"So I think the GPLv2 is a great license, and I use it for my own personal reasons. I do think that's true of a lot of other people too, but I really want to point out that it's not that the license is somehow ethical per se. A lot of other people think that the BSD license with its even more freedoms is a better license for them. And others will prefer to use a license that leaves all the rights with the original copyright holder, and gives no rights to the sources at all to others. And for them, that is their answer. And it's fine. It's their choice"
> Java-based Trojan discovered in the wild that is being downloaded and installed by another component. This malware behaves like other Windows botnets but uses source code and libraries that can operate on other platforms..
Is there a working demo in the wild that I can click on and get rooted on other non-Windows platforms?
"The district court found that the Cole claims in suit read on a system disclosed in German, French, and British patents issued to Dirks between 1948 and 1957, none of which were considered by the examiner during the prosecution of the Cole patent application. The district court agreed with HLA's assertion that "The Dirks system... is the Cole system implemented in 1940's technology, and, since the Cole claims are drawn to cover all digital systems generically, as opposed to a new implementation, they are anticipated by [the] foreign Dirks' patents"
The principal issue in Appeal No. 83-782 is whether the district court correctly found that claims 1, 2, and 3 of RCA's patent, covering a digital video character generator, are anticipated by the disclosure in the "Dirks" patents. We reverse the holding of invalidity in view of Dirks alonelink
"Data General also contends that the Cole patent was anticipated by the prior art and by a printed publication stored at the Stanford Research Institute" link
"The following stuff is from Electronics magazine, Jan. 3rd 1958 issue.. Generating Characters: Summary Although may plans have been devised in the past for scribing numeric and alphabetic characters on a scope face by spot deflection" link
--
"Cole at RCA developed the technology as part of a response to an FAA RFQ.. a long, long, time ago, back in the dark ages, the 1970's. In the decades of litigation which followed, RCA's FAA bid proved to be the undoing of the Cole patent", sillivalley
The following stuff is from Electronics magazine, Jan. 3rd 1958 issue.. Generating Characters: Summary Although may plans have been devised in the past for scribing numeric and alphabetic characters on a scope face by spot deflection" link
"Data General also contends that the Cole patent was anticipated by the prior art and by a printed publication stored at the Stanford Research Institute. Finally, Data General asserts that the Cole patent is invalid under 35 U.S.C. ? 103 because it was obvious in light of the pertinent prior art. The Court will now examine each of these challenges to Cole's validity" link
"Last Thursday’s Amazon EC2 outage was the worst in cloud computing’s history.. I will try to summarize what happened, what worked and didn’t work, and what to learn from it. I’ll do my best to add signal to all the noise out there" link
"Unless whoever in legal wrote/checked out B&N's statement is a complete moron, fuzzyfuzzyfungus
'Microsoft is misusing these patents as part of a scheme to try to eliminate or marginalize the competition to its own Windows Phone 7 mobile device operating system posed by the open source Android operating system and other open source operating systems.. Barnes & Noble denies the remaining allegations set forth in this paragraph. 15. Denied. 16. Denied. 17. Denied`. link
--
"I assume that that particular line is attached to the broader claim that Microsoft is using patents that are either invalid, overbroad, or irrelevant; but excessively expensive/time consuming to challenge, to do that", fuzzyfuzzyfungus
Do you assume that the Android OS is violating MS patents, if so, explain your reasoning...
Do you mean they've been lying when they sold us our unlimited, always-on connection. In doing so, signed up a bunch of new customers but never spend enough money on upgrading the infrastructure.
"Microsoft has expanded its vulnerability disclosure policy to include not only those in its own products, but also flaws in third-party software that runs on Microsoft operating systems. These will follow the same practices as the advisories issued for Microsoft's products, and it makes sense, because many users look to Microsoft to ensure that their computers are secure, even when the problem lies with a third-party program. The company will contact and coordinate with the third-party vendor before an advisory is issued."
Look, for the umpteemed time, a programming error in an application that leads to a system compromise, is a defect in the underlying Operating System, namely Microsoft Windows/WinNT/Longhorn/Vista/Windows...
`Amazon's "cloud computing" is centralized upon the virtual machine as the hub of the "cloud."'
