That doesn't really answer my question, does it now.
I don't particularly want my email box to be killed up with KKK propaganda too but I wouldn't class "receiving email" as a security flaw.
Is it really the case that if I make my printer or some files shared, this patch undoes that configuration choice, or has the submitter left something out?
The bug may cause shared files and printers to be accessible by others on the Internet.
I'm kind of confused by this. Do they mean "The bug may cause files and printers that weren't shared to be shared, and thus accessible by others", "The bug may cause files and printers that were only accessable by network users with certain rights to actually be accessable by anyone", or do they mean "The bug may cause shared files and printers to be accessable by others on the Internet."?
If it's merely the latter, then how is that a bug? I mean, that's like saying "The bug may allow computers with "on" buttons to be powered up."
Note that Paint.NET is touted as a replacement to Windows Paint, not Photoshop. I think the guy who wrote the summary needs to understand the concept of "different application types".
Next, from the same submitter, how Word.NET replaces that ugly, horrible, "VI" tool. And can Explorer.NET vanguish the vile BASH once and for all?
The standard GUI API for POSIX-type systems is X11. You can get X11 for OS X (since 10.3 it's been bundled with it, before that it was available from a variety of sources), and OpenOffice.org will run natively on the Mac with X11.
OpenOffice.org was originally StarOffice, and written at a time when the only systems running what today is the Mac GUI were obscure NeXT workstations that hadn't been made in five years, and very small number of "whitebox" systems running NEXTSTEP or OPENSTEP. Most people had pretty much written off the platform as dying, if not dead. Virtually all POSIX systems came with X11, either having that as their native GUI or as a back-up if you needed it.
Additionally, Java was an obscure in-house project at Sun designed to control washing machines in a language that owed more to mainstream programming dynamics and with more modern features than FORTH. Certainly, if you were writing a "cross platform" application, supporting X11 for POSIX systems and Win32 for Microsoft systems, seemed reasonable.
OpenOffice.org is a legacy system. It's easy to claim it should have been done in Java to begin with, but the fact is, it wasn't, it came out at around the same time as HotJava (most people's first exposure to the Java system), and it's not as if Java was "right out of the box" to begin with. Just ask Corel.
It's also easy to claim that the underlying GUI wrappers should have been more modular and better designed. That I'd agree with, but knowing the culture in the mid-nineties, it doesn't surprise me, indeed it surprises me they went to the extent that they did.
A rewrite might be in order, but bear in mind that a rewrite is just that - throwing the code away and starting afresh. There's no difference between a rewrite and an entirely new project, especially in the FOSS worlds where it's easy to grab code from other projects to do whatever it is you want done.
Right now, OpenOffice.org is probably the most full featured office suite available in the FOSS worlds. It needs some work to make it also the most comfortable platform, but the solution may lie in others.
Why not have a real decimal day. Eg we go to work at 0.35, and come home at 0.7?
Strikes me as more logical than dividing the day into ten (an arbitrary figure) or twenty four (an equally arbitrary figure) equally sized units. Works well if you want to show the time in different bases too...
I think that would be a good idea. Indeed, I think that anyone buying software "protected" by an EULA (at least, one that has to be agreed to in order to use the product - I recently installed an id game that didn't actually need any agreement, though that may not have been by design) should be required to read the EULA, confirm they have and that they understandi certain key provisions by taking a test (questions to be selected from a list at random), and the shop should have an independent lawyer available at the checkout to answer any questions should the potential customer have any.
"But nobody will go through that!" I pretend to hear you say. Nah, people will if the product is worth it. But for the vast majority of products, the EULAs bundled with them are superfluous, imposed not because of any legal need but to emphasize to the potential customer that they're buying something copyrighted that can't be blindly copied.
"But if they agree to something without reading it it's their own damned fault, why should everyone else be punished?" I also pretend to hear you say. Well, hang on a moment, it's not punishment because it's essentially what you should have done (minus the test, which would maybe add 30 seconds to the buying process time) anyway. The only people "punished" in the above scenario are those who wouldn't do it otherwise and, for whatever reason, feel they should be able to not to.
Ultimately, a regime in which everyone does as they're supposed to will make software companies think twice about actually continuing with EULAs as a component of software as standard as a jewel case and a registration card. An EULA, if treated properly by a customer, is a hassle for that customer. Software companies feel they can impose them precisely because they believe they will not be taken seriously, that customers will not read them or understand them.
You certainly don't have to load emacs from fink (or anywhere else), it comes installed as a part of OS X.
From a terminal window just now:
Last login: Mon Dec 20 08:29:19 on ttyp4 Welcome to Darwin! $ which emacs /usr/bin/emacs $
You probably have to make the so-called BSD Subsystem a part of your install, but that's installed by default anyway (I have no idea if the sub-BSD-Subsystem that gets installed anyway whether you install the BSD Subsystem or not includes it)
Despite the garbled English, the intent of the grandparent is perfectly clear, and he is correct.
Indeed, the situation is worse than that. If you download a.sit or.zip using Safari in its default settings, the archive will, just as a disk image is automatically mounted, be automatically extracted. The design of OS X means that any applications within that archive will be automatically registered with the system the moment they're unpacked. (By "registered", not a Mac term BTW, I mean the application, normally, will be runnable from whereever it is, and will be associated with any file types it describes itself as supporting, including, in some circumstances, immediately becoming the default for that file type.)
