While State elections do affect the Federal Govt., the election laws themselves are State laws. The court's position that Florida's partial recount violated the Fourteenth Amendment's Equal Protection clause was laughable, and they went so far as to say that the interpretation they used shouldn't be considered again... They also misrepresented Florida Law with the made up 'December 12' deadline, where the typpical reading of the State constitution indicates that January 6 was the drop-dead date under the Florida election scheme. The state's electors have the option under federal law to meet by December 12 in order to escape the technical threat of challenge by members of Congress, but this is not a drop dead date nor required.
I would recommend reading some of the legal analyses of the Court's decision, and taking a look at the turgid juggling they had to do in the dicision itself. The fact that they stated that this decision should not be considered in any future cases alone should make it clear that they knew they were completely hypocritical in their decision. They were motivated by politics and not an unbiased effort at interpreting the law.
My response was more an attempt at a correction of a very biased one sided view than cheerleading for either side. FWIW I am an independent. I voted for Gore not because I liked him at all, but because Bush was lying his ass off far more than Gore, he was an incredibly bad speaker, a worse governor (I live in Texas), and I hated his saber rattling about 'taking care of Saddam' in the primaries - I really didn't want to see us lay a punch into the Tar Baby that is the Middle East, and in my analysis was the greater of two hypocrites.
I wholly agree that the Florida Supremes were pushing things in favor of their politics. That said, the Supremes had no business taking the case, and showed they had as little integrity as the Fla. Supremes by doing so. Thanks to Scalia, I have now lost all respect for every branch of our government. This was a question of interpretation of state law, the Florida Supremes were interpreting it in a way that appeared beneficial to the Dems. and the SCOTUS stepped in to fix a problem they had no business touching. This was not a Federal issue, nor was it appropriate for them to step in, even if they felt they were righting a wrong by violating standards. It is especially hypocritical since the same conservative judges who stepped in here are prone to harping on State's Rights and the problem of the Judiciary stepping in to right percieved wrongs where it has no jurisdiction to do so.
Folrida's electoral mandate was for the vote count to 'express the will of the voters' and it was pretty clear that both parties were only really interested in expressing the will of their particular voters, and both tried to play tricks to get the other guy's votes ignored. The Repubs were much more successful since they had Harris and Diebold on their side (the recently released internal Diebold mails really make it look like Gore would have won handily in a fair election). The briefings that both the Republicans and the Democrats released for their respective vote counters showed how corrupt both parties are, as both were working to try to disenfranchise voters seen as not likely to have voted for them.
I am still an independent since both parties suck, and neither represents my views (nor do Libertarians, Peace & Freedom, Greens, etc.). I vote for Dems. more than Repubs these days because the Repubs have managed to prove they have even less integrity than the Dems.
Paul Wellstone, Mel Carnahan, Dan Rocco, and John O'Neill. The last is a stretch of course, but he wouldn't have been there would it not have been for Bush. If you want to see a list of mysterious deaths with about as much veracity as the lame Vince Foster story looke here: http://www.bushbodycount.com/voices/thelist .php Bring a block of salt.
I still am weirded out by the Vince Foster story. He was on the top of the list of people Republican Washington insiders would have wanted to see dead. He was the leading Dem. expert on Iran Contra. He had more shit on Bush than anyone. And somehow it gets pinned on Clinton just because he was depressed and disillusioned to see that Cliton was also corrupt - though Foster stated that Clinton was nowhere near as corrupt as Bush senior.
With regards to your other points, on point B, we agree, there is corruption. You glossed the most significant fact that the Supremes are stacked with connservatives, since it doesn't fit with your prejudices.
On point C you are misinformed or lying. Absentee ballots recieved with no postmarks were not supposed to be caounted according to the Florida election guidelines, wherever they came from.
On point D, I think it is really funny that you would compare the Dems to the late Soviet Union. The current administration and congress have aped Stalist language so many times now it is shocking. There are a lot of paralllels with their abuse of ideology to justify breaking rules and behaving unethically for a power grab. I am not saying that the Dems are not a corrupt bunch (they certainly are, and were worse in the past), but they pale compared to the current generation of Republican ideologues who will do anything for 'the party'.
>I don't recall people close to a Republican president finding themselves suicided.
But a suspicious number of opponents of Bush have died in mysterious plane crashes.
>I have not heard of a poll being kept open in Chicago to ensure a Republican President had sufficient electoral votes to be elected.
I guess having a Republican stacked Supreme Court make the calls in Florida doesn't count...
>In my home state of Arkansas, I've not heard of the Republicans filing a last minute law suit before a court to ensure that certain polling areas were kept open after they were supposed to be closed.
But the Republicans happily fought in the courts Florida to let absentee ballots with no postmarks counted, so long as they were submitted by the Military.
It is pretty obvious that both the Republicans and the Democrats are more than happy to break the rules if it helps them get power. But it is still shocking is how far the Republicans have willing to go lately.
Your point is a disanalogy. This is more like if Sequoia systems or some other competing voting systems company had broken into Diebold's systems, illegally accessed internal memos, and used them to gain un unfair competitive advenatage in the marketplace. And in that case the offending company would be treated with the scorn they would deserve.
I can't believe people are so blinded by their political ideologies that they are actually trying to excuse the shameful behavior these people were involved in...
