Reality is what I quoted. You've linked to an article that spins this as good for BNSF, but doesn't actually repudiate any of what I've said.
Sure, it's good for the railcar industry, but Buffett doesn't actually own any of the railcar industry.
Oil is not a business class 1 railroads are particularly happy about. It's not high margin, and if it went away tomorrow it wouldn't affect their profits in the slightest. But it would make a whole lot of them breath easier about the safety issues.
As for your linking to an increased valuation for BH in one day - who gives a shit? Investors don't run railroads, and managements are generally terrified of speaking about what markets they don't want in public, as any perception they've done anything to kill a particular market will result in action by the STB.
(There are, to be fair, some shortlines that rely on oil revenues, but Buffett doesn't own them either.)
Slow Down Cowboy!
Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment.
It's been 4 minutes since you last successfully posted a comment
Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator
In fairness the Linux kernel has pretty much always been like that since they introduced modules, and in any case, RedHat is hardly the only Linux distribution to use Linux.
If your application doesn't whitelist the classes it deserializes from an untrusted user, you deserve everything you get.
Define you and your here! How many people do you think will be hit by this who had any role whatsoever in the development or design of the standard install of the application concerned.
I think there's a lot to be concerned about here. At the very least:
- It should be easier to update a single library for a range of Java applications
- It should be easier to distribute security updates for Java applications and libraries
- Java's serialization scheme, in assuming that anything in the classpath would constitute a valid object to be deserialized, needs some rethinking.
I'm curious to know whether many/any other languages are in a similar situation. I've certainly seen some cryptic crap in the past generated by PHP that's supposed to be an implementation of something similar, but never investigated it in detail. It might be done right, which would be a miracle if it's PHP...
I'll be honest, I never fully trusted Java's serialization and always chose to design output formats instead. A lot of developer co-workers felt I was creating work for myself, and my main motivation was to have a format I (and others) could understand and debug, but - hey, understanding is half the security battle.
Oil isn't really a major earner for any railroads or a particularly high proportion of their revenues (IIRC it's less than 3%, but I can't be bothered right now to find the exact figure.) The railroads themselves aren't actually interested in the business - they carry it because they're common carriers, but from their point of view it's risky (see Lac Magentic) and a major liability with inadequate profit margins.
And, again for what little it's worth, if you open up a large map of Northern America, plot where all the recent oil disasters have been, and then the Keystone XL pipeline, you'll notice that it seems to be fairly far away from them. Why is this? Well, because crude oil trains travel the entire US. The Keystone XL would have been a tiny proportion of transported oil had it ever come to pass. So Keystone XL's rerouted oil would be a tiny percentage of an already tiny percentage of the market.
So, no, this wasn't done as a favor to Buffett, in fact he's probably unhappy with the decision, if he cares at all.
I believe you got the last letter wrong. Garrett doesn't believe Linux has unfixable shortcomings, he believes the development process (ie Linus, not Linux - though this is an unfair personalization that I'm sure he'd be troubled with) is the problem.
There's no reason to believe that he believes Linux is a worse starting point than one of the *BSDs, nor that any of the *BSDs lack the problems the Linux process has (FreeBSD's politics are legendary, as is OpenBSD's Theo De Raadt's temper.)
I'm not sure that example is much of a problem. The certificate is checked, and the user asked, before the actual HTTP request is made. The sequence is "Set up secure link, if there's a problem check with the user, if everything's OK so far send the GET or POST, header, and form data."
"Exception"? Do you even understand the words you're writing? You're arguing the Nexus series is an "Exception" to the concept that Android is "designed" to disallow upgrades?
Are you aware that the Nexus series are mobile phones? Not operating systems or distributions of Android?
Your claim is that Android, by design, prevents users from upgrading it. You're wrong. The fact Nexus users (and users of many other models of phone bundled with Android) can upgrade their phones without having to get permission from the manufacturer or Google or anyone else proves you're wrong.
I wasn't referring to Google approving their own updates. I was referring to the Nexus series allowing users to update their own phones. You don't need Google's permission to do so.
I hate that feature. It isn't obvious it's a link, and the equivalent location on Reddit simply lists every article ever posted to Reddit from that domain (which is completely effing useless, but as Reddit does that anyone who uses Reddit occasionally instinctively ignores a domain name that appears immediately after an article title.)
I wasn't referring to Google approving their own updates. I was referring to the Nexus series allowing users to update their own phones. You don't need Google's permission to do so.
