You're actually a bit off in your timeline, in that 'average' is really a poor [misleading] statistic to use for this. The data is extremely bimodal. For phishing sites hosted by ISPs in the U.S. that are reported on a weekday other than Friday during business hours and/or name-based attacks (registering a domain that looks like a legitimate domain), the average turnaround is around 40 hours. For phishing sites first reported and/or launched on a Friday afternoon, and hosted in China, Singapore, or certain other countries, and/or name-based attacks with domains registered through small, sometimes less-than-responsive registrars, you can easily be talking five days or more.
With that said, if you are proactive and/or are paying people to watch out for your corporate identity, you may be able to spot phishing attacks on the 30-minute timeframe. The difference in being able to respond in 30 minutes by calling MS and having them add a site to a blacklist is significant when compared to waiting 2-5 days. You are essentially reducing the survivability of sites with respect to a very large number of users by orders of magnitude.
And yes, Microsoft will have a staff of people (they wouldn't tell me exactly how many) that are monitoring this blacklist. They also have a set of heuristics that they use, but I think the blacklist may be the most effective. Remember, for a company the size of Microsoft, hiring (as you estimate) about 12 people (who do not need to be extremely savvy, and can therefore be minimally paid) is not at all infeasible.
I've seen a number of posts about encryption being the problem. It's not. Yes, it is possible to crack some older algorithms with distributed botnets, yes, self-signed certificates pose a problem, but no, these are not the real problems. The real problems facing users (by this I mean the problems causing financial damage to consumers and companies) come from attacking the user and his/her environment, not attacking the encryption. When was the last time you saw someone brute-forcing the decryption of a session, with the purpose of obtaining the user's information? This makes great stuff for movies where we're tyring to crack into an Evil Foreign Government or an ultra-sophisticated criminal, but in real life this is not the threat.
The threats that browsers need to address is the fact that their *users* and their user's *environments* are being attacked. Phishing attacks don't target weak encryption protocols. Heck, most don't even bother setting up an SSL-enabled phishing site, because people don't look for encrypted sessions in general. Phishing attacks target the user by attempting to fool the person into believing that they are at the actual site. Ask yourself - would your mother know that chase-online-banking.com is not the real address for Chase's online system? (Phishing trends show that phishers are increasingly using name-based attacks, as opposed to an IP-based URL).
As for attacking the environment, keyloggers and malware in general are exploding in popularity. Again, this is not a problem with the encryption protocols used for securing sessions, rather it's the user's environment being attacked. One must remember that browsers don't run in a vacuum - they have a user and an environment. Using 256-bit AES encryption is great, nifty, and cool, but if my mother's computer has a keylogger installed and I decide to do some e-banking while visiting for the holidays, well then I've got a problem.
People need to re-evaluate security in the context of which these applications are run, and stop thinking that simply increasing keylength or swapping cipher algorithms will solve the problem. It won't. Our problem is that security isn't usable, it isn't intuitave, and untill we make it so we will continue to have these problems.
Considering that Thursday is a holiday in the US (Thanksgiving), you might actually have a bit longer than that to play around. (Or a bit less if MS releases on Wed. instead of Thu.)
TFA is flawed and inconsistent with its own citations. RFID chips in passports can not be read from a distance of 69 feet. If one reads TFA, it links to a Washington Post blog about RFID tags being read from 69 feet at Defcon. If you actually follow the link and read the story, however, you see:
Los Angeles-based Flexilis set the world record for transmitting data to and from a "passive" radio frequency identification (RFID) card -- covering a distance of more than 69 feet. (Active RFID -- the kind being integrated into foreign passports, for example -- differs from passive RFID in that it emits its own magnetic signal and can only be detected from a much shorter distance.)
The author is misrepresenting articles that he cites! wtf?
Because the fifth amendment (to the U.S. Constitution) protects American citizens from that. You cannot be forced to incriminate yourself. (This is not the case in the UK, however, where police can force you to turn over keys.)
Assuming this is true (which I find really depressing): On modern versions of Windows (2K/XP Pro) you can enable encryption in the NTFS filesystem. Since I don't run Windows I'm not sure of the specifics (keylengths etc), but I wonder if this would also be too much for departments to handle. Then again, maybe I really don't want to know...
