This particular nastiness Verizon has never tried. Instead, Verizon wastes all of its internet stupidity on anti-spam stuff, including a royally screwed up method of sender callbacks that causes them to be placed on multiple DNS blacklists.
Long answer: Even if there were a breach in the security of your mud, it would only allow access as the user running the mud daemon. Usually that isn't root. (with telnetd, of course, it usually is root)
Longer answer: The specific vulnerability here covers the way that telnetd passes arguments to the program login. Specifically, it passes what telnetd thinks is a parameter, but login interprets the passed result as an option. Presumably, your MUD server isn't turning around and calling external programs with the login name of the user who just connected. Besides, almost all MUD servers ignore nearly all telnet options anyway.
This illustrates one of the great big rules about secure unix programming: when invoking some other program with user-supplied arguments, always be very keenly aware that many programs interpret arguments beginning with "-" to mean "radically alter your behavior". Altered behaviors are usually bad news, security wise: in this case, the login program treats an argument beginning with "-f" to mean "no authentication required". One traditional way to avoid these problems is to pass an argument consisting of "--" before the user-supplied arguments; another way is to assume that anyone arranging for a user-supplied argument beginning with "-" is trying something bad, and simply refuse any such requests.
As another example of this general principle, it used to be the case that many man2html gateways allowed users to pass arbitrary arguments to the man(1) command. Now, this did allow the convenience of passing "-k" as the section to do a search, but it also allowed the security nightmare of "-Pprogram" to run an arbitrary program on the target machine. You really don't want it to be possible for external users to pass arbitrary options to other programs.
Okay, but tell me - how often do you regularly see firefox warnings about certificates signed by random CAs? I see at least one or two a week. How likely do you think it is that someone's going to notice this?
When even Google AdSense can't get the whole "do https properly so that people don't get trained to click past error messages" thing right (granted, it's a different error in google's case), how closely are people really going to look? Granted, they might get slightly suspicious the third of fourth time this happened, but for people just trying to check some news sites and their corporate email before boarding they might only see one such error message.
That's a nice universe you have there with your "should" space.
It's true, reporting a vulnerability shouldn't in some sense make police look at you more closely if some other vulnerability on that same site later causes it to be breached. However, it does. Some people really don't like extra police attention even if they are "quickly cleared" as in the case in the article.
I mean, they do exactly as you recommend in Europe.
With one big, huge, huge exception. Inheritance taxes (aka estate taxes, aka "the death tax") are virtually unknown throughout most of Europe.
Note that the grandparent post highlighted "wealth disparity" as being more important than "income disparity" in producing the mindset that the system is fundamentally unfair and crime is no big deal. The lack of any inheritance tax contributes strongly to the wealth disparity.
I can guarantee you that there where many gramatical and spelling mistakes.
You don't say.
Admittedly, attending Aalborg means that your native language is likely not English, so you get cut a certain amount of slack. I doubt that my Danish would pass muster in an academic setting, though with three months of writing I would certainly have an academically-minded native speaker read over it first.
Of course, the slower kids probably wouldn't have any desire to catch up to the class. In my experience, students who fall behind in school, for the most part, fall behind because they don't care to begin with.
It's been almost 15 years now since I was in a public school, so my impressions may be a bit dated, but my experience says that once a student falls behind, there's no incentive to care. This makes disentangling cause and effect after the fact very, very difficult. I know that there were times I really didn't care at all about high school; however, I doubt anyone would claim that I ever "fell behind". (Actually, I sometimes wish that I had cared even less - really, no one cares who was valedictorian more than two years after the fact) I remember noticing about ninth grade that there were students who had switched from the "honors" track in some subjects to the "college prep" track, and so were no longer in my classes. I think that I can remember only one case of someone switching from "college prep" back to "honors", in my 12th grade English class. In general, once someone switched downwards, they never switched back. (For example, everyone in my 12th grade math class had also been in my seventh grade math class, but the 12th grade class was about one-third the size) From the glimpses I had of what a "general studies"-track 9th grade science class is like, I can't see how anyone would switch from that to anything more rigorous. The teacher radiated apathy, the students radiated it back (and to each other), and just in case someone might accidentally still have their brain engaged in the subject matter, they killed that by moving at a snail's pace through a truly awful textbook. Maybe there were some kids in the class for whom that was perfectly appropriate, but at least half the class had the capacity for more. However, in that class they weren't going to get any more, and they were being constrained by the class to never get enough to move out of that track.