I think you hit-the-nail-on-the-head there, a centralized anything is always vulnerable to a this kind of failure. For a business with multiple locations a number of servers sited locally in a peer-to-peer configuration would provide a more reliable service. All they rely on is an end-to-end IP connection. If one site goes then the rest can carry on. I do believe this whole cloud computing concept has been over sold.
"For cloud customers willing to pony up a little extra cash, Amazon has an enticing proposition: Spread your application across multiple availability zones for a near-guarantee that it won't suffer from downtime
I would have thought the the entire raison d'etre of moving to the Cloud was to eliminate downtime, else why not rent two boxes in different locations and achieve this near-guarantee uptime without the extra expense not to mention your data totally disappearing when the Cloud goes down...
"On December 16, 2010, counsel for the Government learned that, notwithstanding Googles representations to the public at large, its counsel, the GAO, and this Court, it appears that Googles Google Apps for Government does not have FISMA certification. See Attachments 1-5 to this motion. We immediately contacted counsel for Google, shared this information and advised counsel that we would bring this to the Courts attention".
"According to the GSA, Googles Google Apps Premier received FISMA certification on July 21, 2010. However, Google intends to offer Google Apps for Government as a more restrictive version of its product and, Google is currently in the process of finishing its application for FISMA certification for its Google Apps for Government. See Attachment 3. To be clear, in the view of GSA, the agency that certified Googles Google Apps Premier, Google does not have FISMA certification for Google Apps for Government." link
a) The basic app does have FISMA certification, b) The more "restrictive version" is the more secure version for government, no attempt at deceit here.. link
> I integrate, deploy, and maintain a SCADA system for a large water and waste-water utility.
What development platform do you use?
> the control system for an industrial process augments the process, it does not run it. Thus, if you crash the office computers, everything stops. If you crash a control system, the process keeps doing something, even if it is something that nobody would ever want.
I don't even understand this bit or else you're just talking techno waffle and I've worked in ths industry for decades both hardware and software, if that's supposed to count for anything.
> Industrial processes can't "just shut down" on a whim. To patch a control system you need to get to a place where the process can be safely shut down..
No one in their right mind "patches" a running system.
> revealing software flaws is often a dangerous proposition. By the time we can safely patch something in an industrial control system, there may be tool kits for script kiddies.
How do you design it in such a way that it is accessable to "script kiddies"?
> Do you mean make sure the network the air-conditioner is on is physically isolated from the Internet? Or do you just mean "isolated" via some router magic or other
IPsec running over IP tunnel running on embedded hardware would go along way to defeating such breaches, that they don't implement such solutions owes more to incompetence and we-can't-be-bothered..
"The Australian Government has a list of software holes that are so sensitive they're kept hidden from the public"
What Platform do these software holes run on, what imdemnification do the endusers get from the manufacturers of the Software holes?
"The agency has knowledge of security vulnerabilities that, if publicly disclosed, could grind significant elements of cyber crime to a halt.. the vulnerabilities may be more valuable if they are kept hidden and used as a means to track skittish cyber criminals"
That's the dumbest thing I ever read, as is patently obvious, the crooks are way ahead of the security "professionals".
"If we become aware of control nodes for botnets or those that harvest data that is being ex-filtrated out of a network, we will pass that information on so that it can be blocked at firewalls and organisations can see if they have a compromised machine"
As a security professional, someone should tell Rothery that there any number of ways to bypass a firewall.
"One of the specific concerns is how a bank may protect or deal with an attack against an air-conditioning system charged with the vital role of keeping a datacentre cool"
Solution: don't connect your air-conditioning system to the Internet..:)
"A method and apparatus for generating executable code and resolving data references in the generated code is disclosed"
'The other patents discussed Wednesday are the '702 patent, which describes a method for stripping out redundant class files to make the final code run faster; and the '520 patent, a method for simulating how code will run before it actually runs, then producing more concise code to perform the actual operation'
Slashdot Mirror
"So I think the GPLv2 is a great license, and I use it for my own personal reasons. I do think that's true of a lot of other people too, but I really want to point out that it's not that the license is somehow ethical per se. A lot of other people think that the BSD license with its even more freedoms is a better license for them . And others will prefer to use a license that leaves all the rights with the original copyright holder, and gives no rights to the sources at all to others. And for them, that is their answer. And it's fine. It's their choice"
> Java-based Trojan discovered in the wild that is being downloaded and installed by another component. This malware behaves like other Windows botnets but uses source code and libraries that can operate on other platforms ..