That would actually be a good thing. The whole point is that this is a "hard" AI problem (And I use "hard" in the AI sense of the word, which is much stricter than the english meaning of "hard"). If the problem is solved, it would be a huge advance for artificial intelligence.
Actually, yes. The whole motivation from this came from the same person who invented the CAPTCHA, and was explained in his thesis defense on Wednesday. Abstract for those who care:
Subject: Thesis Oral - Luis von Ahn
November 2, 2005 Luis von Ahn 12:00 PM, 3305 Newell-Simon Hall Thesis Oral Title: Human Computation
Abstract:
Tasks like image recognition are trivial for humans, but continue to challenge even the most sophisticated computer programs. This thesis introduces a paradigm for utilizing human processing power to solve problems that computers cannot yet solve. Traditional approaches to solving such problems focus on improving software. I advocate a novel approach: constructively channel human brainpower using computer games. For example, the ESP Game, introduced in this thesis, is an enjoyable online game -- many people play over 40 hours a week -- and when people play, they help label images on the Web with descriptive keywords. These keywords can be used to significantly improve the accuracy of image search. People play the game not because they want to help, but because they enjoy it.
I introduce three other examples of games with a purpose: Peekaboom, which helps determine the location of objects in images, Phetch, which collects paragraph descriptions of arbitrary images to help accessibility of the Web, and Verbosity, which collects common-sense knowledge. I also show that, in principle, every problem that could be solved by a computer, today or in the future, could be solved using enjoyable computer games.
In addition, I introduce CAPTCHAs, automated tests that humans can pass but computer programs cannot. CAPTCHAs take advantage of human processing power in order to differentiate humans from computers, an ability that has important applications in practice.
The results of this thesis are currently in use by hundreds of Web sites and companies around the world, and some of the games presented here have been played by over 100,000 people. Practical applications of this work include improvements in problems such as: image search, adult-content filtering, spam, common-sense reasoning, computer vision, accessibility, and security in general.
Thesis Committee: Manuel Blum, Chair Takeo Kanade Michael Reiter Josh Benaloh, Microsoft Research Jitendra Malik, University of California, Berkeley
I've read TFA, and I can't see anywhere where the rules prohibit entries from Japan etc. The only thing in the rules I can see that mentions geography is "These official rules will be void where any provision thereof would be found invalid by a court of competent jurisdiction. If you are a resident of such a jurisdiction, you may not participate in the Contest." and later, "...he/she is a resident of a jurisdiction where these official rules may be enforced in their entirety and without modification."
Nowhere does it specifically limit the contest to USA,CAN,EU that I can find - I'm wondering where the OP got this? Can anyone shed further light on the subject?
Just as an elaboration on the last sentence: The "type in words from images" is a specific type of captcha. A captcha is a hard AI problem, that a human can easily pass but that a computer cannot pass without solving a hard AI problem (which would be great for the field). It is not limited to character recognition, but is rather a class of hard AI problems in general.
A captcha (perhaps of a differnet form - dare to be creative) could be interesting, but it's already in use for posting when not logged in...
Original paper L. von Ahn and M. Blum and N. Hopper and J. Langford, "CAPTCHA: Using hard AI problems for security", Proceedings of Eurocrypt", pages 294-311, year 2003.
While I don't agree with the article's suggestions, I don't think your analogy holds. It's not like holding Ford liable for someone ramming a Taurus into a storefront, it's like holding Ford accountable if a defective steering column caused a Taurus to run into a storefront.
I will admit that I have seen a lot of bad programmers and bad code over the past few years, but let's step back and think about this. Programming jobs are rapidly being sent overseas to India and China. This is not going to create much of an incentive to keep such jobs in the States, nor does it create much of an incentive for people to go into the field. Holding companies accountable, as suggested in the article, might be a slightly better solution, but again it's somewhat complicated when you start trying to hold an overseas company accountable. (It's more doable than holding an overseas individual accountable, but still not a simple task).