In any case your comment was that Android was the bottleneck, that it was designed to prevent itself from being upgraded. That is what I was responding to. That's false. Android has nothing to do with it.
Yes, manufacturers can block updates as they do with Windows phone and other mobile operating systems, but that isn't Android's fault.
Yeah, me too, the only place we use OS/2 is for the emissions test detection system code we embed in each car's computer so we can adjust engine performance during emissions testing.
Moreover, even if it does, we already have to test under IE8, IE9, IE11, Edge, Firefox, Chrome, Safari on Mac if possible, Android Chrome, and iOS Safari. What difference does one more browser make? Especially a desktop browser?
No, it's not how Android works, by design. Regular Nexus phones, that run the most Googly Androids, can be upgraded without problem. The only issue is that at some point Google itself stops producing the binaries for each model.
I might have purchased a copy of that book if there was actually an e-book version of it.
Well, you see there's your first problem. Pages 7-14 describe the clear dangers of using ebooks, where hackers can make use of common buffer overflow exploits in PDF (and other e-reader formats) renderer implementations to take over your device and use it to inject vulnerabilities into your code.
But wait, before you buy from Amazon, make sure you're aware of the advice in pages 111-191. Entering your credit card number online can result in it being intercepted by keyloggers, fake web browsers, fake proxies (your side), fake Wi-fi hubs, hacked routers, hacked servers at Amazon (web, database, etc), and even rogue employees.
And before you get your coat to go down the street to the local Barnes and Noble to order the book, are you sure that's safe? Pages 567 and 590 cover how your credit card and other details can be taken over using a simple RFID hack that many credit cards are vulnerable to. Before getting your wallet, consider, do you have cash?
And be careful to carry enough change. If you overpay the cashier for the book, you may be vulnerable to the hack detailed in pages 892 and 893, whereby the cashier gives you forged money as change, that's almost impossible to tell is forged until you try to spend it.
But that's not all, page 985 and 986 detail another vulnerability in the "Going to the store to buy the book and paying in exact change" method of online purchasing. As you leave the store, a gentleman wanders up to you asking you for a "light" (a way to ignite a cigarette, a drug popular in the 20th Century whose popularity has diminished because of health fears), but his accomplice sneaks up behind you while you're distracted, whacks you over the head, and when you come to, you'll find they've stolen the book.
In other words, be careful.
BTW, while you were reading this I employed the technique on pages 319-331, and now have your credit card and social security number. Ha ha, sucker!
...is for operating system manufacturers and cellphone makers to start making it easier to use Bluetooth tethering. No idea how bad Apple's implementation is, but I know every Android device I've used has either had non-existent support or barely functional implementations that were obviously set up and then forgotten about.
USB tethering is great when it works too, but that also seems to be rarely implemented these days.
It took several goes to determine a parsing of the title that might be technically OK - largely that the first "fine" is an action and the "second" is a description of a penalty. ie "FCC enacts another Large Fine" / "FCC Fines Another Large Amount of Money".
That said, I think the second example may not be a valid sentence either.
I appreciate Slashdot has standards, and one is "If you didn't preview, nuh nuh, even though we make it easy to submit without previewing and don't do what every other website does", but, really, the editors should change the headline.
NBC is the company that launched the Tea Party - Rick Santelli's speech on CNBC is commonly considered the precursor to its launch. I'd hardly give them a 110% Democratic rating. Even MSNBC, when it was the supposed liberal answer to Fox News, devoted its entire mornings to Joe Scarborough.
As for the others, CNN jumps on pretty much every minor scandal related to a Democrat, and if ABC has a dedicated news channel it's not one anyone watches.
Probably. This, after all, is just restating what you'd expect in any community that wants to act like, and attract, professionals.
The other thing that bothered me about the write up is that it didn't really explain how all Go users would be subject to this code of conduct (which is what it is.) From what I could see, it only says that you need to exhibit certain standards of professionalism when you're involved in working with the group responsible for steering the language.
Do many Go developers actually need to do that? I used to program in C rather a lot, I don't recall ever feeling the need to contact the ANSI C standards committee, nor did I have to make comments implying my grandmother is a technological klutz when reporting a bug in any C compiler I used.
So how, exactly, beyond knee jerk "OMG! They're telling us to act professionally! We must boycott them and dogpile Brian Kernighan on Twitter #gamergate" reactions from a certain infamous subset of the development community, is this going to make Go a "No Go"?