Is there a working demo in the wild that I can click on and get rooted on other non-Windows platforms?
OK, you don't expect me to read the whole thing did you ?
> MS were bad to embrace and extend Java to create platform lock-in. Google are good to do so, right?, Hazel Bergeron
When Google claims to own JAVA and demands royalties for JAVA running on Windows, then they'll be just as evil as Microsoft :)
Under Linux delete the ~/.macromedia directory ...
"The district court found that the Cole claims in suit read on a system disclosed in German, French, and British patents issued to Dirks between 1948 and 1957, none of which were considered by the examiner during the prosecution of the Cole patent application. The district court agreed with HLA's assertion that "The Dirks system ... is the Cole system implemented in 1940's technology, and, since the Cole claims are drawn to cover all digital systems generically, as opposed to a new implementation, they are anticipated by [the] foreign Dirks' patents"
The principal issue in Appeal No. 83-782 is whether the district court correctly found that claims 1, 2, and 3 of RCA's patent, covering a digital video character generator, are anticipated by the disclosure in the "Dirks" patents. We reverse the holding of invalidity in view of Dirks alone link
"Data General also contends that the Cole patent was anticipated by the prior art and by a printed publication stored at the Stanford Research Institute" link
"The following stuff is from Electronics magazine, Jan. 3rd 1958 issue .. Generating Characters: Summary Although may plans have been devised in the past for scribing numeric and alphabetic characters on a scope face by spot deflection" link
--
"Cole at RCA developed the technology as part of a response to an FAA RFQ .. a long, long, time ago, back in the dark ages, the 1970's. In the decades of litigation which followed, RCA's FAA bid proved to be the undoing of the Cole patent", sillivalley
Do you have any citations for all this?
--
The following stuff is from Electronics magazine, Jan. 3rd 1958 issue .. Generating Characters: Summary Although may plans have been devised in the past for scribing numeric and alphabetic characters on a scope face by spot deflection" link
"Data General also contends that the Cole patent was anticipated by the prior art and by a printed publication stored at the Stanford Research Institute. Finally, Data General asserts that the Cole patent is invalid under 35 U.S.C. ? 103 because it was obvious in light of the pertinent prior art. The Court will now examine each of these challenges to Cole's validity" link
I find Firefox running on Lubuntu from a USB device runs faster than Windows on the same hardware ...
"Last Thursday’s Amazon EC2 outage was the worst in cloud computing’s history .. I will try to summarize what happened, what worked and didn’t work, and what to learn from it. I’ll do my best to add signal to all the noise out there" link
> Approximately one billion Slashdot readers wrote in to tell us today that one of two distributions had releases:
You have a million million or 10^12 readers ?
Ubuntu is a fast, secure and easy-to-use operating system used by millions of people around the world.
"Unless whoever in legal wrote/checked out B&N's statement is a complete moron, fuzzyfuzzyfungus
'Microsoft is misusing these patents as part of a scheme to try to eliminate or marginalize the competition to its own Windows Phone 7 mobile device operating system posed by the open source Android operating system and other open source operating systems .. Barnes & Noble denies the remaining allegations set forth in this paragraph. 15. Denied. 16. Denied. 17. Denied`. link
--
"I assume that that particular line is attached to the broader claim that Microsoft is using patents that are either invalid, overbroad, or irrelevant; but excessively expensive/time consuming to challenge, to do that", fuzzyfuzzyfungus
Do you assume that the Android OS is violating MS patents, if so, explain your reasoning ...
Do you mean they've been lying when they sold us our unlimited, always-on connection. In doing so, signed up a bunch of new customers but never spend enough money on upgrading the infrastructure.
> Pay no attention to the the bugs behind the OS.
And what ever you do don't mention WIndows, talk about Internet malware instead ... :)
"Microsoft has expanded its vulnerability disclosure policy to include not only those in its own products, but also flaws in third-party software that runs on Microsoft operating systems. These will follow the same practices as the advisories issued for Microsoft's products, and it makes sense, because many users look to Microsoft to ensure that their computers are secure, even when the problem lies with a third-party program. The company will contact and coordinate with the third-party vendor before an advisory is issued."
