So there is a minor issue with the trademark name and Debian Free Guidelines. Is this something worth getting nasty over?
Yes, it is. One of the really, really important things about Debian is the DFSG; with them you get an absolute, unequivocal, no-exceptions guarantee that you're using Free software, and that you have the freedom to modify and distribute that software. And that's not just a philosophical argument; there are very real, very practical needs which are satisfied by using Free software (no vendor lock-in, you can still get maintenance and support if the company you get it from goes under, etc., etc.). There are plenty of annoying things about Debian, but the single-minded commitment to Free software isn't one of them.
By getting the security fixes checked in upstream as well
That's not possible here, because there are conflicting policies:
Debian's policy is not to upgrade an existing release to a new version of a package; this makes sense for long-lived stable releases, because often other components will depend on a particular version of the package, and because bringing in a new version means a whole new round of testing to clear up bugs in the new version. So, for example, instead of upgrading an existing release to the Firefox 1.5.x line, Debian backports security fixes to the 1.0.x line.
Mozilla's policy is not to maintain older versions as long as Debian does; this makes sense for a fast-moving piece of software, because often it's easier to include fixes with a new version than to maintain n old versions in perpetuity. So, for example, Mozilla recommends upgrading from Firefox 1.0.x to Firefox 1.5.x to get security fixes.
The end result of this is that Debian can't hope to comply with Mozilla's patch-review requirement for the trademark use (or even to reliably "submit upstream"), because Mozilla won't be maintaining any given Firefox version for as long as Debian will be maintaining any given release of their distro.
The anti-net-neutality companies will see Google as a giant deep pocket as well, now that YouTube has the resources to double-pay for its bandwidth.
Except for the fact that Google's deep pockets are full of fiber. Remember, they've been buying up dark fiber for years; all they have to do is light it up, and they could cut down a lot of their transit on other networks. The threat of that, and the resulting lost revenue, ought to be enough to keep ISPs in line.
So now if i login to Yahoo, every jerk with a website can read that cookie and know who i am, right?
Nope. The press release is really short on details, but the official developer docs spell things out more clearly: the initial authentication takes place on servers Yahoo controls, and the user has to explicitly consent to opening up any information the third-party site wants to access. If they do, Yahoo provides an authentication token that can be used to make calls to Yahoo's various web services on behalf of the user. The token expires after one hour, and must be used in combination with another token, unique to the application, to generate unique, non-replayable hashes on each request.
They've been using a similar system on Flickr for a while; you apply for an application token, and people who use your application have to give explicit permission before it can access any of their photos.
Receiving a degree in exchange for work does not constitute an employee/employer relationship under US law; employment contracts are a vast and well-defined body of law, and this is not a case where they apply.
your homework, while it might be for your own development and education, can be considered work for the teacher
When in doubt, look it up. The scope of "work for hire", on which your argument and similar arguments made by others seems to hinge, is extremely limited; work for hire only applies in two circumstances:
When an employee/employer relationship exists, or
When an explicit written agreement exists stating that the work in question is to be work for hire.
Absent one of these two conditions, a student retains exclusive right to any original creative work he or she produces, from the moment that work is set in a fixed, tangible form, regardless of whether the work is or is not eventually registered with the Copyright Office (registration is not required to enforce copyright, only to seek certain types of damages for infringement). Distribution of the work without the student's permission is a violation of that exclusive right and of federal law. This is why most universities which use these sorts of systems force students to sign an agreement stating that they grant permission for their work to be submitted.
Wow. And here I thought all the old Adequacy people had just faded away with time.
Re:Easy transition from Python to Ruby?
on
Python 2.5 Released
·
· Score: 4, Interesting
Migrating from Python to Ruby is trivial, they're 95% identical. Some idioms are different such as Ruby's use of anonymous functions (called blocks) and different ways of metaprogramming (plus the fact that Ruby uses metaprogrammatic abilities much more often than Python), but the difference between them is far smaller than some people make it to be.
If I moderated, I'd mod this up:)
Seriously, the idioms and conventions of programming in Python and Ruby are the largest differences, not the actual languages themselves:
Ruby programmers, on average, seem more likely to crack a class open and add new things to it, where Python programmers generally prefer to subclass and do what they need in there.
Ruby programmers, on average, seem more likely to build domain-specific languages to solve problems, where Python programmers generally prefer other routes (though which route they take will vary depending on the problem).
Et cetera, et cetera. Ruby folks are also big on the arbitrary anonymous blocks, which Python doesn't have, but I've yet to run into a problem I can't solve with a named function, and a lot of the time I end up with cleaner and more understandable code because of it. Which, really, I think is the biggest cultural difference: given a situation where all other things are equal, Ruby focuses on expressiveness (an inherited "there's more than one way to do it" from the Perl in its genes), and Python focuses on clarity and readability.