I don't know about that, but I know that if I had an iPod, I'd buy two or three tracks from a CD from the early 1990s that is now out of print (and only available through used places at collectors' prices of $40 or more). I'd also buy some from a CD of mine that was stolen about 10 years ago and I never bothered to replace. (because only 2 songs on that CD were any good)
Just because I once owned music on CD that I'd like to hear again doesn't mean I still have the CD anywhere.
Since having kiddy porn, especially for a previously convicted sex offender, is an offense that causes the person to serve jail time again, this brings this possibility:
- find out sex offender's name, picture, and place of residence. (from standard sex offender registry) - file some sort of complaint to the police that will at least cause them to investigate him and his computer. (easier if he's only on parole, and not fully released yet) - arrange for anonymous email forwarders to send him a bunch of kiddie porn right before the cops arrive.
Sometimes I really think that they should make Les Miserables into a tv special short enough to fit most Amercans' attention spans.
For example, if you search google for the name of any common drug (even if you use the generic chemical name instead of the brand name), you'll get options immediately to narrow your results to a bunch of useful subcategories; for example I just did a search and got this before the rest of the results: (I've inserted brackets to show where the links are, or just do the search yourself)
Refine results for Clonazepam: [Drug uses] [Interactions] [For patients] [From medical authorities] [Side effects] [Warnings/recalls] [For health professionals]
Now, if they could extend this kind of categorization to consumer electronic devices, I think that would address your main concern.
The above-mentioned patents don't relate directly to image storage formats; they relate to compression algorithms, which I imagine are still in demand in all sorts of specialized cases.
Try searching without the dashes; you know, search for it in the format 333224444. You should get at least one hit from http://www.onebillionmazes.com/
I doubt the extreme effectiveness of this. My main reason for doubting this is that I'm constantly getting emails or other contacts for other people with my same name. For a smear to work, you have to have a google search for my name turn up the smear, and not get lost in ten thousand pages about other people with my same name.
True, I suppose that you could sully my main email address, and I'd have to disassociate from that, which would suck, but how hard is it to get a new email address?
I'm not saying you couldn't cause me a hell of a lot of grief, but it's a long step from there to ruining my life.
A key to getting towards mastery that I think everyone here is missing is that skill development requires feedback. This is, I think, why you get child prodigies in math and music, but not in, say, literature. In music, assuming one is born with normal hearing, you can get instant feedback from the instrument as to whether or not you're doing something right. Although it requires slightly more background, you can also get feedback from the math itself as to whether or not you're doing it right. The key here is that you get this feedback from the activity itself, and don't need to rely on other people to supply that feedback. This means you can be always practicing the activity even when other people aren't available.
The problem with practice without feedback is that you can easily end up practicing the wrong thing. Therefore, in the "rugby player vs. basement dweller" phenomenon, I think you're a bit off. It's not the ability to interact with people face to face that matters, it's the ability to find and accept feedback in one's chosen profession. Now, if what you're doing requires only feedback that you get from the machines already, then face-to-face social skills aren't that much of a factor. If it requires social interaction (as almost all jobs do eventually), then I can see why you might be a bit worried about the guy who clearly can't do that.