In addition to the obvious google for 'hitler clinton', don't forget to do a few searches to 'Hitlary'. A quick search for 'Hitler' through NewsMax archives is educational, as well. Finally he might be interested in a quick trip to the Congressional record:
Rep. Helen Chenoweth-Hage (R-Idaho): "This president is engaging in the largest land grab since the invasion of Poland."
Rep. John Shadegg (R-Ariz.): "I would draw a parallel to Hitler, he eroded the will of the German people to resist evil."
Rep. Jay Dickey (R-Ark): "Just as people who read Hitler's 'Mein Kampf' and then later were surprised at the evils of the 3rd Reich [sic] we have the blueprint for what the White House plans to do: defeat me! This is because I not only dared to vote my conscience on the impeachment issue, but dared to do it after a publicly expressed threat that I would lose the election if I did. Are we going to let an astounding abuse of power go unanswered?"
So are you saying that since Clinton's administration was accused in a (barely coherent) NewsMax article of leaking information, that this deserves equal time on Slashdot to a current report that Republicans in the Capitol were hacking Democratic senator's systems and using the information illegally gained?
Or are you saying that since 'Clinton was corrupt too', that it is fine that Republicans in the Capitol were commiting federal crimes?
Or are you saying that Slashdot (a technology site) is biased for reporting on a report of high level computer hacking, while not posting a story about alleged leaks that did not involve computer hacking?
Your implicit point was not really clear, please elaborate.
There is no UI in ServerAdmin, but there is a GUI tool for MySQL management on OS X Server called 'MySQL Manager.' It is pretty limited in functionality, but it is there.
Note that all XServes ship with X Server, so the cost of the software is only if you are installing it on other hardware.
The features that make the software nicer than Linux (simple setup, integrated password management, easy to use/set up Kerberos, hand holding phone support, etc.) are aimed at a class of people who typically find that it is well worth the $500 they may have paid.
Those who are happy to spend the sea of time and effort reading the docs on configuring a completely integrated PAM/KDC/OpenLDAP/Samba/Apache setup on their choice of Free OS don't appear to be in that target market. IMHO, you can't really sell much in the way of software to people like that, anyway.
On the political front, Texas is a lock in for Bush, and there is no chance he will take California. OTOH, smacking Maryland and pumping some pork into the increasingly critical Florida both serve the agenda pretty well.
Re:With PHP5, why not use Perl?
on
Core PHP Programming
·
· Score: 2, Insightful
I am not a big fan of PHP, but there are good reasons why it has been successful where it is.
1) A lot of people like to have code tags embedded in their HTML. You can do this in Perl with Mason, or EmbedPerl, or what have you, but good luck getting cheap hosting where you have that set up.
2) Perl running through CGI has a lot of limitations, it is somewhat slow, you are limited in where you put scripts, etc. These are overcome by moving to mod_perl, but if you have a big server that is serving up a lot of domains as vhosts, which is what a lot of cheap hosting is about, they are not going to want to enable mod_perl, since every script will be sharing the same interpreter and this is not at all secure. I think I read that mod_perl 2 would help with the latter, but even if this is the case, since nobody runs Apache 2 it doesn't really matter.
So PHP makes it easy to inline code which a lot of people like, especially beginners, and fits well for current hosting limitations.
There also is the bad reason that there are a lot of crappy free CGIs out there, like the dreck on Matt's Scripts that are security nightmares so some admins have stomped on CGI access because of this. PHP has no advantage here, since there are plenty of PHP security nightmares out there, but the Perl ones have been around longer and been exploited longer, especially the evil 'formmail.pl'. Another PHP plus is that it is easier to sandbox off PHP for admins who have unknown users posting code on their servers.
Personally I feel sorry for people stuck using PHP. I use mod_perl, DBI, and HTML::Template, and a few other really great CPAN modules, and when I get stuck going back to PHP to do work I find the tools very inconsistent and limited compared to Perl, especially in database programming. But if I were to set up a 'cheap webspace' server I would not trust users with Perl unless I worked hard to cripple it, while I could adequately cripple PHP fairly quickly.
Re:Sends binary files as text/plain MIME type
on
2003: Year of Apache
·
· Score: 1
So it looks lke Apache passing unknown MIME types as text/plain is incorrect behavior. I still think it would be good if there were MIME types for certain common file types that are causing the pain:.wmv,.rar,.dmg, and other common file types that have been causing pain, but I believe I was incorrect in my initial position, and Apache should be handling unknown types more correctly.
Re:Sends binary files as text/plain MIME type
on
2003: Year of Apache
·
· Score: 2, Insightful
If there is a defined standard for handling unkown MIME, I am not aware of it. So what would you say is 'correct' behavior for a file with no registered MIME type?
RAR and Windows Media do not appear to actually have registered types AFAICT. I admit that sending unknown things as text/plain is a pain for users, but I think the solution is for all common file types to get registered as some MIME type, not to bitch at the webserver. Please feel free to correct me if you can find them here: http://www.iana.org/assignments/media-types /
IIS sends unknown stuff as application/octet-stream, but that seems screwy to me - why treat an unknown file as a binary appication? If has an extension but it is not '.exe' chances are the file is not 'application/octet-stream'.
BTW - changes to Mozilla to check the file content for unprintable characters hit the trunk recently so Mozilla and Gecko based browsres will handle text/plain files that are not compliant to the text/plain type, and download them instead of displaying them.