As for the article's last point about CMM environments: It's not at all an indication that software has been developed by quality developers, all it means is that the code was developed using a reasonable development framework. CMM level 3 means that you document your processes, and typically have peer review. Bad peers means peer review is worthless - it does not guarantee good programs. CMM Level 4 involves"quantitative quality goals" by which productivity, quality and performance are to be measured. This is a bit better, but again it's a matter of where the bar is set. CMM Level 5 is about continual improvement, and is extremely strict. I think that CMM Level 5 is the only environment where one can actually be assured of reasonable quality code. I've seen way too much bad code come out of CMM-3 and -4 environments to give them much credit. If you've got great people, then a CMM-3 environment typically produces great results. For -3 and -4, what you put in is what you get out - not guaranteed greatness.
Can you imagine how greatly this would help international phishing schemes? Say that someone manages to register paypal.com.ro. I go to Romania for the weekend, and being a naïve Internet user, simply go to http://www.paypal.com./ I'm in romania so I get sent to http://www.paypal.com.ro/ which is some third party fool. That would not be good.
It was found unconstitutional, but not because the wording for what it blocked was vague. It was found unconstitutional because current filters (NetNanny etc) are rather lacking, have too many false positives, and would therefore filter out legitimate pages. And apparently school libraries are still covered under the CIPA provisions.
Regardless of whether one agrees with the banning of sales to minors or not, I think it is somewhat one-sided to only look at the relatively clear alcohol laws. Looking at the Children's Internet Protection Act, for example, reveals that such vague terminology is not unique to this act. CIPA includes language such as the following:
(2) HARMFUL TO MINORS.--The term ``harmful to minors'' means any picture, image, graphic imagefile, or other visual depiction that-- (A) taken as a whole and with respect to minors, appeals to a prurient interest in nudity, sex,or excretion; (B) depicts, describes, or represents, in a patently offensive way with respect to what is suitable for minors, an actual or simulated sexual act or sexual contact, actual or simulated normal or perverted sexual acts, or a lewd exhibition of the genitals; and (C) taken as a whole, lacks serious literary, artistic, political, or scientific value as to minors.
What is "political value as to minors"? Minors lack the right to vote, so political value to me is quite unclear. What is scientific value? Is breast cancer research of scientific value as to a minor, who is unlikely to contract such disease at a minor age? While slightly clearer than the California act, I think CIPA is a good example of the fact that laws protecting minors are often ambiguous, and that this is not groundbreaking legislation in terms of lack of clarity. Are we to say that all legislation must be binary? You're 21 or you're not? If so, we need to re-write a significant portion of our laws in the US.
This story has been covered on/. at least three times, as noted in the post itself. There are really no new solutions offered here. Comments in the previous post have revolved around setting up alternate root notes for each country which may result in conflicts or fracturing, setting the root nodes to point to some authoritative German node for.de, Japanese node for.jp etc, but this still allows the controller of the root to start 'war'... where are the solutions? I don't see any coming down the pipe - this seems to be the political equivalent of an 'NP-hard' problem, and until someone proves otherwise with a feasible solution, can't we stop re-hashing old news? (Granted, there were a few more ideas offered in the comments to previous posts, but none of them really seem to solve the fundamental issue of decentralized control while maintaining a single Internet that uses DNS.)
I realize that the parent post is a joke, but for those who do not / did not know about the Evil Bit proposal, and may be infuriated that such a seemingly idiotic proposal is out there: Please note that the proposal date is 1 April (April Fool's). Don't get all uptight about the linked to 'Evil Bit RFC', it too is a +1 Funny type thing.
I disagree with your reasoning for recommending against PHP. With the release of PHP5, I think it to be far from "painful". PHP finally has useable object support, and you can actually do OOP now. (Granted, it's not like C++ object support, but for most applications of PHP that's not really necessary, IMHO.) PHP also simplifies many of the common tasks like opening and reading from files, handling form data, and creating database connections. (The OCI functions of PHP are much simpler than the true C OCI, for example. The MySQLi interface is also quite simplified.)
I would say that the real reason to avoid PHP as a first language is that it's too easy to just ditch good programming style. When you can just break out of code (?> some non php ?php resume code...) it reminds me of a goto gone bad. Granted, for an embedded scripting language this has legitimate purpose, but for a beginner it can lead to awful code. I think a structured, typed language is a much better choice for a first language. If you learn C/C++, you can easily pick up PHP (just try the C function name and it's probably the name of the PHP function). If you learn PHP, that does not imply you will be able to pick up C++ right away.