Still think OS X is more secure by design than Windows? It isn't. In every way, it either is as bad as, or worse, than Windows is, in design terms. Right now the only reasons Mac users aren't being hammered are that there aren't enough Macs out there to make a viable email/etc virus or worm, and that nobody's made the effort.
Please, for fuck's sake, quit it with the "OS X is more secure by design". The more people repeat this, the more likely it is that someone will exploit it's weaknesses, and the less likely it is that Apple will fix them before such exploits occur.
False. In both the academia and business worlds many of the folks who insist on this access are sales, customer service, support (business, admin assistants, etc), and administrative (again, business-related) staff who's "...home computer has never crashed...and never had any problems with full access...". In my experience, most of them where never able to present a valid case for access, and were rejected outright.
Bullshit. Frankly, if you were a system administrator working for me, I'd fire you outright right now as, on the basis of what you've said, you're clearly too arrogant and incompetent to do a capable job.
The fact that many of the people who insist on access know less than they think they do does not mean everyone who insists on this access doesn't know what they're doing. Further, my point at the time was about the fact that, ignoring the validity of their requests, many of the people who ask for access actually do know what they're doing. This was in the context of someone arguing that system administrators should flat out lie to them about the consequences of those administrator's security policies.
We live in a world in which a sizable proportion of the population have PCs, and administer them themselves, and know more than a little bit about computing. They may not be the best people suited to administer them, but that doesn't mean you blow people off claiming "bugs" in products that actually function correctly except that some dumb virus scanner or port blocker prevents that. Many people I wouldn't trust to operate an air conditioner know enough to know when they're being lied to.
For those very few remaining folks who show enough competency and can make a good case for the request. They are granted additional access. They understand that when what they have breaks, they get to keep both pieces - any repairs are going to be at the bottom for the priority list, and yes they do scream loudly when reminded of that fact. Though we maintain: Since they "know enough" and IT is already understaffed and overloaded, they're assisted but expected largely to resolve issues on their own. When it comes to only having enough resources to help the secretary resolve an issue vs the power-user trying to do something, the secretary wins hands down.
Welcome to the real world...
And further, you even acknowledge your comment "False" was, actually, false, even using the out-of-context context you were replying to. Indeed, there are many people capable of maintaining their own systems, who have a need to, and who will not protest too loudly if their systems break.
Your final sentence is tremendously ironic. There's the real world, comprised of many different people doing different jobs with different levels of skill requiring different technologies to get their jobs done. And then there's the classic system administrator world who believes that virtually everyone can be squeezed into a single category of system. For them, the Windows PC exists for its own sake, it is a device capable of anything, even when running a limited list of "approved" software. That, my friend, is not the real world. That's the world employees of most major organizations have to deal with on a day to day level, and it's a world of inefficiencies, outages, and, yes, security problems. It's a world of security problems because it inevitably doesn't work - people go around the system, with or without the permission of their admins, and the system isn't designed to cope with people going around it.
Nor is the real world to hamper people in what they do and then complain afterwards that those people are taking up too much of your time and they should fix the issues because, hey, it was their fault.
So you get email viruses, and spyware, and all the other junk, because sysadmins tried to get the people they should have been working for to fit into a tight little box, and the boxes broke. And again, when the
I think the flaw in the system is that in order to prove that the conversation is genuine during while the conversation is taking place, the original disposable key has to be signed by the parties involved. That proves that the original key came from the person being investigated, and, as you say, "proved that (the person) created a plausible deniability capable link."
There's also an element of cleverness (in the bad sense of the word, of the "Why don't we define my car's key as an Access Control Mechanism so that I can prosecute car thieves under the DMCA!" variety) here that I think needs to be addressed.
Most law enforcement groups are not interested, initially, in what they're going to show in court. They're interested in actually finding the person involved so they can build a case against them. This system only prevents evidence gathered from being used in court, and then only half heartedly. The police can use the evidence in court with the simple addition of a court official such as a lawyer. This person can circumvent the system quite easily: monitor the entire conversation from start to finish while it's occuring, and then swear that the conversation, when presented to the jury, is authentic in court. Anything learned about the conversation and from the conversation is therefore admissable evidence. Anyone stupid enough to use this procedure without other safeguards:
Can expect to immediately be targetted by law enforcement simply because they've made an effort to look guilty of something. The only way of getting around this is to make such processes standard practice, ie build it into the successor to UMTS or something - which is not going to happen. Using a system like this is like phoning the police and saying "It's Rocky here, yeah, yeah, think you know who did the Beverly Hills job? Well I'm not going down for that, yeah, yeah, you got nuffin on me see? Nuffin, you'll never catch me copper, yeah, yeah, I'm not never goin' down for that one, see?"
Can expect to have any clues in their messages investigated by law enforcement. So you're not confessing to a robbery, you're planning one. Or you're planning a big protest. Or whatever. And the law's going to sit idly by because the cop who listened in can't prove mathematically he or she heard what they claim to have heard?