Re:Sadly, universities have the least free speech.
on
What You Can't Say
·
· Score: 1
I have spent a bit of time on campuses as a student and as a teacher. I am relatively conservative, as I am a theist, an absolutist (relativism is the worst ignorance IMO), I believe in studying the Great Books, and focusing on the Classics in the Canon, and think that many ethnic studies departments are dishonest and unhelpful towards a better education of any students. I have expressed my views on various campuses. I am not in jail. While some have labeled me, I am not so weak in an argument that I would let an opponent get away with it. Speaking from experience, you are completely full of it.
>Sadly, universities are becoming the places where free speech is the *least* tolerated.
Feh. As far as I can tell, there is more freedom of speech on campuses than anywhere else in the country. Just because the extremist right-wing views you hold are not popular among the well educated doesn't mean that you can't express them.
>Orwellian indoctrination classes and speech codes are the norm.
Feh. I suppose it is necessary for you to imagine that there are evil librul indoctrinating professors are brainwashing the youth to fit with your general paranoia, but reality doesn't support your views.
>Punishment for controversial speech is becoming more severe.
Perhaps, though besides a few odd anecdotes, I don't see a real trend. Where it is happening, it is a function of Political Correctness, a tool equally abused by both the left and the right.
>College newspapers exposing "dangerous" thoughts are being stolen or banned.
The only time I remember this happening was when Horowitz published a truly hateful and obnoxious ad in some school papers. Not a trend.
>Anyone who speaks up is labeled a "racist conservative Nazi facist".
People who express views on college campuses should expect people to disagree and use a variety of argumentation, some well though out, some poor. Kids are learning how to argue and apply critical thought in school, some are not good at it and throw around ad hominems and other weak logic. I am glad they are trying to think, even if they falter sometimes.
It almost appears that for Brian Ellenberg 'free speeh' means 'agrees with Brian Ellenberg's views, or at least doesn't argue with them.' Maybe you should drop by a school and see what it is like first hand. And if some kid sslaps a label on you, maybe you should work on learning how to correct this spurious form of argumentation instead of whining about it.
I agree that the privs on / suck. On X Server / is not group writable, but it is on the client OS. I understand why Apple did this, since they want it to feel like the old Mac OS, but it still sucks.
As for lookupd (that crazy authentication daemon), you might not like it, but you have not pointed out any problem other than that it is different. lookupd allows Mac OS X a lot of flexibility and simplicity in configuring the OS to work with various directories such as NetInfo, NIS, LDAP, Active Directory, et al., with sophisticated high level APIs, while still being compatible with getpw*(). I do not see this as weakening the system.
>The holes are no surprise.
No holes in OS X I am aware of reported so far have been related to weak privs on / or lookupd.
BBEdit is really really nice. Personally I hate emacs. I write a lot of Perl and HTML. I now spend my time bouncing between BBEdit and vim - BBEdit for local editing, vim for time when I am SSHed in somewhere remote. BBEdit is definitely far nicer to work with, though I find GUI text editor inherently superior. BBEdit has rectangular selection - I would hate to imagine how you would implement that in a non-GUI editor. BBEdit also has a lot of features where you might in theory be able to do the thing in another editor, but it is a pain. I always dread complex replacing in a selection of text based on a regex in vim. In BBEdit it is intuitive. And BBEdit has a lot of other features that vim does not have, or that vim/other editor has but it is such a pain in the ass to find or use that it may as well not have them. BBEdit is scriptable via any scripting language out there that runs on OS X - AppleScript, Perl, Python, sh, whatever. I have written custom Perl filters for it, they integrate seamlessly.
BBEdit makes a great HTML editor for those of us who prefer to do it by hand. The HTML debgging and validation in it are brilliant and outshine competitors on any platform. And its abilities for testing pages easily in multiple browsers has saved me a lot of aggravation.
Finally it makes a brilliant IDE for Perl - sure you can run scripts from an editor in vim and others, but BBEdit is better. I love having a Perl debugger where I can doubleclick on an error and have the offending line hilighted. It makes a good IDE for shell scripts too.
If you write code professionally that BBEdit excels at editing (HTML, Perl, etc.) then it is likely to be worth it. If not, you probably aren't going to be compelled to purchae a text editor, when there are decent (though inferior) free ones.
The thing is is that this particular thing is a 'feature' to some sites. So if Apple releases a 'security' update that turns it off, and they are breaking some customer's configurations, and large customers at that. Because of this, there is no obvious fix. To expect Apple to release a fix in a few weeks is ridiculous on your part, and on the part of the guy who submitted this.
BTW - even if you used DHCP all you would need to do is click a few checkboxes in Directory Access to protect yourself from this issue. If Apple wrote a knowledge base article recommending people turn off unneeded directory services, that would be an adequate vendor response as far as I am concerned.
Finally, this is not like a remote hole in a service that can be exploited by any script kiddie out there on the internet. This is a hole that can only be exploited by an attacker on the same subnet as the victim, requires that the attacker be running a DHCP server that wins in a race condition against a legitimate DHCP server, and requires the victim reboot while the attacker is up on the network. Since rogue DHCP server are usually investigated pretty quickly, this is not a trivial set of conditions.
It is still theoretically exploitable, and I would recommend to all to go into Directory Access and disable any directory services they are not using (I always do), but it is not as dire a security risk as something like a root exploit in a remote service enabled by default, and people treating it like that need to think more clearly.