I would say that PHP is not a good choice for a first language, but not for the reasons the parent poster gave. Then again, my first language was COBOL, so what do I know? ^-^.
I've heard a lot of technical solutions, some of them very creative. Is this really necessary though? Why not just put a little sign on the tables saying "Please limit time to X minutes when the shop is crowded, customer use only." and ask people who break the rules to kindly leave?
The most technical solution is not always the best solution.
According to the article, "The Patent Statement applies to Nokia's patents infringed by current official releases of the Linux Kernel..."
I'm personally wondering which patents they claim were being infringed upon. Are there legitimate patent concerns, or is this Nokia trying to position themselves for something else? Neither the liked article or the press release (http://www.nokia.com/iprstatements) mention any specific patents.
I wonder what exactly will be taught in IBM's ideal, new program. According to the story, "The companies' training will help teach students skills for Linux as well as IBM software and servers." What training for IBM software and servers is appropriate for a University program? For an IT-certification, training on specific IBM programs may be appropriate, but for a true computer science degree, I should think a familiarity with *nix and the ability to learn a new OS would be much better than specific training on "IBM software and servers".
The nice thing about the "roomba" is that you really can't vacuum too much. Going over the same spot five times (which mine certainly does) doesn't really hurt when you're vacuuming. Going over the same spot five times with soapy water, however, is not necessarily the best idea. You might get excess water deposits if the device crosses its path too often, leading to splotches or worse yet actual water damage.
I think I will stick to washing my hardwood floors (and drying them) by hand, for the forseeable future.
The sad part is that I have no doubt another company will be pushing "HDTV-cellular" within a year. 1080i on a 96x96px screen anyone?
Seriously, I've no intention of watching TV on my phone, but is this going to turn into a format war? 1080i vs 720p is bad enough, but now will we get competing standards like 96p, 240i, etc, for all the various models?
You really only get one side from this story. I'm no fan at censorships at University, but the guy was really asking for it. After being told repeatedly by his administration that this was a no-go (and we don't have the full story on why this was a no-go) he did it anyways. It's insubordination, more than anything else. If he had worked in less confrontational manner, who knows what he might have been able to acheive.
Slashdot Mirror
You're actually a bit off in your timeline, in that 'average' is really a poor [misleading] statistic to use for this. The data is extremely bimodal. For phishing sites hosted by ISPs in the U.S. that are reported on a weekday other than Friday during business hours and/or name-based attacks (registering a domain that looks like a legitimate domain), the average turnaround is around 40 hours. For phishing sites first reported and/or launched on a Friday afternoon, and hosted in China, Singapore, or certain other countries, and/or name-based attacks with domains registered through small, sometimes less-than-responsive registrars, you can easily be talking five days or more.
With that said, if you are proactive and/or are paying people to watch out for your corporate identity, you may be able to spot phishing attacks on the 30-minute timeframe. The difference in being able to respond in 30 minutes by calling MS and having them add a site to a blacklist is significant when compared to waiting 2-5 days. You are essentially reducing the survivability of sites with respect to a very large number of users by orders of magnitude.
And yes, Microsoft will have a staff of people (they wouldn't tell me exactly how many) that are monitoring this blacklist. They also have a set of heuristics that they use, but I think the blacklist may be the most effective. Remember, for a company the size of Microsoft, hiring (as you estimate) about 12 people (who do not need to be extremely savvy, and can therefore be minimally paid) is not at all infeasible.
I've seen a number of posts about encryption being the problem. It's not. Yes, it is possible to crack some older algorithms with distributed botnets, yes, self-signed certificates pose a problem, but no, these are not the real problems. The real problems facing users (by this I mean the problems causing financial damage to consumers and companies) come from attacking the user and his/her environment, not attacking the encryption. When was the last time you saw someone brute-forcing the decryption of a session, with the purpose of obtaining the user's information? This makes great stuff for movies where we're tyring to crack into an Evil Foreign Government or an ultra-sophisticated criminal, but in real life this is not the threat.