Will risk confessions being witnessed and decoded, as described above.
Ultimately this system is simply too impractical and too weak to achieve anything useful.
No. Look, in the REAL WORLD system administrators are not doing what I'm suggesting. On the rare occasion they get close, they really do not have the problems you and the AC are talking about.
Most of the system administrators at my employer trust most of the programmers and provide them with administrator rights on the specific understanding that the policies I described above are in place. It works. When our (programmers) PCs are screwed up (which doesn't happen often), WE fix them, or at worst we ask our admins to do a reinstall. The admins are not blamed.
Most system administrators I've come across outside of my employer want to have their cake and eat it. They impose draconian restrictions on what people can do, that usually break things, lie about problems caused by those restrictions, and then complain when they open some hole somewhere to allow someone to do their job, that person's PC breaks, and the person goes to their boss because - after asking for nothing but a fix - the admins aren't willing to do that.
Admins work for users, not vice versa. They need to recognize that in the real world, there are different types of user, they have different needs, and security policies are as much about protecting users from each other as from themselves and the outside world. Right now sysadmins do not recognize that, they want crude, simple, networks, with no security in the networks, and all the security on standardized, Windows-running, PCs, regardless of the consequences. It's the same mentality that forces corporations to "standardize" on one platform - it's not just the PHBs who push for that you know.
Anyone who "wants their PC fixed" if it's unmanaged, and the fix is because of viruses or worms or whatever, gets one option: a format and an operating system reinstall, with the latest Ad-Aware/etc tools installed. That's not being mean, because most of the time that's all they want.
If someone has opted for self-administration, and they need help, it should be made plain to them that's the level of help they'll get if they choose self-administration. Give them the choice.
The only reason people appear to be contradictory in current work environments, wanting the control but not the responsibility, is because currently most system administrators do not want to give them either, and aren't willing to create systems that give users that control and responsibility.
Isn't that what getting fired is? The company deciding your work isn't worth the money you get?
No. When you get fired, they're obliged to pay you for the work you've already done.
If the topic up for discussion was watching a Tom Cruise movie at the theater, hating it, and deciding you're never going to Tom Cruise movie again, your comment would kind of been relevent. But in this case the topic up for discussion is watching the Tom Cruise movie without paying for it.
I'll admit, I only read the first few paragraphs of that long-winded clap-trap of corporate apology
That would probably explain why you failed to understand it ("long-winded clap-trap of corporate apology" and why you didn't answer any of the points he raised in any reasonable way.
As far as Le Guin goes, if she's a fantasy author, I'm not sure she qualifies as science fiction at all. I'
Please ignore this. I misread the grandparent's comment. I didn't realise he meant that Le Guin had written both science fiction and fantasy. My apologies.
As I've always understood it, science fiction generally means fiction based upon science and/or science fiction (explanation follows.)
There's hard and soft science fiction. Hard science fiction is SF based upon real science, where the author has attempted to make the physics of the piece's universe make sense and be internally consistant. There can be errors, there usually are, but they're almost never dependent upon the author being deliberately disengenious. Hard science fiction consists of everything from most of the works of Arthur C. Clarke to... well, believe it or not, The Hitchhiker's Guide to the Galaxy, which makes an honest if tongue in cheek attempt to base itself upon current theories of partical physics. Remember all that stuff about infinite improbability drives? That was based on real science Douglas Adams had been following.
"Soft" science fiction is comprised of stuff that looks a bit like science fiction but for which there's been no real attempt to make it sound, and where there's no desire on the part of the author to explain anything scientific. That's where the "based upon science fiction" bit in the above comes from. Star Wars is an obvious example, it's all mythology in space, but Lucas never, for a second, was trying to explain the consequences of anything real.
As far as Le Guin goes, if she's a fantasy author, I'm not sure she qualifies as science fiction at all. I've never really understood how something that has nothing remotely about science can be described as "science fiction". The books are lumped together, and tend to appear in book stores under the heading "Science fiction/fantasy", which isn't to imply fantasy is science fiction, but to suggest that the two, non-overlapping, fields of fantasy and science fiction, are in the same place, presumably because the bookstore owner feels that people interested in one are almost certainly interested in the other too.
For a similar, unlikely, pairing, take a look at the equivalent DVD racks, where science fiction and horror are usually combined into one area. Why? Probably the monsters.
Some authors, of course, pander to this and write stories that appeal to both groups. I know Kim Stanley Robinson's done a "fantasy" novel, though he's far more famous for his (hard) science fiction (note again: hard doesn't mean every detail is correct. Attaching a windmill to a blimp is not going to power that blimp...)
As far as "sci fi" goes, it's hard to come up with a consensus on what it means. There's a view that it applies to everything, hard and soft, because it's essentially an abbreviation that the public uses to describe everything about space ships and the future and monsters. But likewise, there's also an opinion that the very fact it encompasses so many crap elements of the art means that it's a derogatory term. If you Google a little bit, you'll find a few thousand essays on people who feel very, very, strongly about the issue.
Usually the same people have written essays expressing their opinion on whether "anal retentive" should be hyphenated or not. Go figure.