However, I'd worry more about the rugby player who expresses his social interaction entirely in terms of alpha-male dominance behavior. This is not someone who is seeking and accepting feedback, no matter how much everyone may think that he's a "fun" guy. "Sticking to your guns" may be an admirable trait in some extremely rare circumstances, but in general that attitude prevents someone from getting better at what they do. What you really need is someone who seeks out others' advice or feedback and then listens to it. This last part (listening) is key, but is something that sometimes isn't learned by the person who was always at the top of the "in" crowd.
It's fixed on yahoo's servers now, but according to the source link posted earlier, the flaw that's being exploited seems to be a bug in how yahoo parses html attributes. The bug sends itself as:
<img src='http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ ma_mail_1.gif' target=""onload="whole bunch of crappy javascript here that uses only single quotes and just goes on and on">
Note the lack of a space between the 'target' bit and the 'onload' bit. Now, apparently "target" is one of the HTML attributes that yahoo allows through on an IMG tag (why?). Anyway, it appears that yahoo's servers see both the target and the onload bit as one big long target attribute and let it through, whereas most browsers see that as a separate "target" and "onload" attribute and execute the javascript as soon as the image (one of the standard yahoo mail images, so it'll likely already be in the browser cache) is loaded.
The lesson here? I'm not really sure, beyond "double- and triple-check your parsing routines, since they will be used in security-sensitive code".
Why is this? As the majority of hobbyists must be aware, most of you steal your software. Hardware must be paid for, but software is something to share. Who cares if the people who worked on it get paid?... I would appreciate letters from any one who wants to pay up, or has a suggestion or comment. Just write to me at 1180 Alvarado SE, #114, Albuquerque, New Mexico, 87108. Nothing would please me more than being able to hire ten programmers and deluge the hobby market with good software.
Okay, after reading several comments here and thinking about it, yeah, this kid basically had his life ruined. And, inflicting some sort of distress was certainly intentional on the part of those who released the film.
What I can't get past though is the idea that this consequence should have been in any way foreseeable by a reasonable person. Who knows what the next great internet craze will form around? Flying cats? Obscenity-spouting hedgehogs? Christmas lights? How were those that released the video to know what would happen? It's not like skipping standard safety procedures in storing a dangerous chemical, where you can reasonably guess some of the outcome. In order for SWK to become the net phenomenon it did, you require additional independent action by thousands of others. At the time SWK took off, how many internet crazes like that had there been?
Who added the first set of sound effects? Without those, the SWK video never would have taken off. Did the bullies have anything to do with that bit? Did they promote the SWK video to others at the school? Did they push it to world-wide stardom, or set up any of the domains based on the video?
As I see it, this kid has had his life ruined bit-by-bit by millions of strangers. But the legal system can't exactly go collect a penny from everyone who contributed to making his life hell, as would perhaps be the ideal solution. I don't understand though why the bullies are on the hook for any of the effects after the SWK video became a self-sustaining phenomenon.
Of course, we don't know the settlement amount either.
Note that there seems to be some javascript on that page that would try to reset your home page when you close the page, but it appears to have been deliberately disabled.
It's a relatively simple script I wrote a while back to filter hprof textual output. It tells you things like "which of the code inside com.foo.* is being slow"? And "which of the code inside com.foo.* is causing StringBufffer.expandCapacity to be invoked, and thereby being slow?".
A further enhancement of it (that I haven't posted yet, sorry) changes the output format to look something like a java stack trace, which means you can take the output of that script, copy and paste it into eclipse's Java Stack Trace console, and be able to click on the lines identified as being slow.
We've found it to be a nice complement to graphical tools that let you visualize what bits are slow, like HPJmeter.
Anyone ever get the idea that in college a humanities major stole Mr. Graham's girlfriend, or distro requirements forced him to take some unimagineably boring course, or gangs of roving English professors critiqued his lunch?
I mean, I have occasionally seen decent criticisms of academic trends in the humanities (Google "Sokal"), but that's not what I'm talking about. Every chance he gets, Paul Graham stops to take a piss on French literature, or literary analysis, or even novel writing. I'll note that he doesn't stop to do this with other academic endeavors far away from his chosen field, such as classics (Greek and Latin), religious studies, psychology, or history. It's never too protracted, but I get the feeling that there's great resentment buried there.
