...myspace video requires Internet Explorer to even work.
I use FireFox exclusively, and have for a few years now... and I've never had a problem with MySpace videos. I've been using FireFox long before I even heard of MySpace.
Their videos are Flash (whatever format you upload is converted to a Flash video, same as YouTube), so if you have a relatively recent version of the Flash Player installed, the vids work fine in Firefox. Also, though their pages are generally far from standards-compliant, they show just fine in FireFox/Mozilla/Opera... at least in my experience. And even most of my (non-computer-literate) family uses firefox, mostly for tabbed browsing and popup control...
I upload to both myspace and you tube. myspoace has better compression and audio video sync. This probably is partially the reason
I was waiting for someone to mention this. The major complaint I have about YouTube is that my videos are converted to mono sound, where MySpace retains the stereo sound. I also upload all of my videos to both sites, for maximum exposure, but the MySpace versions always seem to look/sound better (source video is WMV 9 at 512kbps).
Personally I hate the interface/user experience of both sites; youtube is simple, but sorta primitive. Myspace is just too cluttered and riddled with ads, not to mention inconsistant and buggy (error messages are quite frequent during "after school" hours)...
Both use some form of Flash, and I do appreciate the file size/quality ratio of both sites (on my DSL, playback usually starts immediately without a lengthy buffering period). But given a choice, I prefer MySpace, if only because I like to preserve the stereo audio I so carefully produced...
If that's any indication of the design of the rest of the system, it sounds awfully braindead to me. Computers are supposed to work *for* you, not against you.
I see you are new to Microsoft products. Your sig seems to state otherwise, but since you still seem to believe that your computer should work for you, rather than for Microsoft, you obviously have yet to experience any Microsoft product in action.
I genuinely feel sorry for anyone who has to experience Windows for the first time, especially if they are used to any other OS...
But things like SQL Injection is one of many reasons I just love ASP.NET.
I noticed that the server in question is actually a Windows box running MS SQL. Not that this means anything by itself, but personally I consider Windows to be a desktop OS, and personally I would never rely on Windows in a server environment. But opinions aside...
I admit, the code you exploited could have just as easily been PHP on a *nix platform, so I cannot blame the operating system. I can only blame the programmer that left this gaping hole open for anyone to exploit. I am assuming here that your test scenerio was in fact something you actually found on a real-world server, otherwise the entire point would be invalid. I will, for the purpose of my response, assume your scenerio actually happened, and you actually exploited the unchecked SQL vulnerability, using the method you describe.
So, assuming the above, I have to say, whoever wrote the code behind the application in question needs to learn a thing or two about input validation. It doesn't matter what scripting language is being used, or even what OS it is run under. The same rules apply: don't trust ANY data sent by the user, or data from any external source for that matter. Everything should be validated, or compared against a set of rules (for example, an email address should always follow specific conventions; a filename should not reference a directory you haven't specifically allowed for; and so on).
Personally I would never have a Windows environment on a server machine, but that is only my personal preference. The fact that this particular script was easily exploitable had nothing to do with Windows, or ASP for that matter. So those who like to put down PHP because a poorly written PHP script could be exploited, need to realize that the same errors can be made regardless of the language (or platform). Sure, PHP's ease of use makes it particularly easy to make such a mistake, but I don't feel that this is a fault of the language itself. Just because one makes it easy to make a mistake, doesn't necessarily put one at fault when such a mistake is made. Some level of responsibility lies on the person who wrote the script. Regardless of how easy the language is to use, the programmer should have some knowledge of how things work on the Internet, before exposing their first bit of code to the world...
In short, no matter what platform you use, or what scripting language you code with, the responsibility still lies on you (the programmer/coder) to make sure the code is not exploitable. In some cases, this simply requires experience, but in most cases it simply means not trusting any user input sent by a browser (or other source). Validate everything, and trust noone. This sounds cynical, but unfortunately when your script is accessible to *anyone in the world*, you have to take such precautions...
That's taint mode you're thinking of, rather than the 'strict' pragma.
You're absolutely right -- I confused the two because I used to use both, and it's been about three years since I've done any serious Perl coding. Taint mode (all external data is considered "tainted") helped to ensure that you at least looked at/modified outside data, before you used it. Otherwise, an error was raised.
Strict would have been (if I remember) the module that required you to declare all variables/functions/references. Again, I think...
Either way, my point still stands: I love PHP, but PHP doesn't offer anything equal to that for security... PHP offers "safe mode", but that simply restricts which directories a script can access. There is nothing to ensure outside data is validated before it is used or passed on to the system, etc... and of course nothing exists to force variable declaration, which can help prevent typos in variable names from causing major problems.
I still love PHP for both its simplicity, and its built-in functions that make many tasks much easier. However, I do admit that if one doesn't know what he's doing, PHP can make it easier to make mistakes that a beginner may not know to look for. For an experienced programmer, though, PHP can be a god-send for creating simple but powerful web scripts...
Your example is slightly flawed as mysql_query doesn't allow the execution of multiple sql queries by default.
Okay, try this:
$result = mysql_query("select password from users where UID = '$uid'");
Assume $uid was passed from a web form. And suppose you passed this to the script:
&uid=0'%20or%20'uid!=0
So, once parsed by PHP, you have:...where UID = '$uid' or 'uid!=0'...
Just a simple example, but I have seen more complex queries manipulated in a similar manner if the user input isn't properly escaped/validated. In short, never pass user input to an outside program, database, or (especially) filesystem without validating the data first...
This is not to say I don't love PHP -- which I do -- it is just that in ANY language, it is easy to overlook some detail that some hacker/cracker may exploit. Especially if that person has access to the underlying code (though sometimes looking at the HTML form is enough information to exploit the underlying script...) so be careful with user input no matter what language you use for the back-end code.
For those who may be curious, the proper way to actually prevent SQL injections...
I'm not negating your point, as I do agree with it. But it can be put much more simply: a script should NEVER trust ANY user input, period. Anything passed to the script should be validated; make sure a value is within range, or otherwise is an expected input. If the input doesn't match some predefined pattern, it should be rejected.
I do love PHP, and I use it quite frequently, but Perl has the "scrict" module that I personally love. Any variable modified by anything outside the script itself is marked as "tainted", and you have to do some kind of validation before Perl will even let you use it. It is a great fail-safe IMO, so even if you happen to overlook or forget a particular variable, Perl simply won't let you use it until Perl is satisfied that you've checked it...
Other than that, it's not that difficult to write safe PHP code. Just check any variables with user input, and any variables a user might attempt to set (even if you aren't expecting them to). Also, globals are not valid within a function, so be more careful within the top-level of a script; as long as you validate any data passed to a function, a user can't override variables within that function.
If people can't read your source code, it doesn't matter that the langauge itself sucks. Of course, it's easy for a lazy programmer to blame the language instead of cleaning up the source code to make it readable.
I couldn't have said it better myself. I personally use PHP for many small applications. I also make sure to heavily comment my code, and I try not to obfuscate my code (it kills me that some people compete to see who can write the most obfuscated Perl, for example. Try interpreting or revising that code a year from now).
Many times I've had to revisit code years after having written it, and when there are no comments, it is difficult to see what exactly I was thinking at the time -- in *any* language. Non-descriptive variable names, or attempting to put as much code in as few lines possible, are, IMHO, bad practices.