No, it's not the same concept as the ATM. In the ATM's case, there's no attempt to hide what's going on, it's no big secret, and the entire idea is to protect the person who's using the card (or who they're claiming to be) (assuming they're the person that should be using the card.)
There's no connection between that and the Post Office example. Oh sure, you've come up with justifications (as I said, this has implications both good and bad), but it's secret, and the primary intent is not to protect the person the user is claiming to be.
When something breaks, blame it on "a bug" and quietly back-off the restriction until you can figure out what/why something happened.
I've seen sysadmins do this before.
The problem is that many of the people who are asking for more administrative control over their own machines do, actually, know what they're doing. While it's certainly true that a lot of people who do not know what they're doing want administrative privileges over their PCs, it's equally true that almost everyone who knows their machines, who's familiar with proper security, who knows what Central Services isn't covering, and who finds their "security systems" get in the way, wants administrative privileges too.
And when you lie to that group, they know it.
My advice to the average central administrator is to find solutions to problems instead of lying about them or turning into a control freak. People generally want control over their own machines, so it's important to give them that control.
Decentralize the network. Allow teams limited access to the network in return for complete control over their own machines. Manage a handful of central servers that provide certain services to everyone, but rarely need a password of the type that would have to be shared with others. If people are sharing passwords, find out why and provide alternatives (many modern email systems, for example, allow people to authorize each other to be able to look at each other's mailboxes, Exchange does, for instance. That's a common reason in academia to share passwords. Show them how. I've yet to come across a sysadmin who does this.)
Firewall teams from each other.
Provide the option of managing people's PCs if they want it, but if so the whole team's PCs are managed, not just their's. If they still want unmanaged PCs, provide an additional subnetwork that's firewalled off, just as their's is.
Anyone who "wants their PC fixed" if it's unmanaged, and the fix is because of viruses or worms or whatever, gets one option: a format and an operating system reinstall, with the latest Ad-Aware/etc tools installed. That's not being mean, because most of the time that's all they want.
The critical problem is that most organizations have one network and connect everything to it. There's little reason to do this. Be flexible, the people you work for have different jobs. They're not identical drones, don't treat them as drones.
It's the guys on the left with their bigger government/control everything mentality who should be happy about this.
No, this is one of those artificial left/right divides that has no roots in reality but libertarian rightists repeat ad-nausium to try to pretend there's some kind of moral high ground in helping the religious nuts and states-righters gain power.
The left generally keeps out of people's private lives, but has a record of getting more involved in limiting the rights of organizations - businesses, etc. The right generally does have a record of interfering in people's private lives, proposing laws on sex, on what you do with your bodies, proposing funding for imposing a set of beliefs on people, etc, but is more liberal when it comes to the rights of organizations (except trade unions, they *hate* trade unions.)
When the left talks about systems to enlarge government, it tends to do so about replacing corrupt private groups with accountable public bodies (it may be flawed in doing so, but that's the mentality), rarely about making individuals change their private behaviour. When the right talks about systems to enlarge government, it tends to talk about more draconian penalties for breaking laws, about passing morality laws, and about making security more intrusive and bureaucratic.
When most on the left talk about reducing government, they talk about giving individuals rights. When the right in America talks about reducing government, they usually talk about giving regional bodies such as the States more rights, simply transfering rights from one government to another, in some cases giving those governments more extreme rights than the national government had. The perfect government for a left winger provides social security (pensions, welfare, possibly healthcare), a public, accountable, infrastructure, and some semblance of security and law and order, on a national or international level. The perfect government for the right provides military security on a national level, and draconian neo-fascist religion-imposing governments on a State level. I know which I'd prefer.
And yes, I'm aware there are those on the left who occasionally stray in to the territory of the right, but there equal numbers who do vice versa.
Always amuses me to hear right wingers pretend to be "pro-liberty". Kind of like the Confederate States didn't go to war over slavery, oh no, they were "pro-States Rights". No they *@$%ing weren't, they were panicing because a law they'd imposed on free states forcing free states to return escaped slaves was about to be overturned, a probable harbringer for an eventual end to slavery. What the hell was "pro-States Rights" about that?
I don't think many people are consciously aware that the CCTV systems in stores are generally recorded. Yes, on a technical level, they probably know, but it's not something they think about. The mental picture most of us have seeing a CCTV camera is of a bank of monitors somewhere in the building being watched by a security guard.
As far as the ATM example goes, that's different. We know that the ATM is taking pictures to protect us. It's the bank's security system implemented on our behalf. It means if someone steals our card and uses it, there's a greater chance of catching the culprit.
The Post Office situation is a little bit wierd. We've never had a system that guarantees a picture of the sender will be associated with a particular bit of mail, still more that the sender would be unaware of this. It has implications, good and bad. It's a little disconcerting the implementers were so secretive about it that it required a FOIA request to get the information.
If the Earth is threatened by a giant meteor, Planet X, Emperor Ming's Weather Ray, or what have you, then by going on vacation, we end up being safe. Why? Because Luna is now a giant vacation resort. So if we go on vacation, we end up on the moon, out of harm's way. The Earth then suffers whatever it has to suffer, and we then go back and clear up the mess.
A bit like what we all had to do in Florida a few months ago. We all left, the hurricanes destroyed our homes, and we came back and fixed everything.