You know, certain characters within FOSS are infamous for their temperament and being frequently rude towards those who cross them (mentioning no names but one rhymes with Dorvalds, and another TeRaadt), and I bet if either saw a project Go was perfect for, neither would give a flying... uh, a hoot I mean, about this code of conduct. They'd just start coding.
Meh, I think this decision is childish and pathetic, but let's be realistic: Amazon does not, and will never have, a monopoly (or anything close to one) on Internet shopping. The likely effect on the number of Chromecasts sold here is minor, perhaps zero, as most people searching for Chromecasts actually want a Chromecast, and are more than aware that Google sells them. Likewise who buys an Apple product without at least checking the Apple store for pricing.
What I suspect this'll do in the long term is damage Amazon's brand, not Google or Apple's, probably with eBay - the other "we sell everything" "store" - being the big winner.
Unfortunately yes. As of now searches for Chromecast do not bring up Chromecasts. If they were allowing used sales or third party sales, there'd still be a page for it.
Amazon seems to be throwing a tantrum in this case, and I can't understand why given Chromecast could support its streaming services if Amazon would just write an app. Amazon wrote, and support, an Amazon Instant Video "app" for the f---ing Nintendo Wii yet cannot be bothered to write one for one of the most popular media streaming devices in the world?
(I don't have one, I have a Roku, but I can't help but wonder if that's next. Yeah, Amazon has actually bothered to write an app for it, but given the ease they could have done so for at least one - perhaps both - of the devices here, I'm not believing that's the reason. If they drop Roku, bye-bye Prime membership.)
True, but he said innovative, not inventive. These are not synonyms. Innovative frequently involves invention, but literally all it means is bringing a technology to people as if for the first time. The iPod would be a very major example of innovation, for example, despite every feature (except ease of use) it had being bettered by contemporary Nomads.
The early distributions did make useful Unix-like systems available to a mass audience. MINIX didn't do that. Coherent didn't do that. And SysV certainly never even tried to do that. RedHat et al deserve enormous credit for that. As does whatsisname, that guy who wrote the Linux kernel... Richard Stallman, right?;-)
Slashdot Mirror
Reality is what I quoted. You've linked to an article that spins this as good for BNSF, but doesn't actually repudiate any of what I've said.
Sure, it's good for the railcar industry, but Buffett doesn't actually own any of the railcar industry.
Oil is not a business class 1 railroads are particularly happy about. It's not high margin, and if it went away tomorrow it wouldn't affect their profits in the slightest. But it would make a whole lot of them breath easier about the safety issues.
As for your linking to an increased valuation for BH in one day - who gives a shit? Investors don't run railroads, and managements are generally terrified of speaking about what markets they don't want in public, as any perception they've done anything to kill a particular market will result in action by the STB.
(There are, to be fair, some shortlines that rely on oil revenues, but Buffett doesn't own them either.)
In fairness the Linux kernel has pretty much always been like that since they introduced modules, and in any case, RedHat is hardly the only Linux distribution to use Linux.
How would that have stifled the growth of the roads? Since when has X being a right meant Y, an alternative to X, been banned?
Freedom of the Press is a fundamental right according to many constitutions. Do any of those countries ban the Internet?
Define you and your here! How many people do you think will be hit by this who had any role whatsoever in the development or design of the standard install of the application concerned.
I think there's a lot to be concerned about here. At the very least:
- It should be easier to update a single library for a range of Java applications
- It should be easier to distribute security updates for Java applications and libraries
- Java's serialization scheme, in assuming that anything in the classpath would constitute a valid object to be deserialized, needs some rethinking.
I'm curious to know whether many/any other languages are in a similar situation. I've certainly seen some cryptic crap in the past generated by PHP that's supposed to be an implementation of something similar, but never investigated it in detail. It might be done right, which would be a miracle if it's PHP...
I'll be honest, I never fully trusted Java's serialization and always chose to design output formats instead. A lot of developer co-workers felt I was creating work for myself, and my main motivation was to have a format I (and others) could understand and debug, but - hey, understanding is half the security battle.
Oil isn't really a major earner for any railroads or a particularly high proportion of their revenues (IIRC it's less than 3%, but I can't be bothered right now to find the exact figure.) The railroads themselves aren't actually interested in the business - they carry it because they're common carriers, but from their point of view it's risky (see Lac Magentic) and a major liability with inadequate profit margins.