Personally I see nothing inherently wrong with PHP. If I'm working with a web-based application, under Apache, using a MySQL database, PHP is the first thing that comes to mind. Image manipulation (now integrated) and HTTP features (headers, cookies, form data, file uploads, etc) make PHP an easy choice for many web applications. I've done all of this in Perl, and some in plain-old-C, but PHP makes these things so easy...
Of course it's not for everything. I try to use whatever platform/language is most appropriate for the application at hand. Sometimes it's C or C++, perhaps it's Perl, whatever - I use whatever makes the most sense for what I'm hoping to accomplish. It just happens that, on my Linux server, PHP often stands out as the best choice. When writing Windows applications, I use a hybrid of VB6 and (in the form of a back-end DLL library) C/C++. On the server, PHP most often comes out as the clear choice. Ease of use, abundance of built-in functions/features, ease of database-to-web integration, and relative security all make PHP a good choice for many of my projects and ideas.
Some have referred to PHP as "loose", and I admit sometimes it can be. There is no equivalent to Perl's "use strict", and it's easy to unintentionally leave an opportunity for a user to pass unexpected variables -- but as long as you are able to keep this in mind, it's not difficult to make a relatively secure PHP script. Just make sure any important variables are declared/set/validated at the start of the script. I admit, I do love Perl's "strict" module, since it leaves no question as to whether a variable's data is trustworthy... but PHP is a different language, with different features. You can't discount it as a viable language because of a single missing feature...
Most of the time, autocorrect helps me with my lack of typing ability rather than actually correcting a word that I did not know how to spell. But I still prefer the red underline, so you have to fix it yourself.
I agree 100%. As long as the software points out the problem, so that you conciously have to tell it to correct it, you have learned something. It's the auto-correct (eg, when Word changes "teh" to "the" with no indication) that I have a problem with.
I thought it was an AIM-borne disease where one by one my friends all started to use 'your' in place of "you're."
Do you read Slashdot much? That is one of the most common issues around here; between "your" and "you're", and "there", "their", and "they're"... sure, in context one can easily see which variation was intended, but it bugs me that the writer didn't understand the difference... and for me, unintentionally and subconciously, such a mistake immediately kills the credibility of the comment...
I admit also that, given the subject matter, I had to look up "credibility" at Dictionary.com:)
While I don't dispute your experience, I have to say that word processors (or IM clients) that flag suspect words has actually improved my spelling. I see the mispelled words so often that I start making a mental note of the ones I screw up the most, one at a time.
I agree with you on this. I also replied to the parent post, but there is a huge difference between when the software shows you the mistake, perhaps suggesting an alternative, and when it simply "fixes" it. For example, open Microsoft Word and type "teh". The word will magically become "the", with no feedback or warning.
When a word or phrase is underlined, flagging that you did something wrong, then you have to actually look at it, right-click it, and let the software correct it. This can, in fact, improve your spelling and/or grammar, because you have to acknowledge that you did something wrong. On that I fully agree with you.
It's the fully automatic corrections that bother me. If you get used to typing "teh" for "the", and "cna" for "can", etc, you might find yourself in a situation (say, at a job using different software) where these auto-corrections aren't available, and you might simply overlook the mistake.
Hell, for the longest time, when I was doing tech-support for a web hosting company, I frequently found myself typing the following phrase:
We appologize for the inconvenience
I focused so much on making sure to spell inconvenience correctly (I before E and so on) that I didn't realize I was misspelling appologize... lol:)
Word Processor Autocorrect...Is much worse for spelling than instant messaging ever was.
I hadn't thought of this, but I agree fully. My sister always forgets to turn on the headlights when she drives my car, because her car has automatic lights. She's so used to this, that it never occurs to her that some vehicles require her to actually pull a switch...
Auto-correct has plagued me for a long time. In an older version of Microsoft Works, which I used at a job I once had, I couldn't type CNA (Certified Nurse's Assistant) without it changing it to CAN. I finally upgraded to Office 2000, since Word now has the ability to remove specific corrections from it's automatic thing...
But back on point, I agree - some people are simply lost without auto-correct. It's one thing when the software suggests a better spelling or phrasing, where the user has to actually see and acknowledge the problem; but when it happens automatically, the user often never even realizes a problem existed.
I doubt there are many people out there who think they are typing correcting when really they are using net speak.
Another good point. My younger sister knows that when shey types "lol, omfg thats funny:)", it does not represent proper english. She simply knows that the recipient understands her meaning. This is fine, as long as she also has the ability to, when necessary, use proper English, grammar, and punctuation. Unfortunately in many cases this tends to require much more effort, to break away from the 'Net speak they are more comfortable with. It becomes a chore to type properly, for example when creating a resume or cover letter, because (to these people) daily typing doesn't require following such rules...
Which probably explains your grasp of grammar. In my experience, foreign language grammar is much better taught than native language grammar.
Something I have noticed is that English is one of the most sloppy languages around -- at least our American variation. Most languages follow very strict rules. English has so many exceptions that you simply have to know about. "I" before "E", except after "C", or where an "A" sound is desired, such as Neighbor or Weigh... ugh!
So, someone who grew up with a strict language with simple, specific rules, might be more able to critique someone's English, simply because they see the fine points we may not.
Another reason might be that in the US, slang, or "creative" uses of our language, are tolerated in so many situations. Our own president uses the word "ain't" during formal public addresses. We adopted "google" officially as a verb (Webster's New Millennium Dictionary 2003). In other words, American English changes more frequently than most languages, often to accomodate common uses of a word or phrase. Which of course adds to the miriad of rules with exceptions that apply unless...
In other words, English requires knowing the rules, the exceptions, and the specific exclusions to the rules and exceptions. As a programmer, English is the hardest language I've had to learn (and note, I don't know any spoken language other than English, so I don't exactly have the best frame of reference... corrections welcome!)
I've never taken a formal keyboarding class, yet through the use of chat on the Internet, I've developed nearly 50WPM typing ability.
This may be true, but if you had to type a document with proper grammar and punctuation, would you be able to maintain that typing speed? I have friends who can type very fast when grammar, punctuation, and abbreviations are not a factor; but ask them to type a formal document, and their typing speed suffers dramatically. This is because more effort is required, as this form of writing is somewhat foreign compared to their everyday typing.
If you stay in the practice of using proper grammar and punctuation, it will simply come naturally. Then, your 50 WPM (or whatever) will apply in any situation, and won't suffer when more strict rules happen to be in place (for example, creating a resume or cover letter, or taking a formal typing test for a job interview).
Personally (and this is not typical, I am a computer programmer and I handle tech support emails, etc) I can type 90+ words per minute. Even faster if I already know what I'm going to type (eg, thoughts from my head, rather than retyping something I am reading).
On the other hand, I do agree with your point to an extent. I know many people who would never have learned to type if it weren't for IM or chat. In fact, many of my younger friends can text-message much faster than I can... This type of communication (IM/chat) does encourage one to learn to type without having to look, etc. As long as you don't become dependant on using Internet short-hand and foregoing grammar and punctuation.