If I notice that Sears is selling tires for less then they're worth, am I obligated to buy something else while I'm at the store to make sure Sears stays in business?
No, but I'm not sure I follow you. The argument is that you have a product, you should at least pay something towards its production (something current copyright laws attempt to compell people to do, and the fundamental argument for copyright.) That's all. In media, as long as you're paying more than the cost of the raw materials for the media, you're contributing in some way.
Note, I didn't even phrase my argument to be as extreme as current copyright laws are. I just said the point at which it becomes morally dubious is if you don't pay anything towards the production (of course, that payment may be by proxy if the producer's choice is to give it away free, but in simple terms, if I make use of an ordinary movie funded under the usual model of selling at theaters and then on DVDs etc, and finally on TV, then I think it's reasonable that somewhere along the line I should have bought something - a cinema ticket, a DVD, until it goes on TV at least.)
The Sears example suffers from several flaws. First, by buying the tire, you are contributing directly, and indirectly as Sears is contributing to you by proxy and wants to do so.) Secondly, it's a rare occurance in the movie world that paying money doesn't help pay in some way, directly or indirectly.
Copyright law has some injustices. You ought to have more rights to use content you've paid towards. The timescales involved are currently absurd. But neither really are addressed by those who want to take stuff produced in the last few years, rip it, and distribute it to millions of strangers so that they do not have to contribute a penny to the material's production.
Since those who want the law enforced have yet to demonstrate that movies, music, books, etc cannot still be made if file trading continues-- at least, not justified it by way of anything except fabricated statistics-- I don't see why this is needed.
Given those who flout the law rarely give reasons to show how the arguments in favour of copyright are "flawed", I don't see how you can argue that. Who, exactly, has shown where the tens of millions of dollars for an average movie of the type freeloaders copy are supposed to come from (and most "low budget" movies like Reservoir Dogs or Brazil usually come in at around the $5-10M mark) if not shared amongst users of the content?
Waving a hand and saying "The statistics/arguments/etc you're using are bogus" doesn't make them so. If they're bogus, or based on faith, it should be very easy to show. So far, all I see is handwaiving about entirely seperate arguments made by the RIAA or whatever concering the amount of money illegal copies lose the industry. While that's nice, and the RIAA and MPAA are fundamentally dishonest, this doesn't exactly mean that anything affecting the legitimacy of copyright itself has actually been debunked, it just means that just as there are slimeballs on the anti-copyright front, there are those on the pro-copyright side likewise.
But, if you're saying it can be done, show it. My favourite movie of all time is Terry Gilliam's Brazil, and it's low budget. Can you get a film of similar quality made for me, that can be distributed for free?
If you can't and it has something to do with copyright laws as they stand, then can you let me know how they can be reformed so you can do this? And can you show me how those reforms are better than what we have today?
The last time I asked this question, the response was that removing the ability to fund movie making was a price worth paying if copyrights were abolished. I hope you have a better answer, because from where I stand, it isn't.
You don't think that having a huge vacation resort in orbit around the Earth, with theme parks and man-made oceans (read: no Great White Sharks, but lots of good diving), and Earth-like gravity so even old people can go there, would be a good thing?
I don't particularly want my email box to be killed up with KKK propaganda too but I wouldn't class "receiving email" as a security flaw.
Is it really the case that if I make my printer or some files shared, this patch undoes that configuration choice, or has the submitter left something out?
If it's merely the latter, then how is that a bug? I mean, that's like saying "The bug may allow computers with "on" buttons to be powered up."
Next, from the same submitter, how Word.NET replaces that ugly, horrible, "VI" tool. And can Explorer.NET vanguish the vile BASH once and for all?
The standard GUI API for POSIX-type systems is X11. You can get X11 for OS X (since 10.3 it's been bundled with it, before that it was available from a variety of sources), and OpenOffice.org will run natively on the Mac with X11.
OpenOffice.org was originally StarOffice, and written at a time when the only systems running what today is the Mac GUI were obscure NeXT workstations that hadn't been made in five years, and very small number of "whitebox" systems running NEXTSTEP or OPENSTEP. Most people had pretty much written off the platform as dying, if not dead. Virtually all POSIX systems came with X11, either having that as their native GUI or as a back-up if you needed it.
Additionally, Java was an obscure in-house project at Sun designed to control washing machines in a language that owed more to mainstream programming dynamics and with more modern features than FORTH. Certainly, if you were writing a "cross platform" application, supporting X11 for POSIX systems and Win32 for Microsoft systems, seemed reasonable.
OpenOffice.org is a legacy system. It's easy to claim it should have been done in Java to begin with, but the fact is, it wasn't, it came out at around the same time as HotJava (most people's first exposure to the Java system), and it's not as if Java was "right out of the box" to begin with. Just ask Corel.
It's also easy to claim that the underlying GUI wrappers should have been more modular and better designed. That I'd agree with, but knowing the culture in the mid-nineties, it doesn't surprise me, indeed it surprises me they went to the extent that they did.
A rewrite might be in order, but bear in mind that a rewrite is just that - throwing the code away and starting afresh. There's no difference between a rewrite and an entirely new project, especially in the FOSS worlds where it's easy to grab code from other projects to do whatever it is you want done.