The threats that browsers need to address is the fact that their *users* and their user's *environments* are being attacked. Phishing attacks don't target weak encryption protocols. Heck, most don't even bother setting up an SSL-enabled phishing site, because people don't look for encrypted sessions in general. Phishing attacks target the user by attempting to fool the person into believing that they are at the actual site. Ask yourself - would your mother know that chase-online-banking.com is not the real address for Chase's online system? (Phishing trends show that phishers are increasingly using name-based attacks, as opposed to an IP-based URL).
As for attacking the environment, keyloggers and malware in general are exploding in popularity. Again, this is not a problem with the encryption protocols used for securing sessions, rather it's the user's environment being attacked. One must remember that browsers don't run in a vacuum - they have a user and an environment. Using 256-bit AES encryption is great, nifty, and cool, but if my mother's computer has a keylogger installed and I decide to do some e-banking while visiting for the holidays, well then I've got a problem.
People need to re-evaluate security in the context of which these applications are run, and stop thinking that simply increasing keylength or swapping cipher algorithms will solve the problem. It won't. Our problem is that security isn't usable, it isn't intuitave, and untill we make it so we will continue to have these problems.
Considering that Thursday is a holiday in the US (Thanksgiving), you might actually have a bit longer than that to play around. (Or a bit less if MS releases on Wed. instead of Thu.)
Because the fifth amendment (to the U.S. Constitution) protects American citizens from that. You cannot be forced to incriminate yourself. (This is not the case in the UK, however, where police can force you to turn over keys.)
Assuming this is true (which I find really depressing): On modern versions of Windows (2K/XP Pro) you can enable encryption in the NTFS filesystem. Since I don't run Windows I'm not sure of the specifics (keylengths etc), but I wonder if this would also be too much for departments to handle. Then again, maybe I really don't want to know...
That would actually be a good thing. The whole point is that this is a "hard" AI problem (And I use "hard" in the AI sense of the word, which is much stricter than the english meaning of "hard"). If the problem is solved, it would be a huge advance for artificial intelligence.
Actually, yes. The whole motivation from this came from the same person who invented the CAPTCHA, and was explained in his thesis defense on Wednesday. Abstract for those who care:
Subject: Thesis Oral - Luis von Ahn
November 2, 2005
Luis von Ahn
12:00 PM, 3305 Newell-Simon Hall
Thesis Oral
Title: Human Computation
Abstract:
Tasks like image recognition are trivial for humans, but continue to
challenge even the most sophisticated computer programs. This thesis
introduces a paradigm for utilizing human processing power to solve
problems that computers cannot yet solve. Traditional approaches to
solving such problems focus on improving software. I advocate a novel
approach: constructively channel human brainpower using computer games.
For example, the ESP Game, introduced in this thesis, is an enjoyable
online game -- many people play over 40 hours a week -- and when people
play, they help label images on the Web with descriptive keywords. These
keywords can be used to significantly improve the accuracy of image
search. People play the game not because they want to help, but because
they enjoy it.
I introduce three other examples of games with a purpose: Peekaboom,
which helps determine the location of objects in images, Phetch, which
collects paragraph descriptions of arbitrary images to help
accessibility of the Web, and Verbosity, which collects common-sense
knowledge. I also show that, in principle, every problem that could be
solved by a computer, today or in the future, could be solved using
enjoyable computer games.
In addition, I introduce CAPTCHAs, automated tests that humans can pass
but computer programs cannot. CAPTCHAs take advantage of human
processing power in order to differentiate humans from computers, an
ability that has important applications in practice.
The results of this thesis are currently in use by hundreds of Web sites
and companies around the world, and some of the games presented here
have been played by over 100,000 people. Practical applications of this
work include improvements in problems such as: image search,
adult-content filtering, spam, common-sense reasoning, computer vision,
accessibility, and security in general.
Thesis Committee:
Manuel Blum, Chair
Takeo Kanade
Michael Reiter
Josh Benaloh, Microsoft Research
Jitendra Malik, University of California, Berkeley
Interesting - it's in the "Contest Rules", but not in the "Official Contest Rules". That's most odd in my book.
