To be fair, your school probably didn't have to worry about remote management or distributed load-balancing issues, problems which are well suited to control systems operating over a computer network. Proactive security would dictate that this should all be conducted over a private, dedicated line; cost effectiveness says that it should be done over the Internet. Guess which imperative is more likely to win the hearts and minds of shareholders?
I agree, they should know better. I'd bet most of them do know better. But security is not the primary objective here, and it will never win out against the bottom line without regulatory intervention.
Whoa, lighten up there. He said absolutely nothing that could remotely translate to "I hate Christians"; it was merely a (entirely fair, I think) critique of the Abrahamic religions.
You're putting words in his mouth. Quit with the psychological projection.
No, it doesn't slow my typing down, and yes, I'm tying this on one right now.
I'm sorry that the Model M doesn't fit with your personal typing style (if you've even bothered to try it), but it's the height of hubris to take that to mean nobody else could possibly have a valid reason for preferring the keyboard, either.
I agree with you completely, but I have to wonder how long developers sharing our point of view will be able to remain economically competitive against those who are willing to subject their users' data to the "cloud". All those servers and traffic cost money...
No, there's a huge difference between removing options and leaving advanced under-the-hood features, well, under the hood.
GNOME takes very much the same approach as OS X here. For instance, in order to let users adjust how Spaces handles new windows popping up in different workplaces, Apple didn't throw yet another checkbox into some huge and unnavigable control panel. Rather, they left it as an option to be configured with defaults write com.apple.Dock..., because 95% of users won't want to change this behavior, and those who do won't have any trouble figuring out defaults write anyway.
Likewise, a lot of obscure GNOME / Metacity / GTK+ configuration options that aren't wasting space on a control panel somewhere are still accessible through GConf or a separate configuration file. I'm an "advanced" user, and I like this because it gives me less junk to hunt through when I want to change something in the GUI; and I know many "beginner" users who appreciate GNOME for the very same reason.
I have no idea why people keep blindly repeating this, but the Dell Ubuntu machines are not more expensive than the Windows models, in fact they are cheaper. The author apparently hasn't done his homework... I just bought an Insiprion 1420N with Ubuntu which arrived at the end of last week, and it was about $50 cheaper than the same configuration running Windows (before coupons).
That is called defence in depth. The attacker should not be able to simply boot and change system files.
But you still don't seem to understand. Surely you should see the folly in trying to protect the integrity of the contents of a disk, by performing verification using software stored on the same disk? It is a fool's errand, a fundamentally losing proposition.
I thought Vista is touting 'full disk encryption' as a great security feature! If it can be broken so easily, it is an anti-feature.
It is a great security feature for keeping your data from being read by others if your laptop is confiscated or stolen. It is not a great security feature for keeping someone else from manipulating disk contents without special hardware support -- because in order for the computer to even boot there must be some amount of unencrypted code in the boot sector, and if you can modify that then there always exists a vector for attack.
These are two different types of security you're talking about; you can't just lump it all together.
Thirdly, why not validate the cmd.exe before actually allowing it to run as root? This appears to have been done in XP / 2000 etc. so why not in Vista?
And what do you suppose is going to stop the attacker from overwriting whatever program performs this validation, absent full-disk encryption coupled with a hardware security module? (And even then, what if they take a soldering iron to the TPM?)
Face it, if an attacker already has physical access to a system -- to the extent that he can run his own Linux OS on it and mess with the contents of its disks -- then that computer is already, entirely owned. This is true for Linux, it's true for OS X, it's true for BSD, and it's true for Windows. That's just the way computers work.
The only iceberg here is the massive crashing reality that a physically unsecured computer system is, well, insecure. Surprise.
Also..it IS a BETA (test). Once they are out of BETA they might actually have to apply HIPPA.
Whatever factors may conflate to determine whether or not Google Health legally falls under the purview of HIPAA, I assure you that whether the product has a "Beta" in its name is not one of them.
What bothers me is that all this is built on top of tcp/ip, and that is inherently insecure. Given that there exists hardware to inspect packets for p2p traffic, how hard would it be to for a person of unpleasant intent to get hold of some of that and start mining 'encrypted' health information.
You might want to do some reading on TCP/IP and on SSL/TLS encryption. P2P deep packet inspection techniques do not magically override TLS data privacy where it's used, and you can be sure that Google will be using it for this.
That's not to say I approve of Google Health in the least, but the reasons you stated above are complete nonsense.
I second that... I'm running 10.5 on a 2004 iBook G4, and while resuming from sleep would crap out about every 10th or so time in Tiger, it hasn't failed me yet in Leopard. I don't doubt that the grandparent poster is having legitimate issues with the system, but from what I've seen (and this being a college town, a lot of people around me use Macs as their main computers), his experience is the exception rather than the rule.