Right now, OpenOffice.org is probably the most full featured office suite available in the FOSS worlds. It needs some work to make it also the most comfortable platform, but the solution may lie in others.
Strikes me as more logical than dividing the day into ten (an arbitrary figure) or twenty four (an equally arbitrary figure) equally sized units. Works well if you want to show the time in different bases too...
"But nobody will go through that!" I pretend to hear you say. Nah, people will if the product is worth it. But for the vast majority of products, the EULAs bundled with them are superfluous, imposed not because of any legal need but to emphasize to the potential customer that they're buying something copyrighted that can't be blindly copied.
"But if they agree to something without reading it it's their own damned fault, why should everyone else be punished?" I also pretend to hear you say. Well, hang on a moment, it's not punishment because it's essentially what you should have done (minus the test, which would maybe add 30 seconds to the buying process time) anyway. The only people "punished" in the above scenario are those who wouldn't do it otherwise and, for whatever reason, feel they should be able to not to.
Ultimately, a regime in which everyone does as they're supposed to will make software companies think twice about actually continuing with EULAs as a component of software as standard as a jewel case and a registration card. An EULA, if treated properly by a customer, is a hassle for that customer. Software companies feel they can impose them precisely because they believe they will not be taken seriously, that customers will not read them or understand them.
From a terminal window just now:
You probably have to make the so-called BSD Subsystem a part of your install, but that's installed by default anyway (I have no idea if the sub-BSD-Subsystem that gets installed anyway whether you install the BSD Subsystem or not includes it)Indeed, the situation is worse than that. If you download a .sit or .zip using Safari in its default settings, the archive will, just as a disk image is automatically mounted, be automatically extracted. The design of OS X means that any applications within that archive will be automatically registered with the system the moment they're unpacked. (By "registered", not a Mac term BTW, I mean the application, normally, will be runnable from whereever it is, and will be associated with any file types it describes itself as supporting, including, in some circumstances, immediately becoming the default for that file type.)
Still think OS X is more secure by design than Windows? It isn't. In every way, it either is as bad as, or worse, than Windows is, in design terms. Right now the only reasons Mac users aren't being hammered are that there aren't enough Macs out there to make a viable email/etc virus or worm, and that nobody's made the effort.
Please, for fuck's sake, quit it with the "OS X is more secure by design". The more people repeat this, the more likely it is that someone will exploit it's weaknesses, and the less likely it is that Apple will fix them before such exploits occur.
Bullshit. Frankly, if you were a system administrator working for me, I'd fire you outright right now as, on the basis of what you've said, you're clearly too arrogant and incompetent to do a capable job.
The fact that many of the people who insist on access know less than they think they do does not mean everyone who insists on this access doesn't know what they're doing. Further, my point at the time was about the fact that, ignoring the validity of their requests, many of the people who ask for access actually do know what they're doing. This was in the context of someone arguing that system administrators should flat out lie to them about the consequences of those administrator's security policies.
We live in a world in which a sizable proportion of the population have PCs, and administer them themselves, and know more than a little bit about computing. They may not be the best people suited to administer them, but that doesn't mean you blow people off claiming "bugs" in products that actually function correctly except that some dumb virus scanner or port blocker prevents that. Many people I wouldn't trust to operate an air conditioner know enough to know when they're being lied to.
And further, you even acknowledge your comment "False" was, actually, false, even using the out-of-context context you were replying to. Indeed, there are many people capable of maintaining their own systems, who have a need to, and who will not protest too loudly if their systems break.
Your final sentence is tremendously ironic. There's the real world, comprised of many different people doing different jobs with different levels of skill requiring different technologies to get their jobs done. And then there's the classic system administrator world who believes that virtually everyone can be squeezed into a single category of system. For them, the Windows PC exists for its own sake, it is a device capable of anything, even when running a limited list of "approved" software. That, my friend, is not the real world. That's the world employees of most major organizations have to deal with on a day to day level, and it's a world of inefficiencies, outages, and, yes, security problems. It's a world of security problems because it inevitably doesn't work - people go around the system, with or without the permission of their admins, and the system isn't designed to cope with people going around it.
Nor is the real world to hamper people in what they do and then complain afterwards that those people are taking up too much of your time and they should fix the issues because, hey, it was their fault.
So you get email viruses, and spyware, and all the other junk, because sysadmins tried to get the people they should have been working for to fit into a tight little box, and the boxes broke. And again, when the
There's also an element of cleverness (in the bad sense of the word, of the "Why don't we define my car's key as an Access Control Mechanism so that I can prosecute car thieves under the DMCA!" variety) here that I think needs to be addressed.
Most law enforcement groups are not interested, initially, in what they're going to show in court. They're interested in actually finding the person involved so they can build a case against them. This system only prevents evidence gathered from being used in court, and then only half heartedly. The police can use the evidence in court with the simple addition of a court official such as a lawyer. This person can circumvent the system quite easily: monitor the entire conversation from start to finish while it's occuring, and then swear that the conversation, when presented to the jury, is authentic in court. Anything learned about the conversation and from the conversation is therefore admissable evidence. Anyone stupid enough to use this procedure without other safeguards:
- Can expect to immediately be targetted by law enforcement simply because they've made an effort to look guilty of something. The only way of getting around this is to make such processes standard practice, ie build it into the successor to UMTS or something - which is not going to happen. Using a system like this is like phoning the police and saying "It's Rocky here, yeah, yeah, think you know who did the Beverly Hills job? Well I'm not going down for that, yeah, yeah, you got nuffin on me see? Nuffin, you'll never catch me copper, yeah, yeah, I'm not never goin' down for that one, see?"