I've read TFA, and I can't see anywhere where the rules prohibit entries from Japan etc. The only thing in the rules I can see that mentions geography is "These official rules will be void where any provision thereof would be found invalid by a court of competent jurisdiction. If you are a resident of such a jurisdiction, you may not participate in the Contest." and later, "...he/she is a resident of a jurisdiction where these official rules may be enforced in their entirety and without modification."
Nowhere does it specifically limit the contest to USA,CAN,EU that I can find - I'm wondering where the OP got this? Can anyone shed further light on the subject?
Just as an elaboration on the last sentence: The "type in words from images" is a specific type of captcha. A captcha is a hard AI problem, that a human can easily pass but that a computer cannot pass without solving a hard AI problem (which would be great for the field). It is not limited to character recognition, but is rather a class of hard AI problems in general.
A captcha (perhaps of a differnet form - dare to be creative) could be interesting, but it's already in use for posting when not logged in...
Original paper
L. von Ahn and M. Blum and N. Hopper and J. Langford, "CAPTCHA: Using hard AI problems for security", Proceedings of Eurocrypt", pages 294-311, year 2003.
While I don't agree with the article's suggestions, I don't think your analogy holds. It's not like holding Ford liable for someone ramming a Taurus into a storefront, it's like holding Ford accountable if a defective steering column caused a Taurus to run into a storefront.
I will admit that I have seen a lot of bad programmers and bad code over the past few years, but let's step back and think about this. Programming jobs are rapidly being sent overseas to India and China. This is not going to create much of an incentive to keep such jobs in the States, nor does it create much of an incentive for people to go into the field. Holding companies accountable, as suggested in the article, might be a slightly better solution, but again it's somewhat complicated when you start trying to hold an overseas company accountable. (It's more doable than holding an overseas individual accountable, but still not a simple task).
As for the article's last point about CMM environments: It's not at all an indication that software has been developed by quality developers, all it means is that the code was developed using a reasonable development framework. CMM level 3 means that you document your processes, and typically have peer review. Bad peers means peer review is worthless - it does not guarantee good programs. CMM Level 4 involves"quantitative quality goals" by which productivity, quality and performance are to be measured. This is a bit better, but again it's a matter of where the bar is set. CMM Level 5 is about continual improvement, and is extremely strict. I think that CMM Level 5 is the only environment where one can actually be assured of reasonable quality code. I've seen way too much bad code come out of CMM-3 and -4 environments to give them much credit. If you've got great people, then a CMM-3 environment typically produces great results. For -3 and -4, what you put in is what you get out - not guaranteed greatness.
Can you imagine how greatly this would help international phishing schemes? Say that someone manages to register paypal.com.ro. I go to Romania for the weekend, and being a naïve Internet user, simply go to http://www.paypal.com./ I'm in romania so I get sent to http://www.paypal.com.ro/ which is some third party fool. That would not be good.
It was found unconstitutional, but not because the wording for what it blocked was vague. It was found unconstitutional because current filters (NetNanny etc) are rather lacking, have too many false positives, and would therefore filter out legitimate pages. And apparently school libraries are still covered under the CIPA provisions.
Regardless of whether one agrees with the banning of sales to minors or not, I think it is somewhat one-sided to only look at the relatively clear alcohol laws. Looking at the Children's Internet Protection Act, for example, reveals that such vague terminology is not unique to this act. CIPA includes language such as the following:
(2) HARMFUL TO MINORS.--The term ``harmful to minors'' means any picture, image, graphic imagefile, or other visual depiction that--
(A) taken as a whole and with respect to minors, appeals to a prurient interest in nudity, sex,or excretion;
(B) depicts, describes, or represents, in a patently offensive way with respect to what is suitable for minors, an actual or simulated sexual act or sexual contact, actual or simulated normal or perverted sexual acts, or a lewd exhibition of the genitals; and
(C) taken as a whole, lacks serious literary, artistic, political, or scientific value as to minors.
What is "political value as to minors"? Minors lack the right to vote, so political value to me is quite unclear. What is scientific value? Is breast cancer research of scientific value as to a minor, who is unlikely to contract such disease at a minor age? While slightly clearer than the California act, I think CIPA is a good example of the fact that laws protecting minors are often ambiguous, and that this is not groundbreaking legislation in terms of lack of clarity. Are we to say that all legislation must be binary? You're 21 or you're not? If so, we need to re-write a significant portion of our laws in the US.