I didn't mean that they only used some functions, but simply that they didn't write those functions or anything, they're just linking a library and exposing the API to Python. This is really no different from having a perl module with a loadable module, except how it's distributed.
Nope. It's a module. The entire module is right there for you to use. Not some headers, not a few functions, the whole thing.
I'm sure you can compile it out, but putting the sqlite library into the base distribution is, IMO, stupid. It only makes base larger and more complex.
Except it doesn't. Python the language has not gained native support for SQLite. Nothing having anything to do with SQLite has been "compiled in" to the core language. A module which provides a Python wrapper around the SQLite API is now included among the libraries in the standard Python distribution. If you don't need it, don't ever import it in a program. Simple as that. If you do need it, importing from the pysqlite2 module is always guaranteed to work on Python 2.5, because you no longer have to go download that module from somewhere.
Because of this asymetry in potential outcomes, car drivers carry far more responsibility than bike riders/pedestrians - especially as long as bike riders are forced to share the road with cars. Unfortunately, that realization seems beyond the mental capacity of a large fraction of US drivers who continue to drive with a laxness that is simply astounding.
No, cyclists and drivers carry exactly the same set of responsibilities:
They must obey all traffic laws at all times.
They must remain alert and aware of the other traffic on the road.
They must remain alert and aware of people and objects off the road which may affect traffic on the road.
Getting everyone to realize that these rules apply to them, regardless of what sort of vehicle they're operating, would drastically improve safety.
It goes both ways; I've seen plenty of asshole drivers, but I've also seen lots of cyclists who insist on ignoring traffic laws. Just yesterday as I was driving home from work, sitting at a stop sign, a cyclist came up behind me and went through the intersection without stopping -- quick reflexes on the part of the driver who had right-of-way were the only thing that stopped the cyclist becoming a stain on the pavement. Moral of the story: no matter what sort of vehicle you're operating, when you're on the road the laws of the road apply to you, and you need to be cautious and observant.
First of all, it's a civil registry. I don't see an automatic due process issue because the state isn't meting out any punishment to those who are listed (i.e. there's no state-led deprivation of life, liberty, or property).
Being placed on the Ohio registry, according to the article, includes restrictions on where you can live. So this would seem to be a denial of liberty without the due process (conviction in a criminal trial for a sex offense) required for such.
Plus, no memory leak bug or reimplemented widget controls (I have an operating system that provides those natively, thanks).
That'd be nice if not for the fact that isn't true, and very very obviously isn't true on OS X. Run through this checklist:
Opera's dialogs and window chrome don't respect the system default font settings -- Opera uses a smaller setting that makes it feel extremely out of place.
Opera's form controls in web pages don't respect the system default settings -- the system says "Lucida Grande" and Opera says "Arial".
Opera doesn't actually use native form widgets (it doesn't use them on any platform, really -- Opera's built with Qt, so the quality of the interface is directly dependent on the quality of the widgets Qt provides on a given platform), and it's very easy to spot this. For example, here is a screenshot of a small area of the screen in Gmail in Safari, showing the native fonts and a few native widgets (a couple buttons, part of a text field, and a select menu). And here is a similar shot in Opera.
Opera uses a strange and fairly ugly tab control based on older versions of the Aqua interface. Tabs are an area where it's OK to improvise -- neither Safari nor Firefox use the default tabs of OS X -- but if you're going to improvise you should do it well (compare: OS X default, Safari, Opera.
Opera often has problems aligning text on form controls; text on buttons, for example, is often noticeably right of center, and Opera sometimes doesn't draw a button with enough height to comfortably encompass the text, resulting in buttons that look squashed and cramped.
Opera's search box is not an OS X search box, and doesn't look or function anything like an OS X search box except for being rounded.
I could go on for quite a while here, but by now the point should be pretty clear.
My impression is that there's multiple registrars that can sell all domains, and you can freely transfer ownership between them.
No, there's a key distinction here between a registry and a registrar. The registry is a master list of an entire top-level domain, and is administered by one and only one organization; in the case of.com,.net,.org, etc. the authority to do so comes via exclusive contract with ICANN. A registrar is basically a service provider; in return for the price of the domain plus a little fee on top, the registrar goes through the process of getting you into the registry as the current owner of your domain name. So, for example, VeriSign has the contract to administer the.com registry; that means that no matter what registrar you use to register a.com domain, you're just paying someone to deal with VeriSign on your behalf.