Static automounts from directory services (which are what you need to exploit this) only get mounted at boot, if if certain directory services related processes get restarted that never get restarted in a normal setup, so you really need to boot a machine in a hostile environment for this to affect you. Dynamic automounts will get mouted at each login, but will not be mounted in a dangerous way.
You can just go into Directory Access and uncheck LDAP and NetInfo to be immune to the issue even if you use DHCP. I always do this. While this guy thinks he is early in reporting this bug, rogue NetInfo servers are not a new thing (though rogue LDAP servers would be more recent). There used to be an article in NextAnswers from the late 80s about how to track them down. I always customized these settings when I first get a OS X system to avoid this very thing.
You do not sound like you use Sun hardware. Rewriting an IP stack for greater scalability, and implementing a better trace are certainly useful to the market Sun is aiming at.
DTrace, provided it is well implemented, should be very useful for debugging the sorts of problems that one runs into in many enterprise settings, and I assume that folks who develop for Solaris, and the support folks at Sun are more pleased than anyone that it is in there.
How anyone could characterize an IP stack that handles multiple 10Gbit NICs bloat is beyond me. I realize that it would be absurd for home users or a small office setting, but that is not exactly the market Sun is in. The fact is that bandwidth can be high enough (100Gbit) that it was time to implement an IP stack that handled multiprocessor configs gracefully - that was where the bottleneck was. Sun was engineering a solution, not bloat.
"We haven't even reached petyabytes, for $DEITY's sake!" Which 'we' are we referring to here? While petabyte data stores are not common (yet), there are certainly a number of existing sites out there with petabyte SANs, especially in scientific research, and various gov't applications. Having a filesystem that scales past that is not bloat, it is foresight, and it is a selling point for that class of customers to know that Sun will be able to scale, and is doing the work of scaling in advance, rather than retrofitting some bolt-on solution.
"But you can bet that, even if an RMS-inspired botanist created such a crop and released it free of charge (think George Washington Carver), the mindless anti-GMers would prevent it from seeing the light of day!"
I think you attribute far too much power to the 'anti-GMers'. Here in the US the 'mindless anti-GMers' (all twelve of them) have essentially been powerless to do anything. At this point in time in the US corporate interests trump any others, and Monsanto has been given a free pass to do whatever they please, no matter what the consequences. Consider that in the US it is *illegal* to state that your products do not contain GM products. The anti-GMers have some sway in Europe and elsewhere, but even there you will find that often they are not the mindless straw men you have drawn at all, but have very good reasons for criticism, such as those you yourself have enumerated. Anti-GM usually means anti-Monsanto, and frankly Monsanto can behave completely horribly. Their filing of hundreds of frivolous suits against farmers who refuse to use their products, their propaganda/disinfomation campaigns like the 'golde rice' BS, and many other abuses come to mind. If we ever reach the day where GM is not propagated by corporate predators with a big portfolio of patented life forms, and a bigger army of lawyers, I expect the tone from the anti-GM people might change, but we are not in that world now.
If you are using 10.2 Server you do not need to have your network user's password hashes visible to anyone. All you need to do is use the Password Server that comes with X Server. In the ODA if you select 'This Server will provide authentication for other systems' or something much like that, then it will be enabled. Once you enable it and set users from Basic authentication to the Password Server, the password field of their user record becomes '********'. With 10.3 the Password Server can still be used the same way, but it can also morph into the back end of the new KDC.
Note that in 10.2 you can export your users from WGM as an XML file which can serve as a backup if the parent NIDB get hosed, but if you are using the password server you need to also back up the password server database.
This one is really straightforward to explain. You see, in addition to prayer by the One True Religion, the prayers of infidels were also mixed in. Since the prayers of infidels are actually prayers to the Dark One who does the opposite of what was asked, these amount to anti-prayers. Hence they cancelled out their results.
You missed the point - drivers, OSes, etc. were not what Joy was talking about. C is a programming languages that make it incredibly hard to write secure code, even for talented experienced programmers with decades of experience. C lacks any automatic way of doing exception handling, bounds checking, memory management etc. Implementing these things in C is a pain - the language leaves you to do work that has nothing to do with what you are trying to achieve (debugging memory errors, and matching your mallocs and frees), and penalizes you for good programming practives since you have to roll your own. C is great for writing a kernel or a driver where you really need the performance, but it simply sucks ass for writing an internet daemon - even the best coders in the world still make errors, even after repeat code reviews. Look at Sendmail (recent versions), look at OpenSSH, Apache, et al. They have been code reviewed over and again, simplified, scrutinized by many many eyeballs, and still stupid security errors come up, and over and over it is due to errors in handling exceptions, bounds checking or other things that occur due to programming in C, but would not be an issue in more modern languages. Security wise, C is simply not suited to writing internet daemons, even if you are a talented coder.
"Apple's special BIOS" is called Open Firmware. And it is called 'Open' for a reason - it is a documented open standard (IEEE 1257) that Apple implemented. Sun and IBM amonug others also use Open Firmware on their systems - it is enough of a standard that Apple engineers have referred people to Sun's docs on Open Firmware on the listservs in the past. The Mac OS may need Open Firmware to boot, but there is nothing preventing anyone from bootstrapping any other OS, and various PPC Linuxes and BSDs all use OF to bootstrap.