And, again for what little it's worth, if you open up a large map of Northern America, plot where all the recent oil disasters have been, and then the Keystone XL pipeline, you'll notice that it seems to be fairly far away from them. Why is this? Well, because crude oil trains travel the entire US. The Keystone XL would have been a tiny proportion of transported oil had it ever come to pass. So Keystone XL's rerouted oil would be a tiny percentage of an already tiny percentage of the market.
So, no, this wasn't done as a favor to Buffett, in fact he's probably unhappy with the decision, if he cares at all.
I believe you got the last letter wrong. Garrett doesn't believe Linux has unfixable shortcomings, he believes the development process (ie Linus, not Linux - though this is an unfair personalization that I'm sure he'd be troubled with) is the problem.
There's no reason to believe that he believes Linux is a worse starting point than one of the *BSDs, nor that any of the *BSDs lack the problems the Linux process has (FreeBSD's politics are legendary, as is OpenBSD's Theo De Raadt's temper.)
I'm not sure that example is much of a problem. The certificate is checked, and the user asked, before the actual HTTP request is made. The sequence is "Set up secure link, if there's a problem check with the user, if everything's OK so far send the GET or POST, header, and form data."
"Exception"? Do you even understand the words you're writing? You're arguing the Nexus series is an "Exception" to the concept that Android is "designed" to disallow upgrades?
Are you aware that the Nexus series are mobile phones? Not operating systems or distributions of Android?
Your claim is that Android, by design, prevents users from upgrading it. You're wrong. The fact Nexus users (and users of many other models of phone bundled with Android) can upgrade their phones without having to get permission from the manufacturer or Google or anyone else proves you're wrong.
Give it up.
I wasn't referring to Google approving their own updates. I was referring to the Nexus series allowing users to update their own phones. You don't need Google's permission to do so.
I hate that feature. It isn't obvious it's a link, and the equivalent location on Reddit simply lists every article ever posted to Reddit from that domain (which is completely effing useless, but as Reddit does that anyone who uses Reddit occasionally instinctively ignores a domain name that appears immediately after an article title.)
I wasn't referring to Google approving their own updates. I was referring to the Nexus series allowing users to update their own phones. You don't need Google's permission to do so.
In any case your comment was that Android was the bottleneck, that it was designed to prevent itself from being upgraded. That is what I was responding to. That's false. Android has nothing to do with it.
Yes, manufacturers can block updates as they do with Windows phone and other mobile operating systems, but that isn't Android's fault.
Don't get too excited, it probably means, like Windows 10, GNOME, and Unity, they're going to graft a hybrid tablet+desktop UI onto OS/2 as well...
Yeah, me too, the only place we use OS/2 is for the emissions test detection system code we embed in each car's computer so we can adjust engine performance during emissions testing.
Moreover, even if it does, we already have to test under IE8, IE9, IE11, Edge, Firefox, Chrome, Safari on Mac if possible, Android Chrome, and iOS Safari. What difference does one more browser make? Especially a desktop browser?
No, it's not how Android works, by design. Regular Nexus phones, that run the most Googly Androids, can be upgraded without problem. The only issue is that at some point Google itself stops producing the binaries for each model.
Well, you see there's your first problem. Pages 7-14 describe the clear dangers of using ebooks, where hackers can make use of common buffer overflow exploits in PDF (and other e-reader formats) renderer implementations to take over your device and use it to inject vulnerabilities into your code.
But wait, before you buy from Amazon, make sure you're aware of the advice in pages 111-191. Entering your credit card number online can result in it being intercepted by keyloggers, fake web browsers, fake proxies (your side), fake Wi-fi hubs, hacked routers, hacked servers at Amazon (web, database, etc), and even rogue employees.
And before you get your coat to go down the street to the local Barnes and Noble to order the book, are you sure that's safe? Pages 567 and 590 cover how your credit card and other details can be taken over using a simple RFID hack that many credit cards are vulnerable to. Before getting your wallet, consider, do you have cash?
And be careful to carry enough change. If you overpay the cashier for the book, you may be vulnerable to the hack detailed in pages 892 and 893, whereby the cashier gives you forged money as change, that's almost impossible to tell is forged until you try to spend it.