On another note, I type fast, but I know I don't type "correctly". Most notably, I hit the 'B' key with my right hand. For that reason I can't use a "split" keyboard such as Microsoft's "natural" keyboard. There are other keys I hit with the "wrong" hand (or, with either hand depending on the situation), but that's the one specific key I remember being the biggest problem... I also have never taken a "formal" typing class, but I've had a computer since I was 6 (Commodore VIC-20 in 1981)...
From my experience, if you don't type in shorthand, it's possible that you will start typing faster. I found it funny how I could type and send my message faster in correct English than someone who was typing in shorthand.
I agree with this. I admit that I tend to fall back to "IM Shorthand" when I'm chatting with someone who does the same... but I also handle tech-support emails for my software products, and in those cases I try to maintain some level of professionalism. For that reason, I generally tend to capitalize, punctuate, and form complete sentances. Many times I find myself responding to a support or sales question written in all CAPS, using extremely poor grammar/spelling, but for professionalism I make sure not to fall into that myself.
I even get made fun of by my not-so-literate friends when communicating via IM or chat... for being too "proper". I also get flak for my excessive use of the ellipsis... but when I do it, it's usually because I have more in my head but choose to leave out the rest...
Anyway, I only use IM-style abbreviations when chatting with someone who does the same, mostly to try to relate at their level (only with friends, in a non-professional setting). I do the same thing with spoken word; in a professional conversation I would never use the word "ain't", but when talking with my friends or family, I often find myself using the word. It usually happens without thought. I guess I tailor my language (or use of it) to the people I'm communicating with. I think it's mostly because I don't want to sound like I'm trying to sound superior or more proper. Or maybe I'm just trying to fit in with present company. Whatever it is, it's done subconciously, though I do notice myself doing it after a few minutes. My sister has even pointed this out to me, having witnessed the changes in my language usage with different company present...
Back to the point of the parent and my agreement, I do type pretty fast. I write a lot of code, and I answer a lot of emails, but because I usually try to use proper punctuation and grammar, it comes naturally (no extra effort required). I find myself holding the shift key down (like I just now did for "I") while thinking about the next sentance I plan to type.
On a rather humorous note, I just now triggered the Windows accessibility dialog to come up by pressing Shift five times while thinking about the next sentance to type. Apparently I have not yet disabled this shortcut on this particular Windows install...
I can suggest several branches of computer literacy:
1): the ability to interact with common GUIs. Know what a mouse is, be able to click it and make things happen. As a bonus, add right-click (or whatever the hell you Mac people do). Learn to read dialog boxes and respond to them.
On this one, I agree. Regardless of the system in use, basic I/O (keyboard, mouse, screen) knowledge should be required.
3): Absolute basic hardware! Be able to take your computer apart, move it to a different room, stick all the things in the back in, and have it work as it did before. Knowing the various jacks by sight might get bonus points, but isn't strictly necessary.
I agree on this point to an extent. Moving the machine to another room should be considered basic knowledge. Changing hardware internally should not. A few years ago I might have thought so, but these days, the tower is (considered by most) a device you don't open, like your VCR, DVD etc... hell, these days I hesitate to advise people to keep their PC plugged in (for grounding purposes) since many systems no longer have a hard-wired "off" switch...
4): Regular maintenance. Know what a virus is, and why you have to keep your virus definitions up to date. Know what a patch is, and why you're supposed to install one.
Unfortunately this is the case these days. Viruses used to be somehthing you got when you did something stupid (say, loading a program from a friend's diskette, or downloading a program from an unknown source). Now days, they are almost an inevitability...
5): More theory. Learn basic technical concepts, like what an operating system is, what an application is, the difference between memory, hard drive, processor, networking.
I want to agree with this point. But it's difficult when I go to my aunt's house, and she refers to the tower as the "modem" or the "hard drive". She has no understanding of what makes up the computer at all...
I've tried to explain my Linux box to people I would even consider "computer literate", only to be met with blank stares... to many, a computer runs Windows, period. The idea that there might be something else just confuses them...
6): Internet basics...
This proves to be very difficult in some cases. I've tried to turn friends/family on to Firefox, without success. Most users don't understand that the Browser is no more than an application (Microsoft made sure of this). They usually see the "blue 'E'" as "The Internet".
7): Security. Know what a firewall is and what it does. Understand why you don't run attachments sent by random people. Have some idea of what constitutes a good password.
Most of my friends/family use a hardware firewall (eg, a Linksys router or similar). In a way it's a good thing, in that they don't have to know/care what it is, what it does, why it's necessary...
But trying to explain it's purpose is usually futile. Attachments? My Dad doesn't understand when I explain why an.EXE is bad, but a.JPG is ok, and so on. Luckily he uses (ugh!) Outlook, which (newer versions) by default block dangerous extensions... and he doesn't have to care why.
Bottom line: The term Computer Literate depends on context. If you're hiring someome to write C++ code using.Net and the Win32 API, your definition will be different from someone looking for one to write press releases in MS Word, with the occasional quarterly profit forecast chart in Excel... or if you're looking for someone to answer sales emails using a web-based system...
In other words, there is no single definitive definition of computer literate that I am aware of.
I think I'm on the same page as the parent here, but in a shorter form...
You can be a good driver without knowing how the car works. Likewise one can be "computer literate" without knowing how the computer works internally.
If you know how cars work, and how to work on them, you might be more proficient in their operation. Likewise with computers. Sometimes knowing the internals (and having an understanding) helps to use a device/product on a day-to-day basis. But it isn't required, nor should it be.
To me, "literacy" of anything (computers, cars, language) simply means the ability to utilize the item to get things done. I'm literate in English, eg I can easily communicate using the language. However, I know very little about the origins of the language. Or where it originated. Or why. Nor do I care.
With cars and computers, I do know these things. But unless you're looking for a low-level programmer, or an auto-repair mechanic, literacy usually means the ability to use the technology for a specific person.
In an office environment, computer literacy may mean knowledge of MS Office. In a development environment it usually means more than that.
There is a huge difference here. A delivery driver is responsible for a several-ton machine, which in a bad situation could cost lives. Mom & Dad behind a PC keyboard, on the other hand, risk nothing more than the contents of their hard drive. This is why a state-issued license (and tests, etc) is required to operate a vehicle, while anyone can operate a PC.
Also note that there are very different requirements (in most states) for operating a standard vehicle, and operating a commercial vehicle. In Indiana, anyway, a commercial license requires some knowledge of the vehicle (inspecting each axle, knowing the allowed per-axel weight, etc). So a commercial vehicle (such as the delivery truck referenced in the grand-parent) has a higher potential risk, it also carries a heavier responsibility with the government than a passenger vehicle does.
In all I agree with the parent. A computer requires some knowledge, but this isn't enforced because the user only endangers themselves. A driver holds some responsibility, and is required a basic level of knowledge. A commercial driver holds more responsibility, and therefore is required to have a higher level of knowledge.
That's like saying you should be able to assemble a car before you can drive...
There is a big difference here. The average motorist can get by without ever having to know the internal workings of the car. Cars come with warranties -- if anything goes wrong internally, someone comes out and tows the car, and fixes the problem while you drive a loaner if the problem was not your fault.
If you (for example) put Diesel fuel in a gasoline car, I doubt your warranty would cover it. If you failed to shift properly (redlined the engine RPMs), the warranty would also not likely cover the repairs. Some level of knowledge is required to operate and maintain an automobile.