Slashdot Mirror
While State elections do affect the Federal Govt., the election laws themselves are State laws. The court's position that Florida's partial recount violated the Fourteenth Amendment's Equal Protection clause was laughable, and they went so far as to say that the interpretation they used shouldn't be considered again... They also misrepresented Florida Law with the made up 'December 12' deadline, where the typpical reading of the State constitution indicates that January 6 was the drop-dead date under the Florida election scheme. The state's electors have the option under federal law to meet by December 12 in order to escape the technical threat of challenge by members of Congress, but this is not a drop dead date nor required.
I would recommend reading some of the legal analyses of the Court's decision, and taking a look at the turgid juggling they had to do in the dicision itself. The fact that they stated that this decision should not be considered in any future cases alone should make it clear that they knew they were completely hypocritical in their decision. They were motivated by politics and not an unbiased effort at interpreting the law.
My response was more an attempt at a correction of a very biased one sided view than cheerleading for either side. FWIW I am an independent. I voted for Gore not because I liked him at all, but because Bush was lying his ass off far more than Gore, he was an incredibly bad speaker, a worse governor (I live in Texas), and I hated his saber rattling about 'taking care of Saddam' in the primaries - I really didn't want to see us lay a punch into the Tar Baby that is the Middle East, and in my analysis was the greater of two hypocrites.
I wholly agree that the Florida Supremes were pushing things in favor of their politics. That said, the Supremes had no business taking the case, and showed they had as little integrity as the Fla. Supremes by doing so. Thanks to Scalia, I have now lost all respect for every branch of our government. This was a question of interpretation of state law, the Florida Supremes were interpreting it in a way that appeared beneficial to the Dems. and the SCOTUS stepped in to fix a problem they had no business touching. This was not a Federal issue, nor was it appropriate for them to step in, even if they felt they were righting a wrong by violating standards. It is especially hypocritical since the same conservative judges who stepped in here are prone to harping on State's Rights and the problem of the Judiciary stepping in to right percieved wrongs where it has no jurisdiction to do so.
Folrida's electoral mandate was for the vote count to 'express the will of the voters' and it was pretty clear that both parties were only really interested in expressing the will of their particular voters, and both tried to play tricks to get the other guy's votes ignored. The Repubs were much more successful since they had Harris and Diebold on their side (the recently released internal Diebold mails really make it look like Gore would have won handily in a fair election). The briefings that both the Republicans and the Democrats released for their respective vote counters showed how corrupt both parties are, as both were working to try to disenfranchise voters seen as not likely to have voted for them.
I am still an independent since both parties suck, and neither represents my views (nor do Libertarians, Peace & Freedom, Greens, etc.). I vote for Dems. more than Repubs these days because the Repubs have managed to prove they have even less integrity than the Dems.
Paul Wellstone, Mel Carnahan, Dan Rocco, and John O'Neill. The last is a stretch of course, but he wouldn't have been there would it not have been for Bush. If you want to see a list of mysterious deaths with about as much veracity as the lame Vince Foster story looke here:t .php
http://www.bushbodycount.com/voices/thelis
Bring a block of salt.
I still am weirded out by the Vince Foster story. He was on the top of the list of people Republican Washington insiders would have wanted to see dead. He was the leading Dem. expert on Iran Contra. He had more shit on Bush than anyone. And somehow it gets pinned on Clinton just because he was depressed and disillusioned to see that Cliton was also corrupt - though Foster stated that Clinton was nowhere near as corrupt as Bush senior.
With regards to your other points, on point B, we agree, there is corruption. You glossed the most significant fact that the Supremes are stacked with connservatives, since it doesn't fit with your prejudices.
On point C you are misinformed or lying. Absentee ballots recieved with no postmarks were not supposed to be caounted according to the Florida election guidelines, wherever they came from.
On point D, I think it is really funny that you would compare the Dems to the late Soviet Union. The current administration and congress have aped Stalist language so many times now it is shocking. There are a lot of paralllels with their abuse of ideology to justify breaking rules and behaving unethically for a power grab. I am not saying that the Dems are not a corrupt bunch (they certainly are, and were worse in the past), but they pale compared to the current generation of Republican ideologues who will do anything for 'the party'.
>I don't recall people close to a Republican president finding themselves suicided.
But a suspicious number of opponents of Bush have died in mysterious plane crashes.
>I have not heard of a poll being kept open in Chicago to ensure a Republican President had sufficient electoral votes to be elected.
I guess having a Republican stacked Supreme Court make the calls in Florida doesn't count...
>In my home state of Arkansas, I've not heard of the Republicans filing a last minute law suit before a court to ensure that certain polling areas were kept open after they were supposed to be closed.
But the Republicans happily fought in the courts Florida to let absentee ballots with no postmarks counted, so long as they were submitted by the Military.
It is pretty obvious that both the Republicans and the Democrats are more than happy to break the rules if it helps them get power. But it is still shocking is how far the Republicans have willing to go lately.
The Republican attitude about recess appointments seem to have shifted a lot as well:
Then:
"Any appointment of a federal judge during a recess should be opposed."
- Sen. Trent Lott (R-MS) opposing the appointment of an African American judge, December 2000
Now:
"Judge Pickering's record deems this recess appointment fully appropriate."
- Sen. Trent Lott (R-MS), 1/17/04
Your point is a disanalogy. This is more like if Sequoia systems or some other competing voting systems company had broken into Diebold's systems, illegally accessed internal memos, and used them to gain un unfair competitive advenatage in the marketplace. And in that case the offending company would be treated with the scorn they would deserve.