And this article is talking about the contracts to maintain the TLD registries -- if they decided to implement this sort of per-domain pricing, the cost would be passed down to you no matter what registrar you go through, because all registrars have to deal with whomever has the contract to administer a particular TLD's registry.
Nope. $LOAD_PATH contains the directories Ruby searches for libraries (@INC in perl, I don't know the equivalent in Python).
sys.path in Python, which is initialized from the environment variable PYTHONPATH.
It's doubtful Rails would have a '../../etc/passwd' type bug since very few of the urls have any direct correspondence to the filesystem. (e.g. mail/send/1 executes the send method of an instance of the MailController class).
But... the default setup for Rails (or at least, last time I played with it) is to map/controller/action/-style URLs for you, so if you managed to upload a Ruby file which just happens to contain your malicious subclass of ActionController, well, you'd pretty much own the site.
This is why I don't like automatic URL mapping; only the URLs I've explicitly laid out should ever respond, and only the code I've explicitly pointed them to should ever be executed. I know Rails has other ways of mapping your URLs, but I don't know off the top of my head if you can disable the default controller-name/action-name mapping; even scarier is that a number of other frameworks have emulated that.
(Disclaimer: I work for the company which developed Django, and am an active user of and contributor to it)
I'm assuming a serious flaw means an explotable buffer overflow.
Ruby is an interpreted, memory-managed language. Any buffer overflow would have to be in the Ruby language interpreter, not in software that's written in Ruby.
That's a mathematical fact. It doesn't detract from the basic fairness that says "the guy with the most wins".
I once read a really great analogy for the Electoral College: think of it like the World Series. Imagine if the World Series always consisted of seven games, no matter what, and the rule was "whoever scores the most total runs over those seven games wins".
Now imagine a Series where one team wins the first game 10-0 and loses the other six, 1-0 each time. But they still scored the most runs, so it's "fair" that they win, right?
Of course not; the point of the World Series, and any other best-of-n sports playoff series, is not to ride one or two big blowouts, it's to prove that you're consistently the better team. And the point of the Electoral College is that it might just be better to have a President who performs consistently well in elections all over the country, not just a President who does well in a few population centers.
I believe there is a similar provision in US law these days. While you do not lose the patent, you can no longer claim damages that occurred between discovering the infringement and starting legal action.
It's called the "equitable doctrine of laches". If the defendant can show that the delay between the time the plaintiff became aware of the infringement and the time they filed suit to halt the infringement resulted in material harm to the defendant, then royalties/damages can only be assessed going forward, not going back through the time of the delay.
It's an example of how this could be approached, not a finalized complete product. It's meant more to make the point "usable and nice-looking aren't mutually exclusive". And it does. Could it use some changes to its CSS to accomodate text scaling more effectively? Sure, and that'd be fairly easy to do. Does that mean they should just forget about trying to make things usable and pretty? Heck no.
Also, criticizing the site it's hosted on instead of the actual design they put together is a bit of a cheap shot.
Shameless plug: the newspaper I work for offers something like this. For any terms and parameters you enter into our search system, you can set up a persistent alert for new items matching those terms and parameters; we'll notify you via your choice of email, RSS or text message when something new comes up. Want to hear about it every time we publish a story containing the word "alpaca"? Go for it. Want to be notified whenever somebody lists a Ford Mustang in our classifieds? You've got it.
It's a really handy feature, and I wonder sometimes why more places don't do that.
i'm not an expert on the matter, i could see how mass email can add up in cost. but i would also think that mass numbers of people refreshing an rss feed multiple times to check for updates would incur bandwidth costs. i don't know if there would be a big difference. maybe someone could enlighten me:)
Early feed readers had problems with this, but the state of the industry has improved significantly; popular feed readers are increasingly supporting "conditional GET", which is a feature of HTTP that lets you send nothing more than a "nope, hasn't changed since the last time" in response to a feed reader's query.
The purpose of this page is to direct you to information about web design...so it gives links to articles and conferences. What else could you want? A bunch of animated screenshots of web pages that dance in circles around the text? --In fact, that's what popped into my head when the original poster mentioned "garish"!
There's a common misconception that it's not possible to have good visual design and usability, or that "visual design" has to mean flashing dancing animations. It's a misconception that Jakob Nielson has been at least indirectly complicit in promulgating. And it's very definitely a misconception. A few well-known designers took a stab at making one of Nielsen's Alertbox columns more attractive, and I think they proved that it certainly can be done without compromising usability in the slightest.
The same guys have also done a couple other demonstrations of how high-profile sites could be redone a bit more attractively.
But of course, what we were all expecting from you was an explanation of how the Jews are keeping super-efficient cars off the general market.