Look, for the umpteemed time, a programming error in an application that leads to a system compromise, is a defect in the underlying Operating System, namely Microsoft Windows/WinNT/Longhorn/Vista/Windows ...
`Amazon's "cloud computing" is centralized upon the virtual machine as the hub of the "cloud."'
I think you hit-the-nail-on-the-head there, a centralized anything is always vulnerable to a this kind of failure. For a business with multiple locations a number of servers sited locally in a peer-to-peer configuration would provide a more reliable service. All they rely on is an end-to-end IP connection. If one site goes then the rest can carry on. I do believe this whole cloud computing concept has been over sold.
"For cloud customers willing to pony up a little extra cash, Amazon has an enticing proposition: Spread your application across multiple availability zones for a near-guarantee that it won't suffer from downtime
I would have thought the the entire raison d'etre of moving to the Cloud was to eliminate downtime, else why not rent two boxes in different locations and achieve this near-guarantee uptime without the extra expense not to mention your data totally disappearing when the Cloud goes down ...
'The best minds of my generation are thinking about how to make people click ads'
In other words, selling shiny crap to morons ... :)
"On December 16, 2010, counsel for the Government learned that, notwithstanding Googles representations to the public at large, its counsel, the GAO, and this Court, it appears that Googles Google Apps for Government does not have FISMA certification. See Attachments 1-5 to this motion. We immediately contacted counsel for Google, shared this information and advised counsel that we would bring this to the Courts attention".
"According to the GSA, Googles Google Apps Premier received FISMA certification on July 21, 2010. However, Google intends to offer Google Apps for Government as a more restrictive version of its product and, Google is currently in the process of finishing its application for FISMA certification for its Google Apps for Government. See Attachment 3. To be clear, in the view of GSA, the agency that certified Googles Google Apps Premier, Google does not have FISMA certification for Google Apps for Government." link
a) The basic app does have FISMA certification, b) The more "restrictive version" is the more secure version for government, no attempt at deceit here .. link
> I integrate, deploy, and maintain a SCADA system for a large water and waste-water utility.
What development platform do you use?
> the control system for an industrial process augments the process, it does not run it. Thus, if you crash the office computers, everything stops. If you crash a control system, the process keeps doing something, even if it is something that nobody would ever want.
I don't even understand this bit or else you're just talking techno waffle and I've worked in ths industry for decades both hardware and software, if that's supposed to count for anything.
> Industrial processes can't "just shut down" on a whim. To patch a control system you need to get to a place where the process can be safely shut down ..
No one in their right mind "patches" a running system.
> revealing software flaws is often a dangerous proposition. By the time we can safely patch something in an industrial control system, there may be tool kits for script kiddies.
How do you design it in such a way that it is accessable to "script kiddies"?
> Do you mean make sure the network the air-conditioner is on is physically isolated from the Internet? Or do you just mean "isolated" via some router magic or other
IPsec running over IP tunnel running on embedded hardware would go along way to defeating such breaches, that they don't implement such solutions owes more to incompetence and we-can't-be-bothered ..
"The Australian Government has a list of software holes that are so sensitive they're kept hidden from the public"
What Platform do these software holes run on, what imdemnification do the endusers get from the manufacturers of the Software holes?
"The agency has knowledge of security vulnerabilities that, if publicly disclosed, could grind significant elements of cyber crime to a halt .. the vulnerabilities may be more valuable if they are kept hidden and used as a means to track skittish cyber criminals"
That's the dumbest thing I ever read, as is patently obvious, the crooks are way ahead of the security "professionals".
"If we become aware of control nodes for botnets or those that harvest data that is being ex-filtrated out of a network, we will pass that information on so that it can be blocked at firewalls and organisations can see if they have a compromised machine"
As a security professional, someone should tell Rothery that there any number of ways to bypass a firewall.
"One of the specific concerns is how a bank may protect or deal with an attack against an air-conditioning system charged with the vital role of keeping a datacentre cool"
Solution: don't connect your air-conditioning system to the Internet .. :)
"A method and apparatus for generating executable code and resolving data references in the generated code is disclosed"
'The other patents discussed Wednesday are the '702 patent, which describes a method for stripping out redundant class files to make the final code run faster; and the '520 patent, a method for simulating how code will run before it actually runs, then producing more concise code to perform the actual operation'
I guess this has nothing to do with the Microsoft deal :)