Note that he doesn't aim the same level of contempt at grad. school, which, if it treated him as it does most CS people who leave without a Ph.D., probably deserves some. This leads me to think that it's more than a matter of denigrating something he found himself unsuccessful at.
Literature of all stripes seems to occupy a special place of disregard is these essays of his.
The word from my Unisys contacts is that there has recently been a push from on high that all technical staff should start "learning more about Open Source technologies." Yes, the directive really is that vague.
That being said, in many respects the company has committed itself hard to Microsoft technologies internally. Outlook/Exchange is the one and only email client and email server, Microsoft IM through Exchange is the only IM client, etc.
But the "we have the way out" campaign is quietly realized inside the company as a mistake, and you won't find anyone internally these days who admits to being associated with it.
With my limited understanding of the GPL (IANAL), I believe that a vendor can charge what he/she wants for the binary version of the software, and is then obligated to provide the source (to that same person) at a nominal additional cost. The GPL only requires providing the source to those parties that receive the binaries.
This is now getting rather far-afield from the original, since all other evidence points to MV being a very good GPL-abiding corporation. (I suspect, as do others, that some wires got crossed)
However, this is a frequently quoted misconception that I thought I'd stomp on, in the hopes that it doesn't get repeated. Like most widely circulated misconceptions, there's a kernel of almost-truth to it, but in its essence it's wrong.
What the GPL requires (section 3) is:
that every binary be shipped with source, OR
that every binary be shipped with a written offer to provide to any third party, not just those who have a copy of the binary, or only to those who are original customers of the company, the source for a cost no greater than the cost of creating the physical copy of the source
Since we're talking about commercial distribution, I'm ignoring section 3(c).
What this means is that either you give every customer a copy of the (GPL-ed portion of the) source with every binary, or you give the GPL-ed part of the source code to anyone who asks and coughs up the cost of doing the physical duplication. (for at least three years after shipping the binary) None of this "we'll let you have the source for the cost of the disks + S/H, but only if you're our customer" stuff.
Really, people, the GPL isn't that long, nor is it anywhere near as lawyerly as many software licenses. There's no excuse for holding forth on it and having not read it.
The article said that price swapping had been around before, not barcode swapping.
Price swapping is what happens with those places that don't scan the items, but rely on those stupid little rectangle-with-bulges shaped stickers with the price printed on them, and then on clerks punching in the actual prices.
You know, the kind of stickers that either stick so completely to the item that you can't get them off without acetone, or fall off when you look at them funny, depending on how the pricing gun was feeling that day.
Anyway, price swapping is the age-old practice of taking one of the cheap stickers that didn't stick to a low-priced item, and finding a higher priced item that the sticker also only stuck loosely to, and making the swap. Places like the Goodwill and other stores that have highly irregular inventory (e.g. second-hand stores, and some discount-mall stores) will often have to use the individual price sticker per item, and are frequently hit by this problem. (especially if the store is the type that normally puts one price sticker on top of another when marking something down so that it'll sell)
I fail to see what this has to do with anything. You claimed that copyright gives authors exclusive rights to prepare derivative works, and that this precedent changes things.
I asserted that the right to preparing derivative works is not as absolutely exclusive with regards to software programs as you might think, and cite the Sect. 117(a)(1) exemption that's applied in this case.
You respond by saying that the GPL does not establish additional restrictions on recipients of GPL programs beyond what copyright requires. Okay - but that has nothing to do with my post.
Your claim that this precedent changes things is bogus. It may open your eyes to Sect. 117(a)(1), but the court didn't make that law; it was already on the books.
It appears that you were arguing that the GPL could be stronger, and not allow private modifications, if this precedent were not there, and that therefore this precedent weakens the potential strength of the GPL or something similar to the GPL. However, this precedent isn't what allows limited creation of derivative works provided "that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner" - the Copyright Act already allows that explicitly.