This story has been covered on /. at least three times, as noted in the post itself. There are really no new solutions offered here. Comments in the previous post have revolved around setting up alternate root notes for each country which may result in conflicts or fracturing, setting the root nodes to point to some authoritative German node for .de, Japanese node for .jp etc, but this still allows the controller of the root to start 'war'... where are the solutions? I don't see any coming down the pipe - this seems to be the political equivalent of an 'NP-hard' problem, and until someone proves otherwise with a feasible solution, can't we stop re-hashing old news? (Granted, there were a few more ideas offered in the comments to previous posts, but none of them really seem to solve the fundamental issue of decentralized control while maintaining a single Internet that uses DNS.)
I realize that the parent post is a joke, but for those who do not / did not know about the Evil Bit proposal, and may be infuriated that such a seemingly idiotic proposal is out there: Please note that the proposal date is 1 April (April Fool's). Don't get all uptight about the linked to 'Evil Bit RFC', it too is a +1 Funny type thing.
I disagree with your reasoning for recommending against PHP. With the release of PHP5, I think it to be far from "painful". PHP finally has useable object support, and you can actually do OOP now. (Granted, it's not like C++ object support, but for most applications of PHP that's not really necessary, IMHO.) PHP also simplifies many of the common tasks like opening and reading from files, handling form data, and creating database connections. (The OCI functions of PHP are much simpler than the true C OCI, for example. The MySQLi interface is also quite simplified.)
I would say that the real reason to avoid PHP as a first language is that it's too easy to just ditch good programming style. When you can just break out of code (?> some non php ?php resume code...) it reminds me of a goto gone bad. Granted, for an embedded scripting language this has legitimate purpose, but for a beginner it can lead to awful code. I think a structured, typed language is a much better choice for a first language. If you learn C/C++, you can easily pick up PHP (just try the C function name and it's probably the name of the PHP function). If you learn PHP, that does not imply you will be able to pick up C++ right away.
I would say that PHP is not a good choice for a first language, but not for the reasons the parent poster gave. Then again, my first language was COBOL, so what do I know? ^-^.
I've heard a lot of technical solutions, some of them very creative. Is this really necessary though? Why not just put a little sign on the tables saying "Please limit time to X minutes when the shop is crowded, customer use only." and ask people who break the rules to kindly leave?
The most technical solution is not always the best solution.
According to the article, "The Patent Statement applies to Nokia's patents infringed by current official releases of the Linux Kernel..."
I'm personally wondering which patents they claim were being infringed upon. Are there legitimate patent concerns, or is this Nokia trying to position themselves for something else? Neither the liked article or the press release (http://www.nokia.com/iprstatements) mention any specific patents.
I wonder what exactly will be taught in IBM's ideal, new program. According to the story, "The companies' training will help teach students skills for Linux as well as IBM software and servers." What training for IBM software and servers is appropriate for a University program? For an IT-certification, training on specific IBM programs may be appropriate, but for a true computer science degree, I should think a familiarity with *nix and the ability to learn a new OS would be much better than specific training on "IBM software and servers".
The nice thing about the "roomba" is that you really can't vacuum too much. Going over the same spot five times (which mine certainly does) doesn't really hurt when you're vacuuming. Going over the same spot five times with soapy water, however, is not necessarily the best idea. You might get excess water deposits if the device crosses its path too often, leading to splotches or worse yet actual water damage.
I think I will stick to washing my hardwood floors (and drying them) by hand, for the forseeable future.
The sad part is that I have no doubt another company will be pushing "HDTV-cellular" within a year. 1080i on a 96x96px screen anyone?
Seriously, I've no intention of watching TV on my phone, but is this going to turn into a format war? 1080i vs 720p is bad enough, but now will we get competing standards like 96p, 240i, etc, for all the various models?
You really only get one side from this story. I'm no fan at censorships at University, but the guy was really asking for it. After being told repeatedly by his administration that this was a no-go (and we don't have the full story on why this was a no-go) he did it anyways. It's insubordination, more than anything else. If he had worked in less confrontational manner, who knows what he might have been able to acheive.