Computers aren't much different. There is an expected level of knowledge required to operate a machine this complex. If you fail to meet this requirement, and therefore harm the machine, no warranty covers this.
Granted, most problems (viruses, malware, etc) don't physically harm the machine; however the repairs involved do cost the user real money. The only difference is this: the State requires that you learn certain rules before you can drive a car, where anyone can operate a computer regardless of their ability to do so. Cars can easily cause harm if operated improperly, where computers cannot. This is why there are government requirements to operate a motor vehicle, and not to operate a computer.
In other words, one should learn to operate a computer in the environment they intend to use it. If one chooses not to do so, they only hurt themselves and their own investment. Buying a computer is no guarantee that it will be usefull to you without some effort. The car analogy simply doesn't work, because when you are in control of a 2,000 pound machine, you are putting lives at risk; thus, governments usually restrict operation of such vehicles to those who can prove their ability to do so (eg, driver's tests, etc).
Failure to learn to properly operate a computer only hurts yourself, thus no such rules are required. For the same reasons, there shouldn't be any such rules in place to operate a computer. A teenager operating a computer isn't going to cost me my life if things get out of control as could be the case with a car.
It ended decades of American invulnerability in space.
I agree with this point. America did have a feeling of invulnerability (or at least, a feeling of superiority) with regard to space travel. Russia beat us to it, but dammit we were gonna beat the rest of the world.
Then Challenger happened.
However, I still don't consider it a tragedy. It was a bad occurance, yes -- but it was NOT a tragedy. Every person on that ship knew the risks, and went on board despite those risks to further our scientific knowledge. Of course they didn't deserve to lose their lives, but they knew that such a risk was there, and was very real, before they signed on.
7 deaths is disastrous when they are important to the people of the world. If you play the numbers game here, I'm sure that you'll find it difficult to justify your line between disaster and tragedy.
Yes, but to me, if those seven people chose a career that was experimental and extremely risky, then death is simply a potential factor. Don't think that I don't feel for the astronaughts or their families, but they knew the risks...
Do millions of Native Americans slain in Canada, the United States and the rest of the Americas count? Does John F. Kenney's assassination count?
I admit, often the importance of the individual makes a huge difference. But I see this case (the Challenger, and later Discovery) in a different light. Yes, those people were important, but they chose a career which contained certain risks, including the risk of loss of life. Many others chose the same path and did not lose their life, but they all took the same risk. Those who did lose their lives did so in an effort to further our scientific knowledge.
Yes, it's sad that we lost some great people. But those people knew what they were risking (I'm sure forms were signed long before anyone ever entered any shuttle)...
How is this self awareness, rather than awareness of infinite loops?
That about sums up all of the definitions of self-awareness I've seen in this thread thus far. First, there is no one definition of self awareness that I'm aware of. I like to think that I, personally, am self aware. I act selfishly sometimes, and I know which actions will benefit myself and which ones will not. But that alone could *still* be a programmed reaction...
The point is, as long as a computer (or robot, whatever) is doing what it was programmed to do, I won't accept that it's self-aware. All attempts that I know of are programmed responses; detect visual input, determine whether it's a reflection or imitation; provide conclusion based on analysis (as in the article). This isn't self awareness, just programmed response (perhaps with some seriously advanced input sensors, no less). Give a robot the ability to tell itself apart from another, similar robot -- and you've accomplished something really neat. But that is STILL not self awareness, rather really nice sensory input and discrimination...
I'm honestly curious as to how this research leads to such a profound statement re: expressing emotions.
I agree. So a robot can tell the difference between a mirror reflection, and a clone attempting to immitate it. Tell me this: is there some code behind this, designed for this purpose? Or did this robot simply demonstrate this ability unprovoked?
I'm guessing someone at some point wrote code to dictate this robots behavior in such a situation. So in my opinion this robot is simply a program, doing what it was designed to do. If you can show me that this robot demonstrated this behavior unprovoked, and with no programming to dictate such behavior, I'd be a lot more interested.
Hollywood may like the idea of making their movies so secure that most people can't even play them, but device makers won't appreciate having to redesign their entire product line.
I wish I could believe this, but consider how any commercially produced DVD player obeys the current wishes of the content industry. Region coding, non-skippable portions, etc. There's no technical reason a particular player couldn't play any "region" disc, and there's no technical reason a player can't skip a particular chapter (be it the so-called FBI warning or a preview they feel you just have to see).
Hardware manufacturers will continue to do whatever the content industry wishes if they want to compete. Hell, if they don't agree, the content producers simply won't license the rights to decode the CSS encryption found on DVD discs. If the RIAA/MPAA makes more demands, I'm sure the hardware makers will gladly comply; if not, a hundred others in China or Korea will gladly take their place. If DVD playback hardware was your business, wouldn't compliance be in your best interests business-wise?
Sadly, a trend I have noticed recently is adverts at the start of DVDs that can't be skipped.
It's a "feature" that is part of the DVD spec to force you to view the "FBI Warning". You know, that screen that informs you that it would be a federal offence to copy the movie (however untrue it may be, since such a violation would be handled by a civil court).
So, DVD makers have started using this flag for their ads and/or movie trailers, so most DVD players or drives won't allow you to skip whatever content they decide to put there. I've seen many newer discs with 5 to 20 minutes of previews and/or ads that use this flag.
So basically, they've taken a "feature" intended to discourage copying, and used it to require viewing of ads. Your DVD player is perfectlly capable (on a technical level) of skipping such ads, but by contract it simply won't let you do so until the DVD disc says it's okay to view the menu. This flag was created to force you to view the copyright information, and is instead abused to require you to watch previews or ads before you're allowed to watch the movie -- be it a rental or a movie you purchased for your own viewing pleasure.
Not all DVDs abuse this flag, of course. Many DVDs let you hit the "Play" button right away to start the feature. But some, notably those released by one of the big studios, abuse the feature and make you watch not only the "copyright notice" but also several previews/ads before you can access the DVD menu...
Note that a DVD player *could* technically skip this if it was made to do so, but out of fear and/or contractual obligations, all consumer players seem to obey this flag. So your DVD player isn't really working for you, rather it's working for the MPAA. As though the MPAA purchased the player for you at no cost to yourself...
For those of us familiar with Unix and other OSes with a reasonable degree of modularity, the distinction is obvious, but if all you know is MS Windows, even if you know a fair amount about it, the idea of separating OS and UI may never have arisen.
In reality it's all arbitrary anyway. Who's to say that modularity is the correct implementation? Or that integration is the way to go? MS isn't wrong, nor is the Unix community.
The point is, to a disabled person, all that matters is this: does the system as a whole work for me? Can I accomplish what I need to with it? I don't care where you place the arbitrary line between OS/GUI/App... all I care about is whether the system, as a whole, works for me.
Realistically this could be applied to anyone, disabled or otherwise...
On the other hand, both your response and the one it responds to are crass and ignorant.
I somewhat agree with you. The bottom line is, IMO, this:
It doesn't matter where the line is drawn between OS and GUI. What mattters is the product as a whole. If a blind person can utilize the system, then something was done right. The blind man does not care whether his special features are part of the OS, or the UI, or some application... he only cares that it works.
Slashdot Mirror
...myspace video requires Internet Explorer to even work.