I can't believe people are so blinded by their political ideologies that they are actually trying to excuse the shameful behavior these people were involved in...
In addition to the obvious google for 'hitler clinton', don't forget to do a few searches to 'Hitlary'. A quick search for 'Hitler' through NewsMax archives is educational, as well. Finally he might be interested in a quick trip to the Congressional record:
Rep. Helen Chenoweth-Hage (R-Idaho): "This president is engaging in the largest land grab since the invasion of Poland."
Rep. John Shadegg (R-Ariz.): "I would draw a parallel to Hitler, he eroded the will of the German people to resist evil."
Rep. Jay Dickey (R-Ark): "Just as people who read Hitler's 'Mein Kampf' and then later were surprised at the evils of the 3rd Reich [sic] we have the blueprint for what the White House plans to do: defeat me! This is because I not only dared to vote my conscience on the impeachment issue, but dared to do it after a publicly expressed threat that I would lose the election if I did. Are we going to let an astounding abuse of power go unanswered?"
So are you saying that since Clinton's administration was accused in a (barely coherent) NewsMax article of leaking information, that this deserves equal time on Slashdot to a current report that Republicans in the Capitol were hacking Democratic senator's systems and using the information illegally gained?
Or are you saying that since 'Clinton was corrupt too', that it is fine that Republicans in the Capitol were commiting federal crimes?
Or are you saying that Slashdot (a technology site) is biased for reporting on a report of high level computer hacking, while not posting a story about alleged leaks that did not involve computer hacking?
Your implicit point was not really clear, please elaborate.
There is no UI in ServerAdmin, but there is a GUI tool for MySQL management on OS X Server called 'MySQL Manager.' It is pretty limited in functionality, but it is there.
Note that all XServes ship with X Server, so the cost of the software is only if you are installing it on other hardware.
The features that make the software nicer than Linux (simple setup, integrated password management, easy to use/set up Kerberos, hand holding phone support, etc.) are aimed at a class of people who typically find that it is well worth the $500 they may have paid.
Those who are happy to spend the sea of time and effort reading the docs on configuring a completely integrated PAM/KDC/OpenLDAP/Samba/Apache setup on their choice of Free OS don't appear to be in that target market. IMHO, you can't really sell much in the way of software to people like that, anyway.
On the political front, Texas is a lock in for Bush, and there is no chance he will take California. OTOH, smacking Maryland and pumping some pork into the increasingly critical Florida both serve the agenda pretty well.
I am not a big fan of PHP, but there are good reasons why it has been successful where it is.
1) A lot of people like to have code tags embedded in their HTML. You can do this in Perl with Mason, or EmbedPerl, or what have you, but good luck getting cheap hosting where you have that set up.
2) Perl running through CGI has a lot of limitations, it is somewhat slow, you are limited in where you put scripts, etc. These are overcome by moving to mod_perl, but if you have a big server that is serving up a lot of domains as vhosts, which is what a lot of cheap hosting is about, they are not going to want to enable mod_perl, since every script will be sharing the same interpreter and this is not at all secure. I think I read that mod_perl 2 would help with the latter, but even if this is the case, since nobody runs Apache 2 it doesn't really matter.
So PHP makes it easy to inline code which a lot of people like, especially beginners, and fits well for current hosting limitations.
There also is the bad reason that there are a lot of crappy free CGIs out there, like the dreck on Matt's Scripts that are security nightmares so some admins have stomped on CGI access because of this. PHP has no advantage here, since there are plenty of PHP security nightmares out there, but the Perl ones have been around longer and been exploited longer, especially the evil 'formmail.pl'. Another PHP plus is that it is easier to sandbox off PHP for admins who have unknown users posting code on their servers.
Personally I feel sorry for people stuck using PHP. I use mod_perl, DBI, and HTML::Template, and a few other really great CPAN modules, and when I get stuck going back to PHP to do work I find the tools very inconsistent and limited compared to Perl, especially in database programming. But if I were to set up a 'cheap webspace' server I would not trust users with Perl unless I worked hard to cripple it, while I could adequately cripple PHP fairly quickly.
Yeah you are right. I checked the RFC:
.wmv, .rar, .dmg, and other common file types that have been causing pain, but I believe I was incorrect in my initial position, and Apache should be handling unknown types more correctly.
http://www.ietf.org/rfc/rfc2046.txt
So it looks lke Apache passing unknown MIME types as text/plain is incorrect behavior. I still think it would be good if there were MIME types for certain common file types that are causing the pain:
If there is a defined standard for handling unkown MIME, I am not aware of it. So what would you say is 'correct' behavior for a file with no registered MIME type?
s /
RAR and Windows Media do not appear to actually have registered types AFAICT. I admit that sending unknown things as text/plain is a pain for users, but I think the solution is for all common file types to get registered as some MIME type, not to bitch at the webserver. Please feel free to correct me if you can find them here:
http://www.iana.org/assignments/media-type
IIS sends unknown stuff as application/octet-stream, but that seems screwy to me - why treat an unknown file as a binary appication? If has an extension but it is not '.exe' chances are the file is not 'application/octet-stream'.
BTW - changes to Mozilla to check the file content for unprintable characters hit the trunk recently so Mozilla and Gecko based browsres will handle text/plain files that are not compliant to the text/plain type, and download them instead of displaying them.