Leopard definitely have its share of bugs, such as the known unreliability of the new 802.1X configuration mechanism (why did you kill Internet Connect, Apple? It worked beautifully!) But I've never seen the operating system crash, let alone give me weird "out of memory" errors...
Speaking of which, is this same code (minus the Debian "fixes") present in the OpenBSD-native version of OpenSSL as well, or is it only in the portable version? Not that it should matter much, but I'm wondering if OpenBSD trusts their own/dev/random.
OpenSSL is not part of OpenBSD. It's an entirely separate project by a different group of people, whose name just happens to start with the same prefix. (Unlike OpenSSH, OpenNTPD, OpenBGPD, and OpenCVS, which are created and maintained by the OpenBSD folks.)
KDE unlike the other environment, does not suck big time.
It is a sad fact of life on Slashdot, that thousands of moderators use up all their mod points without having the chance to righteously nail someone for a blatant "Troll" or "Flamebait" comment. How generous of you to sacrifice yourself for their benefit, so that at least a few of these moderators, when their points are finally spent, will be able to look back upon it all, breathe a deep sigh of satisfaction, and reflect, "I've used my time here wisely."
Like most computers with built-in webcams, the MacBooks feature a prominent green LED that lights up when the camera is in use. This LED cannot be disabled in software. If Apple were actually spying on people with their computers' built-in cameras, someone would have noticed, fast.
If it were a notification / pull model then when someone complained the ISP could pull the spammer's plug for a TOS violation before most of the messages in his first batch were delivered.
The thing is that we can already achieve the same effect through a combination of greylisting and a trustworthy blacklist: an unknown (non-whitelisted) sender cannot deliver messages immediately, and if they're one of the few spammers who will retry deliver after a temporary failure, then by that time odds are that they will have been blacklisted.
Sure, it's possible that a pull model might prove slightly more effective even so, but neither model will ever kill spam dead. And "possibly slightly better at dealing with spam, but probably just the same" isn't nearly enough to justify uprooting the world's entire email infrastructure.
The reason that x64 CS3 will be Windows-only is that Apple promised, and then later rescinded, a 64-bit Carbon. It's really more a case of Apple shooting itself in the foot than any fault on Adobe's part.
I agree with you regarding getting CS on Linux, though. I also think that Adobe's recent move to lift the restrictions on the use of the Flash format documentation is a step in the right direction -- it says to me that Adobe would rather open up Flash entirely than see it lose to Silverlight, and in the long run that will be great for Gnash and other open source Flash players.
It's a cross-platform open source application. I've never tried the Windows port of OpenVPN, but I currently use it on OS X, OpenBSD, and Linux. It works perfectly on all three platforms.
If you want to run OpenVPN on OS X, though, I recommend the TunnelBlick front-end.
[...] this is exactly why Linux will never be able to really replace either Windows or Mac OS X for desktop usage. Too many people who think they know better than the end-users, and too much work being done by lots of people on different, competing projects.
No, this is the epitome of the closed-source -- especially Apple -- development model. Jobs says program X should work such-and-such a way, then it will work that way, and no amount of protestation from the end users will change it. The difference here is that nobody's shoving this stuff down the open-source community's throats; whereas I can't do a damn thing about the shortcomings in iChat on my Macs, here people had the power to fork the project as a last resort. And that's a wonderful thing.
WTH is with that "premier multi-protocol instant messaging client" remark? Nobody uses that on Windows and Mac OS X
Wrong. I know at least five people who use Pidgin on Windows. (I'm not one of them, I use OS X.)
The whole KDE vs Gnome debate is one of the things that keeps Windows on PCs.
Maybe, but that's quite a different issue from developers insisting that they know better than end users. In fact, if anything, the "competition" between KDE and GNOME forces developers to listen more closely to their users.
Posted as AC because of Linux and OSS zealots.
Yes, because a mob of Linux users is going to come and burn down your house as soon as we can work out your identity. Please, this is absurd. Can you say 'persecution complex'?
It's had its ups and downs since then with respect to the volume of spam. (Thanks to Google, the present timeframe is definitely one of the "downs".) But yeah, Usenet is still around, and it's not going away any time soon.
Many programming and other technology-related groups are still very active. Usenet is one of the best places to go for advice on the C programming language (comp.lang.c), information about PICs (sci.electronics.design), Linux advice (comp.os.linux.misc), or even cooking tips (rec.food.cooking).