I use FireFox exclusively, and have for a few years now... and I've never had a problem with MySpace videos. I've been using FireFox long before I even heard of MySpace.
Their videos are Flash (whatever format you upload is converted to a Flash video, same as YouTube), so if you have a relatively recent version of the Flash Player installed, the vids work fine in Firefox. Also, though their pages are generally far from standards-compliant, they show just fine in FireFox/Mozilla/Opera... at least in my experience. And even most of my (non-computer-literate) family uses firefox, mostly for tabbed browsing and popup control...
I upload to both myspace and you tube. myspoace has better compression and audio video sync.
This probably is partially the reason
I was waiting for someone to mention this. The major complaint I have about YouTube is that my videos are converted to mono sound, where MySpace retains the stereo sound. I also upload all of my videos to both sites, for maximum exposure, but the MySpace versions always seem to look/sound better (source video is WMV 9 at 512kbps).
Personally I hate the interface/user experience of both sites; youtube is simple, but sorta primitive. Myspace is just too cluttered and riddled with ads, not to mention inconsistant and buggy (error messages are quite frequent during "after school" hours)...
Both use some form of Flash, and I do appreciate the file size/quality ratio of both sites (on my DSL, playback usually starts immediately without a lengthy buffering period). But given a choice, I prefer MySpace, if only because I like to preserve the stereo audio I so carefully produced...
If that's any indication of the design of the rest of the system, it sounds awfully braindead to me. Computers are supposed to work *for* you, not against you.
I see you are new to Microsoft products. Your sig seems to state otherwise, but since you still seem to believe that your computer should work for you, rather than for Microsoft, you obviously have yet to experience any Microsoft product in action.
I genuinely feel sorry for anyone who has to experience Windows for the first time, especially if they are used to any other OS...
But things like SQL Injection is one of many reasons I just love ASP.NET.
I noticed that the server in question is actually a Windows box running MS SQL. Not that this means anything by itself, but personally I consider Windows to be a desktop OS, and personally I would never rely on Windows in a server environment. But opinions aside...
I admit, the code you exploited could have just as easily been PHP on a *nix platform, so I cannot blame the operating system. I can only blame the programmer that left this gaping hole open for anyone to exploit. I am assuming here that your test scenerio was in fact something you actually found on a real-world server, otherwise the entire point would be invalid. I will, for the purpose of my response, assume your scenerio actually happened, and you actually exploited the unchecked SQL vulnerability, using the method you describe.
So, assuming the above, I have to say, whoever wrote the code behind the application in question needs to learn a thing or two about input validation. It doesn't matter what scripting language is being used, or even what OS it is run under. The same rules apply: don't trust ANY data sent by the user, or data from any external source for that matter. Everything should be validated, or compared against a set of rules (for example, an email address should always follow specific conventions; a filename should not reference a directory you haven't specifically allowed for; and so on).
Personally I would never have a Windows environment on a server machine, but that is only my personal preference. The fact that this particular script was easily exploitable had nothing to do with Windows, or ASP for that matter. So those who like to put down PHP because a poorly written PHP script could be exploited, need to realize that the same errors can be made regardless of the language (or platform). Sure, PHP's ease of use makes it particularly easy to make such a mistake, but I don't feel that this is a fault of the language itself. Just because one makes it easy to make a mistake, doesn't necessarily put one at fault when such a mistake is made. Some level of responsibility lies on the person who wrote the script. Regardless of how easy the language is to use, the programmer should have some knowledge of how things work on the Internet, before exposing their first bit of code to the world...
In short, no matter what platform you use, or what scripting language you code with, the responsibility still lies on you (the programmer/coder) to make sure the code is not exploitable. In some cases, this simply requires experience, but in most cases it simply means not trusting any user input sent by a browser (or other source). Validate everything, and trust noone. This sounds cynical, but unfortunately when your script is accessible to *anyone in the world*, you have to take such precautions...
That's taint mode you're thinking of, rather than the 'strict' pragma.
You're absolutely right -- I confused the two because I used to use both, and it's been about three years since I've done any serious Perl coding. Taint mode (all external data is considered "tainted") helped to ensure that you at least looked at/modified outside data, before you used it. Otherwise, an error was raised.
Strict would have been (if I remember) the module that required you to declare all variables/functions/references. Again, I think...
Either way, my point still stands: I love PHP, but PHP doesn't offer anything equal to that for security... PHP offers "safe mode", but that simply restricts which directories a script can access. There is nothing to ensure outside data is validated before it is used or passed on to the system, etc... and of course nothing exists to force variable declaration, which can help prevent typos in variable names from causing major problems.
I still love PHP for both its simplicity, and its built-in functions that make many tasks much easier. However, I do admit that if one doesn't know what he's doing, PHP can make it easier to make mistakes that a beginner may not know to look for. For an experienced programmer, though, PHP can be a god-send for creating simple but powerful web scripts...
Your example is slightly flawed as mysql_query doesn't allow the execution of multiple sql queries by default.
...where UID = '$uid' or 'uid!=0'...
Okay, try this:
$result = mysql_query("select password from users where UID = '$uid'");
Assume $uid was passed from a web form. And suppose you passed this to the script:
&uid=0'%20or%20'uid!=0
So, once parsed by PHP, you have:
Just a simple example, but I have seen more complex queries manipulated in a similar manner if the user input isn't properly escaped/validated. In short, never pass user input to an outside program, database, or (especially) filesystem without validating the data first...
This is not to say I don't love PHP -- which I do -- it is just that in ANY language, it is easy to overlook some detail that some hacker/cracker may exploit. Especially if that person has access to the underlying code (though sometimes looking at the HTML form is enough information to exploit the underlying script...) so be careful with user input no matter what language you use for the back-end code.
For those who may be curious, the proper way to actually prevent SQL injections...
I'm not negating your point, as I do agree with it. But it can be put much more simply: a script should NEVER trust ANY user input, period. Anything passed to the script should be validated; make sure a value is within range, or otherwise is an expected input. If the input doesn't match some predefined pattern, it should be rejected.
I do love PHP, and I use it quite frequently, but Perl has the "scrict" module that I personally love. Any variable modified by anything outside the script itself is marked as "tainted", and you have to do some kind of validation before Perl will even let you use it. It is a great fail-safe IMO, so even if you happen to overlook or forget a particular variable, Perl simply won't let you use it until Perl is satisfied that you've checked it...
Other than that, it's not that difficult to write safe PHP code. Just check any variables with user input, and any variables a user might attempt to set (even if you aren't expecting them to). Also, globals are not valid within a function, so be more careful within the top-level of a script; as long as you validate any data passed to a function, a user can't override variables within that function.
If people can't read your source code, it doesn't matter that the langauge itself sucks. Of course, it's easy for a lazy programmer to blame the language instead of cleaning up the source code to make it readable.
I couldn't have said it better myself. I personally use PHP for many small applications. I also make sure to heavily comment my code, and I try not to obfuscate my code (it kills me that some people compete to see who can write the most obfuscated Perl, for example. Try interpreting or revising that code a year from now).
Many times I've had to revisit code years after having written it, and when there are no comments, it is difficult to see what exactly I was thinking at the time -- in *any* language. Non-descriptive variable names, or attempting to put as much code in as few lines possible, are, IMHO, bad practices.