This precedent changes nothing fundamental, and only barely touches the boundary of what constitutes "an essential step in the utilization" of a program - the court looked to the case Aymes v. Bonelli (decided in 1992) to determine where the boundaries were, and this case fit within them.
There was nothing really noteworthy about this opinion, unless you count it noteworthy that pre-existing precedent was followed.
Slashdot Mirror
This particular nastiness Verizon has never tried. Instead, Verizon wastes all of its internet stupidity on anti-spam stuff, including a royally screwed up method of sender callbacks that causes them to be placed on multiple DNS blacklists.
Short answer: yes
Long answer: Even if there were a breach in the security of your mud, it would only allow access as the user running the mud daemon. Usually that isn't root. (with telnetd, of course, it usually is root)
Longer answer: The specific vulnerability here covers the way that telnetd passes arguments to the program login. Specifically, it passes what telnetd thinks is a parameter, but login interprets the passed result as an option. Presumably, your MUD server isn't turning around and calling external programs with the login name of the user who just connected. Besides, almost all MUD servers ignore nearly all telnet options anyway.
This illustrates one of the great big rules about secure unix programming: when invoking some other program with user-supplied arguments, always be very keenly aware that many programs interpret arguments beginning with "-" to mean "radically alter your behavior". Altered behaviors are usually bad news, security wise: in this case, the login program treats an argument beginning with "-f" to mean "no authentication required". One traditional way to avoid these problems is to pass an argument consisting of "--" before the user-supplied arguments; another way is to assume that anyone arranging for a user-supplied argument beginning with "-" is trying something bad, and simply refuse any such requests.
As another example of this general principle, it used to be the case that many man2html gateways allowed users to pass arbitrary arguments to the man(1) command. Now, this did allow the convenience of passing "-k" as the section to do a search, but it also allowed the security nightmare of "-Pprogram" to run an arbitrary program on the target machine. You really don't want it to be possible for external users to pass arbitrary options to other programs.
Okay, but tell me - how often do you regularly see firefox warnings about certificates signed by random CAs? I see at least one or two a week. How likely do you think it is that someone's going to notice this?
When even Google AdSense can't get the whole "do https properly so that people don't get trained to click past error messages" thing right (granted, it's a different error in google's case), how closely are people really going to look? Granted, they might get slightly suspicious the third of fourth time this happened, but for people just trying to check some news sites and their corporate email before boarding they might only see one such error message.
That's a nice universe you have there with your "should" space.
It's true, reporting a vulnerability shouldn't in some sense make police look at you more closely if some other vulnerability on that same site later causes it to be breached. However, it does. Some people really don't like extra police attention even if they are "quickly cleared" as in the case in the article.
With one big, huge, huge exception. Inheritance taxes (aka estate taxes, aka "the death tax") are virtually unknown throughout most of Europe.
Note that the grandparent post highlighted "wealth disparity" as being more important than "income disparity" in producing the mindset that the system is fundamentally unfair and crime is no big deal. The lack of any inheritance tax contributes strongly to the wealth disparity.
You forgot a big, huge factor in staying out of debt or bankruptcy: don't get sick. Don't have a spouse who gets sick. Don't have kids who get sick.
Making up a list like that and then leaving the number one cause of bankruptcy in the US for a tiny parenthetical reference is a serious distortion of reality.
Admittedly, attending Aalborg means that your native language is likely not English, so you get cut a certain amount of slack. I doubt that my Danish would pass muster in an academic setting, though with three months of writing I would certainly have an academically-minded native speaker read over it first.
