd buy it. But they don't.
I'm surprised by this announcement, because I assumed the reason they made the decisions they did had to do with supporting old versions of their system. Maybe they came up with some convoluted work-around to not break them. Not that I particularly care. IE8 most certainly will not work on any system I use and I've become an Opera fan (why couldn't they sell Linux versions way back when? Stupid, stupid. Netscape was so broken and Opera is so good, it would have been worth paying a license fee for it) anyway.
Now if only I could link XEmacs as an external editing widget to Opera (or any browser), browsers wouldn't be broken any more.
Never mind Christians. That is not part of the discussion. I tolerate all religions, I do not tolerate in the *slightest* proselytism. Period. Maybe you can grok from that where I stand on Christianity. Was this a long time ago, btw? Around 2000. Her family was from Ishioka, Ibaraki-ken and I visited there once (after we were married) and she wore a big hat and hood and generally tried very hard not to recognizable when she was with me. When it came time to visit her family, she had me wait around town and the looks I got from some of the people while I was alone still make me shudder. I like Japan a lot and I've had pleasant experiences there, but *not* in Ishioka. This is a separate issue, her family was not Soka Gakkai. I bet your ex-wife's parents had a bad experience with a gaijin once, and will always despise them! Well, um, yes and because of her. Her previous "boyfriend", a married(!) Iranian, was one of the most horrible people I've ever had to clean up after, he left her with a huge debt that I paid off. Sigh. Now this is where it starts getting weird for me. Why the fucking hell did you show up for a job interview with the fucking Scientologists. This was something like 1987, before they started getting really evil on Usenet. And what the hell is this about Ikeda? And I can see that you've never been subscribed to the daily SGI newspaper like I was, nor have you talked to SGI people in Japan.
The top of the headline page, just about every day is a story on Ikeda.
What kind of ordinary person considers it significant to announce renouncing nuclear weapons when he is a citizen of a country that does not possess them?
Hubbard and Ikeda are nutcases. I don't mean to sound like an asshole here but your tarring a whole race with the brush of a single experience is pretty bad. Nope. I have nothing against Japanese in general. Under certain circumstances, I'd even consider going back to work and live there. I have *everything* against SGI and I despise them. They are nutcases and they abandoned my ex-wife when she needed them the most. Everyone I know who's involved with Japan has a love/hate relationship with the place. Hell, I have that towards most countries including America - which also takes my fingerprints btw. Yours is tending unhealthily towards hate and I suggest trying to get over that or just get out of there, it'll eat you up. It's not. Other things being equal, I'd love to go back and work in Central Tokyo and have season tickets to see my beloved Yakult Swallows and go to the Ryugokukokugikan every few months to see live Sumo. I certainly enjoyed being there a lot more than where I am now. California has been taken over by Nazis and it is far from the place I grew up in.
I watched Sumo on TV as recently as a couple months ago and that's about as recent as it gets, until the Haru Basho in Nagoya starts.
I guess I better add that I've been to the Church Of Scientology chief temple too - on a job interview back in the 1980s. The job interview didn't go anywhere, they really weren't interested in a non-Scino for the job, but the emotions I felt there were similar to those I felt in Shinanomachi and the way they worship Ikeda (like the altar to L. Ron Hubbard in LA) is something I do not care for.
I have been to the headquarters of both of those organizations and I say they are basically the same.