I have spent a bit of time on campuses as a student and as a teacher. I am relatively conservative, as I am a theist, an absolutist (relativism is the worst ignorance IMO), I believe in studying the Great Books, and focusing on the Classics in the Canon, and think that many ethnic studies departments are dishonest and unhelpful towards a better education of any students. I have expressed my views on various campuses. I am not in jail. While some have labeled me, I am not so weak in an argument that I would let an opponent get away with it. Speaking from experience, you are completely full of it.
>Sadly, universities are becoming the places where free speech is the *least* tolerated.
Feh. As far as I can tell, there is more freedom of speech on campuses than anywhere else in the country. Just because the extremist right-wing views you hold are not popular among the well educated doesn't mean that you can't express them.
>Orwellian indoctrination classes and speech codes are the norm.
Feh. I suppose it is necessary for you to imagine that there are evil librul indoctrinating professors are brainwashing the youth to fit with your general paranoia, but reality doesn't support your views.
>Punishment for controversial speech is becoming more severe.
Perhaps, though besides a few odd anecdotes, I don't see a real trend. Where it is happening, it is a function of Political Correctness, a tool equally abused by both the left and the right.
>College newspapers exposing "dangerous" thoughts are being stolen or banned.
The only time I remember this happening was when Horowitz published a truly hateful and obnoxious ad in some school papers. Not a trend.
>Anyone who speaks up is labeled a "racist conservative Nazi facist".
People who express views on college campuses should expect people to disagree and use a variety of argumentation, some well though out, some poor. Kids are learning how to argue and apply critical thought in school, some are not good at it and throw around ad hominems and other weak logic. I am glad they are trying to think, even if they falter sometimes.
It almost appears that for Brian Ellenberg 'free speeh' means 'agrees with Brian Ellenberg's views, or at least doesn't argue with them.' Maybe you should drop by a school and see what it is like first hand. And if some kid sslaps a label on you, maybe you should work on learning how to correct this spurious form of argumentation instead of whining about it.
I agree that the privs on / suck. On X Server / is not group writable, but it is on the client OS. I understand why Apple did this, since they want it to feel like the old Mac OS, but it still sucks.
As for lookupd (that crazy authentication daemon), you might not like it, but you have not pointed out any problem other than that it is different. lookupd allows Mac OS X a lot of flexibility and simplicity in configuring the OS to work with various directories such as NetInfo, NIS, LDAP, Active Directory, et al., with sophisticated high level APIs, while still being compatible with getpw*(). I do not see this as weakening the system.
>The holes are no surprise.
No holes in OS X I am aware of reported so far have been related to weak privs on / or lookupd.
BBEdit is really really nice. Personally I hate emacs. I write a lot of Perl and HTML. I now spend my time bouncing between BBEdit and vim - BBEdit for local editing, vim for time when I am SSHed in somewhere remote. BBEdit is definitely far nicer to work with, though I find GUI text editor inherently superior. BBEdit has rectangular selection - I would hate to imagine how you would implement that in a non-GUI editor. BBEdit also has a lot of features where you might in theory be able to do the thing in another editor, but it is a pain. I always dread complex replacing in a selection of text based on a regex in vim. In BBEdit it is intuitive. And BBEdit has a lot of other features that vim does not have, or that vim/other editor has but it is such a pain in the ass to find or use that it may as well not have them. BBEdit is scriptable via any scripting language out there that runs on OS X - AppleScript, Perl, Python, sh, whatever. I have written custom Perl filters for it, they integrate seamlessly.
BBEdit makes a great HTML editor for those of us who prefer to do it by hand. The HTML debgging and validation in it are brilliant and outshine competitors on any platform. And its abilities for testing pages easily in multiple browsers has saved me a lot of aggravation.
Finally it makes a brilliant IDE for Perl - sure you can run scripts from an editor in vim and others, but BBEdit is better. I love having a Perl debugger where I can doubleclick on an error and have the offending line hilighted. It makes a good IDE for shell scripts too.
If you write code professionally that BBEdit excels at editing (HTML, Perl, etc.) then it is likely to be worth it. If not, you probably aren't going to be compelled to purchae a text editor, when there are decent (though inferior) free ones.
The thing is is that this particular thing is a 'feature' to some sites. So if Apple releases a 'security' update that turns it off, and they are breaking some customer's configurations, and large customers at that. Because of this, there is no obvious fix. To expect Apple to release a fix in a few weeks is ridiculous on your part, and on the part of the guy who submitted this.
BTW - even if you used DHCP all you would need to do is click a few checkboxes in Directory Access to protect yourself from this issue. If Apple wrote a knowledge base article recommending people turn off unneeded directory services, that would be an adequate vendor response as far as I am concerned.
Finally, this is not like a remote hole in a service that can be exploited by any script kiddie out there on the internet. This is a hole that can only be exploited by an attacker on the same subnet as the victim, requires that the attacker be running a DHCP server that wins in a race condition against a legitimate DHCP server, and requires the victim reboot while the attacker is up on the network. Since rogue DHCP server are usually investigated pretty quickly, this is not a trivial set of conditions.
It is still theoretically exploitable, and I would recommend to all to go into Directory Access and disable any directory services they are not using (I always do), but it is not as dire a security risk as something like a root exploit in a remote service enabled by default, and people treating it like that need to think more clearly.