- Can expect to have any clues in their messages investigated by law enforcement. So you're not confessing to a robbery, you're planning one. Or you're planning a big protest. Or whatever. And the law's going to sit idly by because the cop who listened in can't prove mathematically he or she heard what they claim to have heard?
- Will risk confessions being witnessed and decoded, as described above.
Ultimately this system is simply too impractical and too weak to achieve anything useful.Damn it!
Most of the system administrators at my employer trust most of the programmers and provide them with administrator rights on the specific understanding that the policies I described above are in place. It works. When our (programmers) PCs are screwed up (which doesn't happen often), WE fix them, or at worst we ask our admins to do a reinstall. The admins are not blamed.
Most system administrators I've come across outside of my employer want to have their cake and eat it. They impose draconian restrictions on what people can do, that usually break things, lie about problems caused by those restrictions, and then complain when they open some hole somewhere to allow someone to do their job, that person's PC breaks, and the person goes to their boss because - after asking for nothing but a fix - the admins aren't willing to do that.
Admins work for users, not vice versa. They need to recognize that in the real world, there are different types of user, they have different needs, and security policies are as much about protecting users from each other as from themselves and the outside world. Right now sysadmins do not recognize that, they want crude, simple, networks, with no security in the networks, and all the security on standardized, Windows-running, PCs, regardless of the consequences. It's the same mentality that forces corporations to "standardize" on one platform - it's not just the PHBs who push for that you know.
The only reason people appear to be contradictory in current work environments, wanting the control but not the responsibility, is because currently most system administrators do not want to give them either, and aren't willing to create systems that give users that control and responsibility.
If the topic up for discussion was watching a Tom Cruise movie at the theater, hating it, and deciding you're never going to Tom Cruise movie again, your comment would kind of been relevent. But in this case the topic up for discussion is watching the Tom Cruise movie without paying for it.
There's hard and soft science fiction. Hard science fiction is SF based upon real science, where the author has attempted to make the physics of the piece's universe make sense and be internally consistant. There can be errors, there usually are, but they're almost never dependent upon the author being deliberately disengenious. Hard science fiction consists of everything from most of the works of Arthur C. Clarke to... well, believe it or not, The Hitchhiker's Guide to the Galaxy, which makes an honest if tongue in cheek attempt to base itself upon current theories of partical physics. Remember all that stuff about infinite improbability drives? That was based on real science Douglas Adams had been following.
"Soft" science fiction is comprised of stuff that looks a bit like science fiction but for which there's been no real attempt to make it sound, and where there's no desire on the part of the author to explain anything scientific. That's where the "based upon science fiction" bit in the above comes from. Star Wars is an obvious example, it's all mythology in space, but Lucas never, for a second, was trying to explain the consequences of anything real.
As far as Le Guin goes, if she's a fantasy author, I'm not sure she qualifies as science fiction at all. I've never really understood how something that has nothing remotely about science can be described as "science fiction". The books are lumped together, and tend to appear in book stores under the heading "Science fiction/fantasy", which isn't to imply fantasy is science fiction, but to suggest that the two, non-overlapping, fields of fantasy and science fiction, are in the same place, presumably because the bookstore owner feels that people interested in one are almost certainly interested in the other too.
For a similar, unlikely, pairing, take a look at the equivalent DVD racks, where science fiction and horror are usually combined into one area. Why? Probably the monsters.
Some authors, of course, pander to this and write stories that appeal to both groups. I know Kim Stanley Robinson's done a "fantasy" novel, though he's far more famous for his (hard) science fiction (note again: hard doesn't mean every detail is correct. Attaching a windmill to a blimp is not going to power that blimp...)
As far as "sci fi" goes, it's hard to come up with a consensus on what it means. There's a view that it applies to everything, hard and soft, because it's essentially an abbreviation that the public uses to describe everything about space ships and the future and monsters. But likewise, there's also an opinion that the very fact it encompasses so many crap elements of the art means that it's a derogatory term. If you Google a little bit, you'll find a few thousand essays on people who feel very, very, strongly about the issue.
Usually the same people have written essays expressing their opinion on whether "anal retentive" should be hyphenated or not. Go figure.
There's no connection between that and the Post Office example. Oh sure, you've come up with justifications (as I said, this has implications both good and bad), but it's secret, and the primary intent is not to protect the person the user is claiming to be.
The problem is that many of the people who are asking for more administrative control over their own machines do, actually, know what they're doing. While it's certainly true that a lot of people who do not know what they're doing want administrative privileges over their PCs, it's equally true that almost everyone who knows their machines, who's familiar with proper security, who knows what Central Services isn't covering, and who finds their "security systems" get in the way, wants administrative privileges too.