I remember noticing about ninth grade that there were students who had switched from the "honors" track in some subjects to the "college prep" track, and so were no longer in my classes. I think that I can remember only one case of someone switching from "college prep" back to "honors", in my 12th grade English class. In general, once someone switched downwards, they never switched back. (For example, everyone in my 12th grade math class had also been in my seventh grade math class, but the 12th grade class was about one-third the size)
From the glimpses I had of what a "general studies"-track 9th grade science class is like, I can't see how anyone would switch from that to anything more rigorous. The teacher radiated apathy, the students radiated it back (and to each other), and just in case someone might accidentally still have their brain engaged in the subject matter, they killed that by moving at a snail's pace through a truly awful textbook. Maybe there were some kids in the class for whom that was perfectly appropriate, but at least half the class had the capacity for more. However, in that class they weren't going to get any more, and they were being constrained by the class to never get enough to move out of that track.
I don't know about that, but I know that if I had an iPod, I'd buy two or three tracks from a CD from the early 1990s that is now out of print (and only available through used places at collectors' prices of $40 or more). I'd also buy some from a CD of mine that was stolen about 10 years ago and I never bothered to replace. (because only 2 songs on that CD were any good)
Just because I once owned music on CD that I'd like to hear again doesn't mean I still have the CD anywhere.
Since having kiddy porn, especially for a previously convicted sex offender, is an offense that causes the person to serve jail time again, this brings this possibility:
- find out sex offender's name, picture, and place of residence. (from standard sex offender registry)
- file some sort of complaint to the police that will at least cause them to investigate him and his computer. (easier if he's only on parole, and not fully released yet)
- arrange for anonymous email forwarders to send him a bunch of kiddie porn right before the cops arrive.
Sometimes I really think that they should make Les Miserables into a tv special short enough to fit most Amercans' attention spans.
The above-mentioned patents don't relate directly to image storage formats; they relate to compression algorithms, which I imagine are still in demand in all sorts of specialized cases.
Try searching without the dashes; you know, search for it in the format 333224444. You should get at least one hit from http://www.onebillionmazes.com/
I doubt the extreme effectiveness of this. My main reason for doubting this is that I'm constantly getting emails or other contacts for other people with my same name. For a smear to work, you have to have a google search for my name turn up the smear, and not get lost in ten thousand pages about other people with my same name.
True, I suppose that you could sully my main email address, and I'd have to disassociate from that, which would suck, but how hard is it to get a new email address?
I'm not saying you couldn't cause me a hell of a lot of grief, but it's a long step from there to ruining my life.
A key to getting towards mastery that I think everyone here is missing is that skill development requires feedback. This is, I think, why you get child prodigies in math and music, but not in, say, literature. In music, assuming one is born with normal hearing, you can get instant feedback from the instrument as to whether or not you're doing something right. Although it requires slightly more background, you can also get feedback from the math itself as to whether or not you're doing it right. The key here is that you get this feedback from the activity itself, and don't need to rely on other people to supply that feedback. This means you can be always practicing the activity even when other people aren't available.
The problem with practice without feedback is that you can easily end up practicing the wrong thing. Therefore, in the "rugby player vs. basement dweller" phenomenon, I think you're a bit off. It's not the ability to interact with people face to face that matters, it's the ability to find and accept feedback in one's chosen profession. Now, if what you're doing requires only feedback that you get from the machines already, then face-to-face social skills aren't that much of a factor. If it requires social interaction (as almost all jobs do eventually), then I can see why you might be a bit worried about the guy who clearly can't do that.
However, I'd worry more about the rugby player who expresses his social interaction entirely in terms of alpha-male dominance behavior. This is not someone who is seeking and accepting feedback, no matter how much everyone may think that he's a "fun" guy. "Sticking to your guns" may be an admirable trait in some extremely rare circumstances, but in general that attitude prevents someone from getting better at what they do. What you really need is someone who seeks out others' advice or feedback and then listens to it. This last part (listening) is key, but is something that sometimes isn't learned by the person who was always at the top of the "in" crowd.