Usenet has its weaknesses, but it also has some unique strengths versus Web-based discussion forums: everything is organized (more or less) hierarchically; the user interface is whatever you want it to be; and it's easy to download and archive interesting posts. These features appeal to enough people, apparently, to keep it going...
For my part, I eventually did cave in and block Google Groups-originating posts entirely. I've seen, possibly, five spam messages on any of my favorite newsgroups during the three weeks that I've been blocking Google.
The company has, in point of fact, exhibited a tendency to neglect some of its services over time. This is bad enough when it comes to Blogger -- people put in many hours to become established there, although let's face it, it's not as though they have a service-level agreement with Google. But neglecting Google Groups and refusing to act upon numerous spam reports, to the extent that groups like comp.lang.python and rec.bicycles.tech become absolutely useless you block all GG-originating posts? That's inexcusable. If this were anyone other than Google they would have been issued the UDP a long time ago.
So yes, by all means, block Google Groups, because they have chronically and increasingly failed to fulfill their responsibilities to the Usenet community. And put a message in your signature to this effect, so that Google Groups posters will know why you are ignoring their articles; and so that they will consider moving to a different service.
- Convince the PHBs to keep buying Office because "it has an ISO-standard file format", and
- Prevent these people from later switching to OpenOffice because "it's not entirely compatible with [Microsoft's buggy, incorrect, but de-facto standard implementation of] OOXML"
In essence, it's so that they can use the two terms "standard" and "de-facto" standard interchangeably, choosing whichever best suits them in any given situation. They get all the marketing benefit of having an "open standard" file format, yet thanks to all the bugs in the #1 implementation of that spec, the OpenOffice folks and others still have to do a lot of reverse-engineering in order to stay compatible, and they must consciously violate the open standard in order to conform to the de-facto standard.
Your [family's] rights end where my [family's metaphorical] nose begins. Yes, obviously some laws and mandates that limit personal "liberties" are necessary to a healthy and functioning society; without any such laws we would be living in a literal anarchy.
For instance, you are not "free" to walk into my house and stab me. You are also not free to send your kid into a public school with my kid, where he or she may wind up infecting other students with otherwise preventable diseases such as TB or worse, without first being administered certain vaccines. These vaccines do not all work 100% of the time, so the only way to minimize the chances of disease outbreaks is to maintain a fully-vaccinated population.
As for Thiomersal, there has never been a shred of solid evidence linking it (or modern vaccination in general) to increased risks of Autism. Removing Thiomersal from certain vaccines' formulation was a concession made not because the preservative posed any danger itself, but because of the imminent threat to children who would otherwise remain unvaccinated due to their parents' unfounded fears. In the long run, I believe that removing Thiomersal was a mistake, as it only served to bolster such unscientific claims about the dangers of vaccination.
Slashdot Mirror
To be fair, your school probably didn't have to worry about remote management or distributed load-balancing issues, problems which are well suited to control systems operating over a computer network. Proactive security would dictate that this should all be conducted over a private, dedicated line; cost effectiveness says that it should be done over the Internet. Guess which imperative is more likely to win the hearts and minds of shareholders?
I agree, they should know better. I'd bet most of them do know better. But security is not the primary objective here, and it will never win out against the bottom line without regulatory intervention.
Whoa, lighten up there. He said absolutely nothing that could remotely translate to "I hate Christians"; it was merely a (entirely fair, I think) critique of the Abrahamic religions.
You're putting words in his mouth. Quit with the psychological projection.
No, it doesn't slow my typing down, and yes, I'm tying this on one right now.
I'm sorry that the Model M doesn't fit with your personal typing style (if you've even bothered to try it), but it's the height of hubris to take that to mean nobody else could possibly have a valid reason for preferring the keyboard, either.
I agree with you completely, but I have to wonder how long developers sharing our point of view will be able to remain economically competitive against those who are willing to subject their users' data to the "cloud". All those servers and traffic cost money...
No, there's a huge difference between removing options and leaving advanced under-the-hood features, well, under the hood.
GNOME takes very much the same approach as OS X here. For instance, in order to let users adjust how Spaces handles new windows popping up in different workplaces, Apple didn't throw yet another checkbox into some huge and unnavigable control panel. Rather, they left it as an option to be configured with defaults write com.apple.Dock ..., because 95% of users won't want to change this behavior, and those who do won't have any trouble figuring out defaults write anyway.
Likewise, a lot of obscure GNOME / Metacity / GTK+ configuration options that aren't wasting space on a control panel somewhere are still accessible through GConf or a separate configuration file. I'm an "advanced" user, and I like this because it gives me less junk to hunt through when I want to change something in the GUI; and I know many "beginner" users who appreciate GNOME for the very same reason.