Personally I see nothing inherently wrong with PHP. If I'm working with a web-based application, under Apache, using a MySQL database, PHP is the first thing that comes to mind. Image manipulation (now integrated) and HTTP features (headers, cookies, form data, file uploads, etc) make PHP an easy choice for many web applications. I've done all of this in Perl, and some in plain-old-C, but PHP makes these things so easy...
Of course it's not for everything. I try to use whatever platform/language is most appropriate for the application at hand. Sometimes it's C or C++, perhaps it's Perl, whatever - I use whatever makes the most sense for what I'm hoping to accomplish. It just happens that, on my Linux server, PHP often stands out as the best choice. When writing Windows applications, I use a hybrid of VB6 and (in the form of a back-end DLL library) C/C++. On the server, PHP most often comes out as the clear choice. Ease of use, abundance of built-in functions/features, ease of database-to-web integration, and relative security all make PHP a good choice for many of my projects and ideas.
Some have referred to PHP as "loose", and I admit sometimes it can be. There is no equivalent to Perl's "use strict", and it's easy to unintentionally leave an opportunity for a user to pass unexpected variables -- but as long as you are able to keep this in mind, it's not difficult to make a relatively secure PHP script. Just make sure any important variables are declared/set/validated at the start of the script. I admit, I do love Perl's "strict" module, since it leaves no question as to whether a variable's data is trustworthy... but PHP is a different language, with different features. You can't discount it as a viable language because of a single missing feature...
Most of the time, autocorrect helps me with my lack of typing ability rather than actually correcting a word that I did not know how to spell. But I still prefer the red underline, so you have to fix it yourself.
:)
I agree 100%. As long as the software points out the problem, so that you conciously have to tell it to correct it, you have learned something. It's the auto-correct (eg, when Word changes "teh" to "the" with no indication) that I have a problem with.
I thought it was an AIM-borne disease where one by one my friends all started to use 'your' in place of "you're."
Do you read Slashdot much? That is one of the most common issues around here; between "your" and "you're", and "there", "their", and "they're"... sure, in context one can easily see which variation was intended, but it bugs me that the writer didn't understand the difference... and for me, unintentionally and subconciously, such a mistake immediately kills the credibility of the comment...
I admit also that, given the subject matter, I had to look up "credibility" at Dictionary.com
While I don't dispute your experience, I have to say that word processors (or IM clients) that flag suspect words has actually improved my spelling. I see the mispelled words so often that I start making a mental note of the ones I screw up the most, one at a time.
:)
I agree with you on this. I also replied to the parent post, but there is a huge difference between when the software shows you the mistake, perhaps suggesting an alternative, and when it simply "fixes" it. For example, open Microsoft Word and type "teh". The word will magically become "the", with no feedback or warning.
When a word or phrase is underlined, flagging that you did something wrong, then you have to actually look at it, right-click it, and let the software correct it. This can, in fact, improve your spelling and/or grammar, because you have to acknowledge that you did something wrong. On that I fully agree with you.
It's the fully automatic corrections that bother me. If you get used to typing "teh" for "the", and "cna" for "can", etc, you might find yourself in a situation (say, at a job using different software) where these auto-corrections aren't available, and you might simply overlook the mistake.
Hell, for the longest time, when I was doing tech-support for a web hosting company, I frequently found myself typing the following phrase:
We appologize for the inconvenience
I focused so much on making sure to spell inconvenience correctly (I before E and so on) that I didn't realize I was misspelling appologize... lol
Word Processor Autocorrect...Is much worse for spelling than instant messaging ever was.
:)", it does not represent proper english. She simply knows that the recipient understands her meaning. This is fine, as long as she also has the ability to, when necessary, use proper English, grammar, and punctuation. Unfortunately in many cases this tends to require much more effort, to break away from the 'Net speak they are more comfortable with. It becomes a chore to type properly, for example when creating a resume or cover letter, because (to these people) daily typing doesn't require following such rules...
;)
I hadn't thought of this, but I agree fully. My sister always forgets to turn on the headlights when she drives my car, because her car has automatic lights. She's so used to this, that it never occurs to her that some vehicles require her to actually pull a switch...
Auto-correct has plagued me for a long time. In an older version of Microsoft Works, which I used at a job I once had, I couldn't type CNA (Certified Nurse's Assistant) without it changing it to CAN. I finally upgraded to Office 2000, since Word now has the ability to remove specific corrections from it's automatic thing...
But back on point, I agree - some people are simply lost without auto-correct. It's one thing when the software suggests a better spelling or phrasing, where the user has to actually see and acknowledge the problem; but when it happens automatically, the user often never even realizes a problem existed.
I doubt there are many people out there who think they are typing correcting when really they are using net speak.
Another good point. My younger sister knows that when shey types "lol, omfg thats funny
Just my opinion...
English is my third language
...
Which probably explains your grasp of grammar. In my experience, foreign language grammar is much better taught than native language grammar.
Something I have noticed is that English is one of the most sloppy languages around -- at least our American variation. Most languages follow very strict rules. English has so many exceptions that you simply have to know about. "I" before "E", except after "C", or where an "A" sound is desired, such as Neighbor or Weigh... ugh!
So, someone who grew up with a strict language with simple, specific rules, might be more able to critique someone's English, simply because they see the fine points we may not.
Another reason might be that in the US, slang, or "creative" uses of our language, are tolerated in so many situations. Our own president uses the word "ain't" during formal public addresses. We adopted "google" officially as a verb (Webster's New Millennium Dictionary 2003). In other words, American English changes more frequently than most languages, often to accomodate common uses of a word or phrase. Which of course adds to the miriad of rules with exceptions that apply unless
In other words, English requires knowing the rules, the exceptions, and the specific exclusions to the rules and exceptions. As a programmer, English is the hardest language I've had to learn (and note, I don't know any spoken language other than English, so I don't exactly have the best frame of reference... corrections welcome!)
I've never taken a formal keyboarding class, yet through the use of chat on the Internet, I've developed nearly 50WPM typing ability.
This may be true, but if you had to type a document with proper grammar and punctuation, would you be able to maintain that typing speed? I have friends who can type very fast when grammar, punctuation, and abbreviations are not a factor; but ask them to type a formal document, and their typing speed suffers dramatically. This is because more effort is required, as this form of writing is somewhat foreign compared to their everyday typing.
If you stay in the practice of using proper grammar and punctuation, it will simply come naturally. Then, your 50 WPM (or whatever) will apply in any situation, and won't suffer when more strict rules happen to be in place (for example, creating a resume or cover letter, or taking a formal typing test for a job interview).
Personally (and this is not typical, I am a computer programmer and I handle tech support emails, etc) I can type 90+ words per minute. Even faster if I already know what I'm going to type (eg, thoughts from my head, rather than retyping something I am reading).
On the other hand, I do agree with your point to an extent. I know many people who would never have learned to type if it weren't for IM or chat. In fact, many of my younger friends can text-message much faster than I can... This type of communication (IM/chat) does encourage one to learn to type without having to look, etc. As long as you don't become dependant on using Internet short-hand and foregoing grammar and punctuation.