It's fixed on yahoo's servers now, but according to the source link posted earlier, the flaw that's being exploited seems to be a bug in how yahoo parses html attributes. The bug sends itself as:
/ ma_mail_1.gif'
<img src='http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma
target=""onload="whole bunch of crappy javascript here that uses only
single quotes and just goes on and on">
Note the lack of a space between the 'target' bit and the 'onload' bit. Now, apparently "target" is one of the HTML attributes that yahoo allows through on an IMG tag (why?). Anyway, it appears that yahoo's servers see both the target and the onload bit as one big long target attribute and let it through, whereas most browsers see that as a separate "target" and "onload" attribute and execute the javascript as soon as the image (one of the standard yahoo mail images, so it'll likely already be in the browser cache) is loaded.
The lesson here? I'm not really sure, beyond "double- and triple-check your parsing routines, since they will be used in security-sensitive code".
Excerpted from Bill Gates's 1976 "Open Letter to Hobbyists"
http://www.blinkenlights.com/classiccmp/gateswhin
Okay, after reading several comments here and thinking about it, yeah, this kid basically had his life ruined. And, inflicting some sort of distress was certainly intentional on the part of those who released the film.
What I can't get past though is the idea that this consequence should have been in any way foreseeable by a reasonable person. Who knows what the next great internet craze will form around? Flying cats? Obscenity-spouting hedgehogs? Christmas lights? How were those that released the video to know what would happen? It's not like skipping standard safety procedures in storing a dangerous chemical, where you can reasonably guess some of the outcome. In order for SWK to become the net phenomenon it did, you require additional independent action by thousands of others. At the time SWK took off, how many internet crazes like that had there been?
Who added the first set of sound effects? Without those, the SWK video never would have taken off. Did the bullies have anything to do with that bit? Did they promote the SWK video to others at the school? Did they push it to world-wide stardom, or set up any of the domains based on the video?
As I see it, this kid has had his life ruined bit-by-bit by millions of strangers. But the legal system can't exactly go collect a penny from everyone who contributed to making his life hell, as would perhaps be the ideal solution. I don't understand though why the bullies are on the hook for any of the effects after the SWK video became a self-sustaining phenomenon.
Of course, we don't know the settlement amount either.
After seeing your comment, I tried to look and got nothing. A blank page. It would appear that slashdot has crippled at least part of the squatter's domain parking service. (http://landing.domainsponsor.com/index.mas?epl=XV cGBX8MXVAuXg4KVgBIUA5ZQF8GTV4VXFpTXh5QXghUXQxWWAhW CQ9VDRNIABJAT1cJWkVUaAgFCAw, if you're curious)
Note that there seems to be some javascript on that page that would try to reset your home page when you close the page, but it appears to have been deliberately disabled.
This perl script. (Or google for "wherehot.pl")
It's a relatively simple script I wrote a while back to filter hprof textual output. It tells you things like "which of the code inside com.foo.* is being slow"? And "which of the code inside com.foo.* is causing StringBufffer.expandCapacity to be invoked, and thereby being slow?".
A further enhancement of it (that I haven't posted yet, sorry) changes the output format to look something like a java stack trace, which means you can take the output of that script, copy and paste it into eclipse's Java Stack Trace console, and be able to click on the lines identified as being slow.
We've found it to be a nice complement to graphical tools that let you visualize what bits are slow, like HPJmeter.
Anyone ever get the idea that in college a humanities major stole Mr. Graham's girlfriend, or distro requirements forced him to take some unimagineably boring course, or gangs of roving English professors critiqued his lunch?
I mean, I have occasionally seen decent criticisms of academic trends in the humanities (Google "Sokal"), but that's not what I'm talking about. Every chance he gets, Paul Graham stops to take a piss on French literature, or literary analysis, or even novel writing. I'll note that he doesn't stop to do this with other academic endeavors far away from his chosen field, such as classics (Greek and Latin), religious studies, psychology, or history. It's never too protracted, but I get the feeling that there's great resentment buried there.