(mods confused? Google either his nickname or real name in conjunction with the word "Nazi" and all will become clear; he's a living embodiment of Godwin's Law, which is kind of handy to have around sometimes...)
Slashdot Mirror
Yes, it is. One of the really, really important things about Debian is the DFSG; with them you get an absolute, unequivocal, no-exceptions guarantee that you're using Free software, and that you have the freedom to modify and distribute that software. And that's not just a philosophical argument; there are very real, very practical needs which are satisfied by using Free software (no vendor lock-in, you can still get maintenance and support if the company you get it from goes under, etc., etc.). There are plenty of annoying things about Debian, but the single-minded commitment to Free software isn't one of them.
That's not possible here, because there are conflicting policies:
The end result of this is that Debian can't hope to comply with Mozilla's patch-review requirement for the trademark use (or even to reliably "submit upstream"), because Mozilla won't be maintaining any given Firefox version for as long as Debian will be maintaining any given release of their distro.
Except for the fact that Google's deep pockets are full of fiber. Remember, they've been buying up dark fiber for years; all they have to do is light it up, and they could cut down a lot of their transit on other networks. The threat of that, and the resulting lost revenue, ought to be enough to keep ISPs in line.
Nope. The press release is really short on details, but the official developer docs spell things out more clearly: the initial authentication takes place on servers Yahoo controls, and the user has to explicitly consent to opening up any information the third-party site wants to access. If they do, Yahoo provides an authentication token that can be used to make calls to Yahoo's various web services on behalf of the user. The token expires after one hour, and must be used in combination with another token, unique to the application, to generate unique, non-replayable hashes on each request.
They've been using a similar system on Flickr for a while; you apply for an application token, and people who use your application have to give explicit permission before it can access any of their photos.
Receiving a degree in exchange for work does not constitute an employee/employer relationship under US law; employment contracts are a vast and well-defined body of law, and this is not a case where they apply.
When in doubt, look it up. The scope of "work for hire", on which your argument and similar arguments made by others seems to hinge, is extremely limited; work for hire only applies in two circumstances:
Absent one of these two conditions, a student retains exclusive right to any original creative work he or she produces, from the moment that work is set in a fixed, tangible form, regardless of whether the work is or is not eventually registered with the Copyright Office (registration is not required to enforce copyright, only to seek certain types of damages for infringement). Distribution of the work without the student's permission is a violation of that exclusive right and of federal law. This is why most universities which use these sorts of systems force students to sign an agreement stating that they grant permission for their work to be submitted.
Wow. And here I thought all the old Adequacy people had just faded away with time.
If I moderated, I'd mod this up :)
Seriously, the idioms and conventions of programming in Python and Ruby are the largest differences, not the actual languages themselves:
Et cetera, et cetera. Ruby folks are also big on the arbitrary anonymous blocks, which Python doesn't have, but I've yet to run into a problem I can't solve with a named function, and a lot of the time I end up with cleaner and more understandable code because of it. Which, really, I think is the biggest cultural difference: given a situation where all other things are equal, Ruby focuses on expressiveness (an inherited "there's more than one way to do it" from the Perl in its genes), and Python focuses on clarity and readability.
Nope. It's a module. The entire module is right there for you to use. Not some headers, not a few functions, the whole thing.
Except it doesn't. Python the language has not gained native support for SQLite. Nothing having anything to do with SQLite has been "compiled in" to the core language. A module which provides a Python wrapper around the SQLite API is now included among the libraries in the standard Python distribution. If you don't need it, don't ever import it in a program. Simple as that. If you do need it, importing from the pysqlite2 module is always guaranteed to work on Python 2.5, because you no longer have to go download that module from somewhere.
No, cyclists and drivers carry exactly the same set of responsibilities:
Getting everyone to realize that these rules apply to them, regardless of what sort of vehicle they're operating, would drastically improve safety.
It goes both ways; I've seen plenty of asshole drivers, but I've also seen lots of cyclists who insist on ignoring traffic laws. Just yesterday as I was driving home from work, sitting at a stop sign, a cyclist came up behind me and went through the intersection without stopping -- quick reflexes on the part of the driver who had right-of-way were the only thing that stopped the cyclist becoming a stain on the pavement. Moral of the story: no matter what sort of vehicle you're operating, when you're on the road the laws of the road apply to you, and you need to be cautious and observant.
It's originally from an episode of the Simpsons. Wikipedia to the rescue!
Being placed on the Ohio registry, according to the article, includes restrictions on where you can live. So this would seem to be a denial of liberty without the due process (conviction in a criminal trial for a sex offense) required for such.