On another note, I type fast, but I know I don't type "correctly". Most notably, I hit the 'B' key with my right hand. For that reason I can't use a "split" keyboard such as Microsoft's "natural" keyboard. There are other keys I hit with the "wrong" hand (or, with either hand depending on the situation), but that's the one specific key I remember being the biggest problem... I also have never taken a "formal" typing class, but I've had a computer since I was 6 (Commodore VIC-20 in 1981)...
I've rambled enough...
From my experience, if you don't type in shorthand, it's possible that you will start typing faster. I found it funny how I could type and send my message faster in correct English than someone who was typing in shorthand.
I agree with this. I admit that I tend to fall back to "IM Shorthand" when I'm chatting with someone who does the same... but I also handle tech-support emails for my software products, and in those cases I try to maintain some level of professionalism. For that reason, I generally tend to capitalize, punctuate, and form complete sentances. Many times I find myself responding to a support or sales question written in all CAPS, using extremely poor grammar/spelling, but for professionalism I make sure not to fall into that myself.
I even get made fun of by my not-so-literate friends when communicating via IM or chat... for being too "proper". I also get flak for my excessive use of the ellipsis... but when I do it, it's usually because I have more in my head but choose to leave out the rest...
Anyway, I only use IM-style abbreviations when chatting with someone who does the same, mostly to try to relate at their level (only with friends, in a non-professional setting). I do the same thing with spoken word; in a professional conversation I would never use the word "ain't", but when talking with my friends or family, I often find myself using the word. It usually happens without thought. I guess I tailor my language (or use of it) to the people I'm communicating with. I think it's mostly because I don't want to sound like I'm trying to sound superior or more proper. Or maybe I'm just trying to fit in with present company. Whatever it is, it's done subconciously, though I do notice myself doing it after a few minutes. My sister has even pointed this out to me, having witnessed the changes in my language usage with different company present...
Back to the point of the parent and my agreement, I do type pretty fast. I write a lot of code, and I answer a lot of emails, but because I usually try to use proper punctuation and grammar, it comes naturally (no extra effort required). I find myself holding the shift key down (like I just now did for "I") while thinking about the next sentance I plan to type.
On a rather humorous note, I just now triggered the Windows accessibility dialog to come up by pressing Shift five times while thinking about the next sentance to type. Apparently I have not yet disabled this shortcut on this particular Windows install...
I can suggest several branches of computer literacy:
.EXE is bad, but a .JPG is ok, and so on. Luckily he uses (ugh!) Outlook, which (newer versions) by default block dangerous extensions... and he doesn't have to care why.
.Net and the Win32 API, your definition will be different from someone looking for one to write press releases in MS Word, with the occasional quarterly profit forecast chart in Excel... or if you're looking for someone to answer sales emails using a web-based system...
1): the ability to interact with common GUIs. Know what a mouse is, be able to click it and make things happen. As a bonus, add right-click (or whatever the hell you Mac people do). Learn to read dialog boxes and respond to them.
On this one, I agree. Regardless of the system in use, basic I/O (keyboard, mouse, screen) knowledge should be required.
3): Absolute basic hardware! Be able to take your computer apart, move it to a different room, stick all the things in the back in, and have it work as it did before. Knowing the various jacks by sight might get bonus points, but isn't strictly necessary.
I agree on this point to an extent. Moving the machine to another room should be considered basic knowledge. Changing hardware internally should not. A few years ago I might have thought so, but these days, the tower is (considered by most) a device you don't open, like your VCR, DVD etc... hell, these days I hesitate to advise people to keep their PC plugged in (for grounding purposes) since many systems no longer have a hard-wired "off" switch...
4): Regular maintenance. Know what a virus is, and why you have to keep your virus definitions up to date. Know what a patch is, and why you're supposed to install one.
Unfortunately this is the case these days. Viruses used to be somehthing you got when you did something stupid (say, loading a program from a friend's diskette, or downloading a program from an unknown source). Now days, they are almost an inevitability...
5): More theory. Learn basic technical concepts, like what an operating system is, what an application is, the difference between memory, hard drive, processor, networking.
I want to agree with this point. But it's difficult when I go to my aunt's house, and she refers to the tower as the "modem" or the "hard drive". She has no understanding of what makes up the computer at all...
I've tried to explain my Linux box to people I would even consider "computer literate", only to be met with blank stares... to many, a computer runs Windows, period. The idea that there might be something else just confuses them...
6): Internet basics...
This proves to be very difficult in some cases. I've tried to turn friends/family on to Firefox, without success. Most users don't understand that the Browser is no more than an application (Microsoft made sure of this). They usually see the "blue 'E'" as "The Internet".
7): Security. Know what a firewall is and what it does. Understand why you don't run attachments sent by random people. Have some idea of what constitutes a good password.
Most of my friends/family use a hardware firewall (eg, a Linksys router or similar). In a way it's a good thing, in that they don't have to know/care what it is, what it does, why it's necessary...
But trying to explain it's purpose is usually futile. Attachments? My Dad doesn't understand when I explain why an
Bottom line:
The term Computer Literate depends on context. If you're hiring someome to write C++ code using
In other words, there is no single definitive definition of computer literate that I am aware of.
I think I'm on the same page as the parent here, but in a shorter form...
You can be a good driver without knowing how the car works. Likewise one can be "computer literate" without knowing how the computer works internally.
If you know how cars work, and how to work on them, you might be more proficient in their operation. Likewise with computers. Sometimes knowing the internals (and having an understanding) helps to use a device/product on a day-to-day basis. But it isn't required, nor should it be.
To me, "literacy" of anything (computers, cars, language) simply means the ability to utilize the item to get things done. I'm literate in English, eg I can easily communicate using the language. However, I know very little about the origins of the language. Or where it originated. Or why. Nor do I care.
With cars and computers, I do know these things. But unless you're looking for a low-level programmer, or an auto-repair mechanic, literacy usually means the ability to use the technology for a specific person.
In an office environment, computer literacy may mean knowledge of MS Office. In a development environment it usually means more than that.
In short: computer literacy depends on context...
There is a huge difference here. A delivery driver is responsible for a several-ton machine, which in a bad situation could cost lives. Mom & Dad behind a PC keyboard, on the other hand, risk nothing more than the contents of their hard drive. This is why a state-issued license (and tests, etc) is required to operate a vehicle, while anyone can operate a PC.
Also note that there are very different requirements (in most states) for operating a standard vehicle, and operating a commercial vehicle. In Indiana, anyway, a commercial license requires some knowledge of the vehicle (inspecting each axle, knowing the allowed per-axel weight, etc). So a commercial vehicle (such as the delivery truck referenced in the grand-parent) has a higher potential risk, it also carries a heavier responsibility with the government than a passenger vehicle does.
In all I agree with the parent. A computer requires some knowledge, but this isn't enforced because the user only endangers themselves. A driver holds some responsibility, and is required a basic level of knowledge. A commercial driver holds more responsibility, and therefore is required to have a higher level of knowledge.
That's like saying you should be able to assemble a car before you can drive...
There is a big difference here. The average motorist can get by without ever having to know the internal workings of the car. Cars come with warranties -- if anything goes wrong internally, someone comes out and tows the car, and fixes the problem while you drive a loaner if the problem was not your fault.
If you (for example) put Diesel fuel in a gasoline car, I doubt your warranty would cover it. If you failed to shift properly (redlined the engine RPMs), the warranty would also not likely cover the repairs. Some level of knowledge is required to operate and maintain an automobile.