If that scared you, you should have seen what it did to my old iBook G4 ;)
I have no idea why people keep blindly repeating this, but the Dell Ubuntu machines are not more expensive than the Windows models, in fact they are cheaper. The author apparently hasn't done his homework... I just bought an Insiprion 1420N with Ubuntu which arrived at the end of last week, and it was about $50 cheaper than the same configuration running Windows (before coupons).
Don't take my word for it:
http://www.engadget.com/2007/07/04/ubuntu-based-dell-systems-50-cheaper-than-windows/
Or just go to http://www.dell.com/ubuntu/ and price it out for yourself, if you still don't believe me...
But you still don't seem to understand. Surely you should see the folly in trying to protect the integrity of the contents of a disk, by performing verification using software stored on the same disk? It is a fool's errand, a fundamentally losing proposition.
I thought Vista is touting 'full disk encryption' as a great security feature! If it can be broken so easily, it is an anti-feature.It is a great security feature for keeping your data from being read by others if your laptop is confiscated or stolen. It is not a great security feature for keeping someone else from manipulating disk contents without special hardware support -- because in order for the computer to even boot there must be some amount of unencrypted code in the boot sector, and if you can modify that then there always exists a vector for attack.
These are two different types of security you're talking about; you can't just lump it all together.
And what do you suppose is going to stop the attacker from overwriting whatever program performs this validation, absent full-disk encryption coupled with a hardware security module? (And even then, what if they take a soldering iron to the TPM?)
Face it, if an attacker already has physical access to a system -- to the extent that he can run his own Linux OS on it and mess with the contents of its disks -- then that computer is already, entirely owned. This is true for Linux, it's true for OS X, it's true for BSD, and it's true for Windows. That's just the way computers work.
The only iceberg here is the massive crashing reality that a physically unsecured computer system is, well, insecure. Surprise.
Whatever factors may conflate to determine whether or not Google Health legally falls under the purview of HIPAA, I assure you that whether the product has a "Beta" in its name is not one of them.
You might want to do some reading on TCP/IP and on SSL/TLS encryption. P2P deep packet inspection techniques do not magically override TLS data privacy where it's used, and you can be sure that Google will be using it for this.
That's not to say I approve of Google Health in the least, but the reasons you stated above are complete nonsense.
I second that... I'm running 10.5 on a 2004 iBook G4, and while resuming from sleep would crap out about every 10th or so time in Tiger, it hasn't failed me yet in Leopard. I don't doubt that the grandparent poster is having legitimate issues with the system, but from what I've seen (and this being a college town, a lot of people around me use Macs as their main computers), his experience is the exception rather than the rule.
Leopard definitely have its share of bugs, such as the known unreliability of the new 802.1X configuration mechanism (why did you kill Internet Connect, Apple? It worked beautifully!) But I've never seen the operating system crash, let alone give me weird "out of memory" errors...
OpenSSL is not part of OpenBSD. It's an entirely separate project by a different group of people, whose name just happens to start with the same prefix. (Unlike OpenSSH, OpenNTPD, OpenBGPD, and OpenCVS, which are created and maintained by the OpenBSD folks.)
It is a sad fact of life on Slashdot, that thousands of moderators use up all their mod points without having the chance to righteously nail someone for a blatant "Troll" or "Flamebait" comment. How generous of you to sacrifice yourself for their benefit, so that at least a few of these moderators, when their points are finally spent, will be able to look back upon it all, breathe a deep sigh of satisfaction, and reflect, "I've used my time here wisely."
Like most computers with built-in webcams, the MacBooks feature a prominent green LED that lights up when the camera is in use. This LED cannot be disabled in software. If Apple were actually spying on people with their computers' built-in cameras, someone would have noticed, fast.
I give up, I'm going Amish. See you guys later.
The thing is that we can already achieve the same effect through a combination of greylisting and a trustworthy blacklist: an unknown (non-whitelisted) sender cannot deliver messages immediately, and if they're one of the few spammers who will retry deliver after a temporary failure, then by that time odds are that they will have been blacklisted.
Sure, it's possible that a pull model might prove slightly more effective even so, but neither model will ever kill spam dead. And "possibly slightly better at dealing with spam, but probably just the same" isn't nearly enough to justify uprooting the world's entire email infrastructure.
The reason that x64 CS3 will be Windows-only is that Apple promised, and then later rescinded, a 64-bit Carbon. It's really more a case of Apple shooting itself in the foot than any fault on Adobe's part.