Static automounts from directory services (which are what you need to exploit this) only get mounted at boot, if if certain directory services related processes get restarted that never get restarted in a normal setup, so you really need to boot a machine in a hostile environment for this to affect you. Dynamic automounts will get mouted at each login, but will not be mounted in a dangerous way.
You can just go into Directory Access and uncheck LDAP and NetInfo to be immune to the issue even if you use DHCP. I always do this. While this guy thinks he is early in reporting this bug, rogue NetInfo servers are not a new thing (though rogue LDAP servers would be more recent). There used to be an article in NextAnswers from the late 80s about how to track them down. I always customized these settings when I first get a OS X system to avoid this very thing.
You do not sound like you use Sun hardware. Rewriting an IP stack for greater scalability, and implementing a better trace are certainly useful to the market Sun is aiming at.
DTrace, provided it is well implemented, should be very useful for debugging the sorts of problems that one runs into in many enterprise settings, and I assume that folks who develop for Solaris, and the support folks at Sun are more pleased than anyone that it is in there.
How anyone could characterize an IP stack that handles multiple 10Gbit NICs bloat is beyond me. I realize that it would be absurd for home users or a small office setting, but that is not exactly the market Sun is in. The fact is that bandwidth can be high enough (100Gbit) that it was time to implement an IP stack that handled multiprocessor configs gracefully - that was where the bottleneck was. Sun was engineering a solution, not bloat.
"We haven't even reached petyabytes, for $DEITY's sake!" Which 'we' are we referring to here? While petabyte data stores are not common (yet), there are certainly a number of existing sites out there with petabyte SANs, especially in scientific research, and various gov't applications. Having a filesystem that scales past that is not bloat, it is foresight, and it is a selling point for that class of customers to know that Sun will be able to scale, and is doing the work of scaling in advance, rather than retrofitting some bolt-on solution.
"But you can bet that, even if an RMS-inspired botanist created such a crop and released it free of charge (think George Washington Carver), the mindless anti-GMers would prevent it from seeing the light of day!"
I think you attribute far too much power to the 'anti-GMers'. Here in the US the 'mindless anti-GMers' (all twelve of them) have essentially been powerless to do anything. At this point in time in the US corporate interests trump any others, and Monsanto has been given a free pass to do whatever they please, no matter what the consequences. Consider that in the US it is *illegal* to state that your products do not contain GM products. The anti-GMers have some sway in Europe and elsewhere, but even there you will find that often they are not the mindless straw men you have drawn at all, but have very good reasons for criticism, such as those you yourself have enumerated. Anti-GM usually means anti-Monsanto, and frankly Monsanto can behave completely horribly. Their filing of hundreds of frivolous suits against farmers who refuse to use their products, their propaganda/disinfomation campaigns like the 'golde rice' BS, and many other abuses come to mind. If we ever reach the day where GM is not propagated by corporate predators with a big portfolio of patented life forms, and a bigger army of lawyers, I expect the tone from the anti-GM people might change, but we are not in that world now.
If you are using 10.2 Server you do not need to have your network user's password hashes visible to anyone. All you need to do is use the Password Server that comes with X Server. In the ODA if you select 'This Server will provide authentication for other systems' or something much like that, then it will be enabled. Once you enable it and set users from Basic authentication to the Password Server, the password field of their user record becomes '********'. With 10.3 the Password Server can still be used the same way, but it can also morph into the back end of the new KDC.
Note that in 10.2 you can export your users from WGM as an XML file which can serve as a backup if the parent NIDB get hosed, but if you are using the password server you need to also back up the password server database.
Back a few years ago the Feds released a report that PS2s were being shipped to Iraq to build a military supercomputer. They were able to double-demonize Saddam, since they claimed that not only were the consoles being used to power weapons systems, but they also were adding to the scarcity of the systems.
This one is really straightforward to explain. You see, in addition to prayer by the One True Religion, the prayers of infidels were also mixed in. Since the prayers of infidels are actually prayers to the Dark One who does the opposite of what was asked, these amount to anti-prayers. Hence they cancelled out their results.
You missed the point - drivers, OSes, etc. were not what Joy was talking about. C is a programming languages that make it incredibly hard to write secure code, even for talented experienced programmers with decades of experience. C lacks any automatic way of doing exception handling, bounds checking, memory management etc. Implementing these things in C is a pain - the language leaves you to do work that has nothing to do with what you are trying to achieve (debugging memory errors, and matching your mallocs and frees), and penalizes you for good programming practives since you have to roll your own. C is great for writing a kernel or a driver where you really need the performance, but it simply sucks ass for writing an internet daemon - even the best coders in the world still make errors, even after repeat code reviews. Look at Sendmail (recent versions), look at OpenSSH, Apache, et al. They have been code reviewed over and again, simplified, scrutinized by many many eyeballs, and still stupid security errors come up, and over and over it is due to errors in handling exceptions, bounds checking or other things that occur due to programming in C, but would not be an issue in more modern languages. Security wise, C is simply not suited to writing internet daemons, even if you are a talented coder.
"Apple's special BIOS" is called Open Firmware. And it is called 'Open' for a reason - it is a documented open standard (IEEE 1257) that Apple implemented. Sun and IBM amonug others also use Open Firmware on their systems - it is enough of a standard that Apple engineers have referred people to Sun's docs on Open Firmware on the listservs in the past. The Mac OS may need Open Firmware to boot, but there is nothing preventing anyone from bootstrapping any other OS, and various PPC Linuxes and BSDs all use OF to bootstrap.