Computers aren't much different. There is an expected level of knowledge required to operate a machine this complex. If you fail to meet this requirement, and therefore harm the machine, no warranty covers this.
Granted, most problems (viruses, malware, etc) don't physically harm the machine; however the repairs involved do cost the user real money. The only difference is this: the State requires that you learn certain rules before you can drive a car, where anyone can operate a computer regardless of their ability to do so. Cars can easily cause harm if operated improperly, where computers cannot. This is why there are government requirements to operate a motor vehicle, and not to operate a computer.
In other words, one should learn to operate a computer in the environment they intend to use it. If one chooses not to do so, they only hurt themselves and their own investment. Buying a computer is no guarantee that it will be usefull to you without some effort. The car analogy simply doesn't work, because when you are in control of a 2,000 pound machine, you are putting lives at risk; thus, governments usually restrict operation of such vehicles to those who can prove their ability to do so (eg, driver's tests, etc).
Failure to learn to properly operate a computer only hurts yourself, thus no such rules are required. For the same reasons, there shouldn't be any such rules in place to operate a computer. A teenager operating a computer isn't going to cost me my life if things get out of control as could be the case with a car.
This is why I find the car analogy useless.
It ended decades of American invulnerability in space.
I agree with this point. America did have a feeling of invulnerability (or at least, a feeling of superiority) with regard to space travel. Russia beat us to it, but dammit we were gonna beat the rest of the world.
Then Challenger happened.
However, I still don't consider it a tragedy. It was a bad occurance, yes -- but it was NOT a tragedy. Every person on that ship knew the risks, and went on board despite those risks to further our scientific knowledge. Of course they didn't deserve to lose their lives, but they knew that such a risk was there, and was very real, before they signed on.
7 deaths is disastrous when they are important to the people of the world. If you play the numbers game here, I'm sure that you'll find it difficult to justify your line between disaster and tragedy.
Yes, but to me, if those seven people chose a career that was experimental and extremely risky, then death is simply a potential factor. Don't think that I don't feel for the astronaughts or their families, but they knew the risks...
Do millions of Native Americans slain in Canada, the United States and the rest of the Americas count? Does John F. Kenney's assassination count?
I admit, often the importance of the individual makes a huge difference. But I see this case (the Challenger, and later Discovery) in a different light. Yes, those people were important, but they chose a career which contained certain risks, including the risk of loss of life. Many others chose the same path and did not lose their life, but they all took the same risk. Those who did lose their lives did so in an effort to further our scientific knowledge.
Yes, it's sad that we lost some great people. But those people knew what they were risking (I'm sure forms were signed long before anyone ever entered any shuttle)...
How is this self awareness, rather than awareness of infinite loops?
That about sums up all of the definitions of self-awareness I've seen in this thread thus far. First, there is no one definition of self awareness that I'm aware of. I like to think that I, personally, am self aware. I act selfishly sometimes, and I know which actions will benefit myself and which ones will not. But that alone could *still* be a programmed reaction...
The point is, as long as a computer (or robot, whatever) is doing what it was programmed to do, I won't accept that it's self-aware. All attempts that I know of are programmed responses; detect visual input, determine whether it's a reflection or imitation; provide conclusion based on analysis (as in the article). This isn't self awareness, just programmed response (perhaps with some seriously advanced input sensors, no less). Give a robot the ability to tell itself apart from another, similar robot -- and you've accomplished something really neat. But that is STILL not self awareness, rather really nice sensory input and discrimination...
I'm honestly curious as to how this research leads to such a profound statement re: expressing emotions.
I agree. So a robot can tell the difference between a mirror reflection, and a clone attempting to immitate it. Tell me this: is there some code behind this, designed for this purpose? Or did this robot simply demonstrate this ability unprovoked?
I'm guessing someone at some point wrote code to dictate this robots behavior in such a situation. So in my opinion this robot is simply a program, doing what it was designed to do. If you can show me that this robot demonstrated this behavior unprovoked, and with no programming to dictate such behavior, I'd be a lot more interested.
Hollywood may like the idea of making their movies so secure that most people can't even play them, but device makers won't appreciate having to redesign their entire product line.
I wish I could believe this, but consider how any commercially produced DVD player obeys the current wishes of the content industry. Region coding, non-skippable portions, etc. There's no technical reason a particular player couldn't play any "region" disc, and there's no technical reason a player can't skip a particular chapter (be it the so-called FBI warning or a preview they feel you just have to see).
Hardware manufacturers will continue to do whatever the content industry wishes if they want to compete. Hell, if they don't agree, the content producers simply won't license the rights to decode the CSS encryption found on DVD discs. If the RIAA/MPAA makes more demands, I'm sure the hardware makers will gladly comply; if not, a hundred others in China or Korea will gladly take their place. If DVD playback hardware was your business, wouldn't compliance be in your best interests business-wise?
Sadly, a trend I have noticed recently is adverts at the start of DVDs that can't be skipped.
It's a "feature" that is part of the DVD spec to force you to view the "FBI Warning". You know, that screen that informs you that it would be a federal offence to copy the movie (however untrue it may be, since such a violation would be handled by a civil court).
So, DVD makers have started using this flag for their ads and/or movie trailers, so most DVD players or drives won't allow you to skip whatever content they decide to put there. I've seen many newer discs with 5 to 20 minutes of previews and/or ads that use this flag.
So basically, they've taken a "feature" intended to discourage copying, and used it to require viewing of ads. Your DVD player is perfectlly capable (on a technical level) of skipping such ads, but by contract it simply won't let you do so until the DVD disc says it's okay to view the menu. This flag was created to force you to view the copyright information, and is instead abused to require you to watch previews or ads before you're allowed to watch the movie -- be it a rental or a movie you purchased for your own viewing pleasure.
Not all DVDs abuse this flag, of course. Many DVDs let you hit the "Play" button right away to start the feature. But some, notably those released by one of the big studios, abuse the feature and make you watch not only the "copyright notice" but also several previews/ads before you can access the DVD menu...
Note that a DVD player *could* technically skip this if it was made to do so, but out of fear and/or contractual obligations, all consumer players seem to obey this flag. So your DVD player isn't really working for you, rather it's working for the MPAA. As though the MPAA purchased the player for you at no cost to yourself...
For those of us familiar with Unix and other OSes with a reasonable degree of modularity, the distinction is obvious, but if all you know is MS Windows, even if you know a fair amount about it, the idea of separating OS and UI may never have arisen.
In reality it's all arbitrary anyway. Who's to say that modularity is the correct implementation? Or that integration is the way to go? MS isn't wrong, nor is the Unix community.
The point is, to a disabled person, all that matters is this: does the system as a whole work for me? Can I accomplish what I need to with it? I don't care where you place the arbitrary line between OS/GUI/App... all I care about is whether the system, as a whole, works for me.
Realistically this could be applied to anyone, disabled or otherwise...
On the other hand, both your response and the one it responds to are crass and ignorant.
I somewhat agree with you. The bottom line is, IMO, this:
It doesn't matter where the line is drawn between OS and GUI. What mattters is the product as a whole. If a blind person can utilize the system, then something was done right. The blind man does not care whether his special features are part of the OS, or the UI, or some application... he only cares that it works.