I agree with you regarding getting CS on Linux, though. I also think that Adobe's recent move to lift the restrictions on the use of the Flash format documentation is a step in the right direction -- it says to me that Adobe would rather open up Flash entirely than see it lose to Silverlight, and in the long run that will be great for Gnash and other open source Flash players.
iMacGyver?
I suppose if anyone has enough sway to bring the mullet back into style, it'd be Apple...
It's a cross-platform open source application. I've never tried the Windows port of OpenVPN, but I currently use it on OS X, OpenBSD, and Linux. It works perfectly on all three platforms.
If you want to run OpenVPN on OS X, though, I recommend the TunnelBlick front-end.
No, this is the epitome of the closed-source -- especially Apple -- development model. Jobs says program X should work such-and-such a way, then it will work that way, and no amount of protestation from the end users will change it. The difference here is that nobody's shoving this stuff down the open-source community's throats; whereas I can't do a damn thing about the shortcomings in iChat on my Macs, here people had the power to fork the project as a last resort. And that's a wonderful thing.
WTH is with that "premier multi-protocol instant messaging client" remark? Nobody uses that on Windows and Mac OS XWrong. I know at least five people who use Pidgin on Windows. (I'm not one of them, I use OS X.)
The whole KDE vs Gnome debate is one of the things that keeps Windows on PCs.Maybe, but that's quite a different issue from developers insisting that they know better than end users. In fact, if anything, the "competition" between KDE and GNOME forces developers to listen more closely to their users.
Posted as AC because of Linux and OSS zealots.Yes, because a mob of Linux users is going to come and burn down your house as soon as we can work out your identity. Please, this is absurd. Can you say 'persecution complex'?
It's had its ups and downs since then with respect to the volume of spam. (Thanks to Google, the present timeframe is definitely one of the "downs".) But yeah, Usenet is still around, and it's not going away any time soon.
Many programming and other technology-related groups are still very active. Usenet is one of the best places to go for advice on the C programming language (comp.lang.c), information about PICs (sci.electronics.design), Linux advice (comp.os.linux.misc), or even cooking tips (rec.food.cooking).
Usenet has its weaknesses, but it also has some unique strengths versus Web-based discussion forums: everything is organized (more or less) hierarchically; the user interface is whatever you want it to be; and it's easy to download and archive interesting posts. These features appeal to enough people, apparently, to keep it going...
Absolutely! I just came in here to say this.
For my part, I eventually did cave in and block Google Groups-originating posts entirely. I've seen, possibly, five spam messages on any of my favorite newsgroups during the three weeks that I've been blocking Google.
The company has, in point of fact, exhibited a tendency to neglect some of its services over time. This is bad enough when it comes to Blogger -- people put in many hours to become established there, although let's face it, it's not as though they have a service-level agreement with Google. But neglecting Google Groups and refusing to act upon numerous spam reports, to the extent that groups like comp.lang.python and rec.bicycles.tech become absolutely useless you block all GG-originating posts? That's inexcusable. If this were anyone other than Google they would have been issued the UDP a long time ago.
So yes, by all means, block Google Groups, because they have chronically and increasingly failed to fulfill their responsibilities to the Usenet community. And put a message in your signature to this effect, so that Google Groups posters will know why you are ignoring their articles; and so that they will consider moving to a different service.
It's so that they can, simultaneously:
In essence, it's so that they can use the two terms "standard" and "de-facto" standard interchangeably, choosing whichever best suits them in any given situation. They get all the marketing benefit of having an "open standard" file format, yet thanks to all the bugs in the #1 implementation of that spec, the OpenOffice folks and others still have to do a lot of reverse-engineering in order to stay compatible, and they must consciously violate the open standard in order to conform to the de-facto standard.
Your [family's] rights end where my [family's metaphorical] nose begins. Yes, obviously some laws and mandates that limit personal "liberties" are necessary to a healthy and functioning society; without any such laws we would be living in a literal anarchy.
For instance, you are not "free" to walk into my house and stab me. You are also not free to send your kid into a public school with my kid, where he or she may wind up infecting other students with otherwise preventable diseases such as TB or worse, without first being administered certain vaccines. These vaccines do not all work 100% of the time, so the only way to minimize the chances of disease outbreaks is to maintain a fully-vaccinated population.
As for Thiomersal, there has never been a shred of solid evidence linking it (or modern vaccination in general) to increased risks of Autism. Removing Thiomersal from certain vaccines' formulation was a concession made not because the preservative posed any danger itself, but because of the imminent threat to children who would otherwise remain unvaccinated due to their parents' unfounded fears. In the long run, I believe that removing Thiomersal was a mistake, as it only served to bolster such unscientific claims about the dangers of vaccination.