But that's not all, page 985 and 986 detail another vulnerability in the "Going to the store to buy the book and paying in exact change" method of online purchasing. As you leave the store, a gentleman wanders up to you asking you for a "light" (a way to ignite a cigarette, a drug popular in the 20th Century whose popularity has diminished because of health fears), but his accomplice sneaks up behind you while you're distracted, whacks you over the head, and when you come to, you'll find they've stolen the book.
In other words, be careful.
BTW, while you were reading this I employed the technique on pages 319-331, and now have your credit card and social security number. Ha ha, sucker!
FWIW, I never said the standards were good or well advised.
USB tethering is great when it works too, but that also seems to be rarely implemented these days.
It took several goes to determine a parsing of the title that might be technically OK - largely that the first "fine" is an action and the "second" is a description of a penalty. ie "FCC enacts another Large Fine" / "FCC Fines Another Large Amount of Money".
That said, I think the second example may not be a valid sentence either.
I appreciate Slashdot has standards, and one is "If you didn't preview, nuh nuh, even though we make it easy to submit without previewing and don't do what every other website does", but, really, the editors should change the headline.
NBC is the company that launched the Tea Party - Rick Santelli's speech on CNBC is commonly considered the precursor to its launch. I'd hardly give them a 110% Democratic rating. Even MSNBC, when it was the supposed liberal answer to Fox News, devoted its entire mornings to Joe Scarborough.
As for the others, CNN jumps on pretty much every minor scandal related to a Democrat, and if ABC has a dedicated news channel it's not one anyone watches.
Absolutely, some people pay big money to professional dominatrices for those kinds of services.
Probably. This, after all, is just restating what you'd expect in any community that wants to act like, and attract, professionals.
The other thing that bothered me about the write up is that it didn't really explain how all Go users would be subject to this code of conduct (which is what it is.) From what I could see, it only says that you need to exhibit certain standards of professionalism when you're involved in working with the group responsible for steering the language.
Do many Go developers actually need to do that? I used to program in C rather a lot, I don't recall ever feeling the need to contact the ANSI C standards committee, nor did I have to make comments implying my grandmother is a technological klutz when reporting a bug in any C compiler I used.
So how, exactly, beyond knee jerk "OMG! They're telling us to act professionally! We must boycott them and dogpile Brian Kernighan on Twitter #gamergate" reactions from a certain infamous subset of the development community, is this going to make Go a "No Go"?
You know, certain characters within FOSS are infamous for their temperament and being frequently rude towards those who cross them (mentioning no names but one rhymes with Dorvalds, and another TeRaadt), and I bet if either saw a project Go was perfect for, neither would give a flying... uh, a hoot I mean, about this code of conduct. They'd just start coding.
Which is what professionals do.
Meh, I think this decision is childish and pathetic, but let's be realistic: Amazon does not, and will never have, a monopoly (or anything close to one) on Internet shopping. The likely effect on the number of Chromecasts sold here is minor, perhaps zero, as most people searching for Chromecasts actually want a Chromecast, and are more than aware that Google sells them. Likewise who buys an Apple product without at least checking the Apple store for pricing.
What I suspect this'll do in the long term is damage Amazon's brand, not Google or Apple's, probably with eBay - the other "we sell everything" "store" - being the big winner.
Unfortunately yes. As of now searches for Chromecast do not bring up Chromecasts. If they were allowing used sales or third party sales, there'd still be a page for it.
Amazon seems to be throwing a tantrum in this case, and I can't understand why given Chromecast could support its streaming services if Amazon would just write an app. Amazon wrote, and support, an Amazon Instant Video "app" for the f---ing Nintendo Wii yet cannot be bothered to write one for one of the most popular media streaming devices in the world?
(I don't have one, I have a Roku, but I can't help but wonder if that's next. Yeah, Amazon has actually bothered to write an app for it, but given the ease they could have done so for at least one - perhaps both - of the devices here, I'm not believing that's the reason. If they drop Roku, bye-bye Prime membership.)
True, but he said innovative, not inventive. These are not synonyms. Innovative frequently involves invention, but literally all it means is bringing a technology to people as if for the first time. The iPod would be a very major example of innovation, for example, despite every feature (except ease of use) it had being bettered by contemporary Nomads.
The early distributions did make useful Unix-like systems available to a mass audience. MINIX didn't do that. Coherent didn't do that. And SysV certainly never even tried to do that. RedHat et al deserve enormous credit for that. As does whatsisname, that guy who wrote the Linux kernel... Richard Stallman, right? ;-)