That'd be nice if not for the fact that isn't true, and very very obviously isn't true on OS X. Run through this checklist:
I could go on for quite a while here, but by now the point should be pretty clear.
No, there's a key distinction here between a registry and a registrar. The registry is a master list of an entire top-level domain, and is administered by one and only one organization; in the case of .com, .net, .org, etc. the authority to do so comes via exclusive contract with ICANN. A registrar is basically a service provider; in return for the price of the domain plus a little fee on top, the registrar goes through the process of getting you into the registry as the current owner of your domain name. So, for example, VeriSign has the contract to administer the .com registry; that means that no matter what registrar you use to register a .com domain, you're just paying someone to deal with VeriSign on your behalf.
And this article is talking about the contracts to maintain the TLD registries -- if they decided to implement this sort of per-domain pricing, the cost would be passed down to you no matter what registrar you go through, because all registrars have to deal with whomever has the contract to administer a particular TLD's registry.
sys.path in Python, which is initialized from the environment variable PYTHONPATH.
But... the default setup for Rails (or at least, last time I played with it) is to map /controller/action/-style URLs for you, so if you managed to upload a Ruby file which just happens to contain your malicious subclass of ActionController, well, you'd pretty much own the site.
This is why I don't like automatic URL mapping; only the URLs I've explicitly laid out should ever respond, and only the code I've explicitly pointed them to should ever be executed. I know Rails has other ways of mapping your URLs, but I don't know off the top of my head if you can disable the default controller-name/action-name mapping; even scarier is that a number of other frameworks have emulated that.
(Disclaimer: I work for the company which developed Django, and am an active user of and contributor to it)
Ruby is an interpreted, memory-managed language. Any buffer overflow would have to be in the Ruby language interpreter, not in software that's written in Ruby.
I once read a really great analogy for the Electoral College: think of it like the World Series. Imagine if the World Series always consisted of seven games, no matter what, and the rule was "whoever scores the most total runs over those seven games wins".
Now imagine a Series where one team wins the first game 10-0 and loses the other six, 1-0 each time. But they still scored the most runs, so it's "fair" that they win, right?
Of course not; the point of the World Series, and any other best-of-n sports playoff series, is not to ride one or two big blowouts, it's to prove that you're consistently the better team. And the point of the Electoral College is that it might just be better to have a President who performs consistently well in elections all over the country, not just a President who does well in a few population centers.
It's called the "equitable doctrine of laches". If the defendant can show that the delay between the time the plaintiff became aware of the infringement and the time they filed suit to halt the infringement resulted in material harm to the defendant, then royalties/damages can only be assessed going forward, not going back through the time of the delay.
It's an example of how this could be approached, not a finalized complete product. It's meant more to make the point "usable and nice-looking aren't mutually exclusive". And it does. Could it use some changes to its CSS to accomodate text scaling more effectively? Sure, and that'd be fairly easy to do. Does that mean they should just forget about trying to make things usable and pretty? Heck no.
Also, criticizing the site it's hosted on instead of the actual design they put together is a bit of a cheap shot.
Shameless plug: the newspaper I work for offers something like this. For any terms and parameters you enter into our search system, you can set up a persistent alert for new items matching those terms and parameters; we'll notify you via your choice of email, RSS or text message when something new comes up. Want to hear about it every time we publish a story containing the word "alpaca"? Go for it. Want to be notified whenever somebody lists a Ford Mustang in our classifieds? You've got it.
It's a really handy feature, and I wonder sometimes why more places don't do that.
The solution to this is the same as the solution to browsing from a text-only user agent like Lynx: make sure the HTML you supply degrades gracefully.
Early feed readers had problems with this, but the state of the industry has improved significantly; popular feed readers are increasingly supporting "conditional GET", which is a feature of HTTP that lets you send nothing more than a "nope, hasn't changed since the last time" in response to a feed reader's query.
There's a common misconception that it's not possible to have good visual design and usability, or that "visual design" has to mean flashing dancing animations. It's a misconception that Jakob Nielson has been at least indirectly complicit in promulgating. And it's very definitely a misconception. A few well-known designers took a stab at making one of Nielsen's Alertbox columns more attractive, and I think they proved that it certainly can be done without compromising usability in the slightest.
The same guys have also done a couple other demonstrations of how high-profile sites could be redone a bit more attractively.
But of course, what we were all expecting from you was an explanation of how the Jews are keeping super-efficient cars off the general market.
(mods confused? Google either his nickname or real name in conjunction with the word "Nazi" and all will become clear; he's a living embodiment of Godwin's Law, which is kind of handy to have around sometimes...)