Note that he doesn't aim the same level of contempt at grad. school, which, if it treated him as it does most CS people who leave without a Ph.D., probably deserves some. This leads me to think that it's more than a matter of denigrating something he found himself unsuccessful at.
Literature of all stripes seems to occupy a special place of disregard is these essays of his.
The word from my Unisys contacts is that there has recently been a push from on high that all technical staff should start "learning more about Open Source technologies." Yes, the directive really is that vague.
That being said, in many respects the company has committed itself hard to Microsoft technologies internally. Outlook/Exchange is the one and only email client and email server, Microsoft IM through Exchange is the only IM client, etc.
But the "we have the way out" campaign is quietly realized inside the company as a mistake, and you won't find anyone internally these days who admits to being associated with it.
This is now getting rather far-afield from the original, since all other evidence points to MV being a very good GPL-abiding corporation. (I suspect, as do others, that some wires got crossed)
However, this is a frequently quoted misconception that I thought I'd stomp on, in the hopes that it doesn't get repeated. Like most widely circulated misconceptions, there's a kernel of almost-truth to it, but in its essence it's wrong.
What the GPL requires (section 3) is:
- that every binary be shipped with source, OR
- that every binary be shipped with a written offer to provide to any third party, not just those who have a copy of the binary, or only to those who are original customers of the company, the source for a cost no greater than the cost of creating the physical copy of the source
Since we're talking about commercial distribution, I'm ignoring section 3(c).What this means is that either you give every customer a copy of the (GPL-ed portion of the) source with every binary, or you give the GPL-ed part of the source code to anyone who asks and coughs up the cost of doing the physical duplication. (for at least three years after shipping the binary) None of this "we'll let you have the source for the cost of the disks + S/H, but only if you're our customer" stuff.
Really, people, the GPL isn't that long, nor is it anywhere near as lawyerly as many software licenses. There's no excuse for holding forth on it and having not read it.
The article said that price swapping had been around before, not barcode swapping.
Price swapping is what happens with those places that don't scan the items, but rely on those stupid little rectangle-with-bulges shaped stickers with the price printed on them, and then on clerks punching in the actual prices.
You know, the kind of stickers that either stick so completely to the item that you can't get them off without acetone, or fall off when you look at them funny, depending on how the pricing gun was feeling that day.
Anyway, price swapping is the age-old practice of taking one of the cheap stickers that didn't stick to a low-priced item, and finding a higher priced item that the sticker also only stuck loosely to, and making the swap. Places like the Goodwill and other stores that have highly irregular inventory (e.g. second-hand stores, and some discount-mall stores) will often have to use the individual price sticker per item, and are frequently hit by this problem. (especially if the store is the type that normally puts one price sticker on top of another when marking something down so that it'll sell)
I fail to see what this has to do with anything. You claimed that copyright gives authors exclusive rights to prepare derivative works, and that this precedent changes things.
I asserted that the right to preparing derivative works is not as absolutely exclusive with regards to software programs as you might think, and cite the Sect. 117(a)(1) exemption that's applied in this case.
You respond by saying that the GPL does not establish additional restrictions on recipients of GPL programs beyond what copyright requires. Okay - but that has nothing to do with my post.
Your claim that this precedent changes things is bogus. It may open your eyes to Sect. 117(a)(1), but the court didn't make that law; it was already on the books.
It appears that you were arguing that the GPL could be stronger, and not allow private modifications, if this precedent were not there, and that therefore this precedent weakens the potential strength of the GPL or something similar to the GPL. However, this precedent isn't what allows limited creation of derivative works provided "that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner" - the Copyright Act already allows that explicitly.
This precedent changes nothing fundamental, and only barely touches the boundary of what constitutes "an essential step in the utilization" of a program - the court looked to the case Aymes v. Bonelli (decided in 1992) to determine where the boundaries were, and this case fit within them.
There was nothing really noteworthy about this opinion, unless you count it noteworthy that pre-existing precedent was followed.