And when you lie to that group, they know it.
My advice to the average central administrator is to find solutions to problems instead of lying about them or turning into a control freak. People generally want control over their own machines, so it's important to give them that control.
Decentralize the network. Allow teams limited access to the network in return for complete control over their own machines. Manage a handful of central servers that provide certain services to everyone, but rarely need a password of the type that would have to be shared with others. If people are sharing passwords, find out why and provide alternatives (many modern email systems, for example, allow people to authorize each other to be able to look at each other's mailboxes, Exchange does, for instance. That's a common reason in academia to share passwords. Show them how. I've yet to come across a sysadmin who does this.)
Firewall teams from each other.
Provide the option of managing people's PCs if they want it, but if so the whole team's PCs are managed, not just their's. If they still want unmanaged PCs, provide an additional subnetwork that's firewalled off, just as their's is.
Anyone who "wants their PC fixed" if it's unmanaged, and the fix is because of viruses or worms or whatever, gets one option: a format and an operating system reinstall, with the latest Ad-Aware/etc tools installed. That's not being mean, because most of the time that's all they want.
The critical problem is that most organizations have one network and connect everything to it. There's little reason to do this. Be flexible, the people you work for have different jobs. They're not identical drones, don't treat them as drones.
The left generally keeps out of people's private lives, but has a record of getting more involved in limiting the rights of organizations - businesses, etc. The right generally does have a record of interfering in people's private lives, proposing laws on sex, on what you do with your bodies, proposing funding for imposing a set of beliefs on people, etc, but is more liberal when it comes to the rights of organizations (except trade unions, they *hate* trade unions.)
When the left talks about systems to enlarge government, it tends to do so about replacing corrupt private groups with accountable public bodies (it may be flawed in doing so, but that's the mentality), rarely about making individuals change their private behaviour. When the right talks about systems to enlarge government, it tends to talk about more draconian penalties for breaking laws, about passing morality laws, and about making security more intrusive and bureaucratic.
When most on the left talk about reducing government, they talk about giving individuals rights. When the right in America talks about reducing government, they usually talk about giving regional bodies such as the States more rights, simply transfering rights from one government to another, in some cases giving those governments more extreme rights than the national government had. The perfect government for a left winger provides social security (pensions, welfare, possibly healthcare), a public, accountable, infrastructure, and some semblance of security and law and order, on a national or international level. The perfect government for the right provides military security on a national level, and draconian neo-fascist religion-imposing governments on a State level. I know which I'd prefer.
And yes, I'm aware there are those on the left who occasionally stray in to the territory of the right, but there equal numbers who do vice versa.
Always amuses me to hear right wingers pretend to be "pro-liberty". Kind of like the Confederate States didn't go to war over slavery, oh no, they were "pro-States Rights". No they *@$%ing weren't, they were panicing because a law they'd imposed on free states forcing free states to return escaped slaves was about to be overturned, a probable harbringer for an eventual end to slavery. What the hell was "pro-States Rights" about that?
As far as the ATM example goes, that's different. We know that the ATM is taking pictures to protect us. It's the bank's security system implemented on our behalf. It means if someone steals our card and uses it, there's a greater chance of catching the culprit.
The Post Office situation is a little bit wierd. We've never had a system that guarantees a picture of the sender will be associated with a particular bit of mail, still more that the sender would be unaware of this. It has implications, good and bad. It's a little disconcerting the implementers were so secretive about it that it required a FOIA request to get the information.
A bit like what we all had to do in Florida a few months ago. We all left, the hurricanes destroyed our homes, and we came back and fixed everything.
It's kind of like that.
Note, I didn't even phrase my argument to be as extreme as current copyright laws are. I just said the point at which it becomes morally dubious is if you don't pay anything towards the production (of course, that payment may be by proxy if the producer's choice is to give it away free, but in simple terms, if I make use of an ordinary movie funded under the usual model of selling at theaters and then on DVDs etc, and finally on TV, then I think it's reasonable that somewhere along the line I should have bought something - a cinema ticket, a DVD, until it goes on TV at least.)
The Sears example suffers from several flaws. First, by buying the tire, you are contributing directly, and indirectly as Sears is contributing to you by proxy and wants to do so.) Secondly, it's a rare occurance in the movie world that paying money doesn't help pay in some way, directly or indirectly.
Copyright law has some injustices. You ought to have more rights to use content you've paid towards. The timescales involved are currently absurd. But neither really are addressed by those who want to take stuff produced in the last few years, rip it, and distribute it to millions of strangers so that they do not have to contribute a penny to the material's production.
Waving a hand and saying "The statistics/arguments/etc you're using are bogus" doesn't make them so. If they're bogus, or based on faith, it should be very easy to show. So far, all I see is handwaiving about entirely seperate arguments made by the RIAA or whatever concering the amount of money illegal copies lose the industry. While that's nice, and the RIAA and MPAA are fundamentally dishonest, this doesn't exactly mean that anything affecting the legitimacy of copyright itself has actually been debunked, it just means that just as there are slimeballs on the anti-copyright front, there are those on the pro-copyright side likewise.
But, if you're saying it can be done, show it. My favourite movie of all time is Terry Gilliam's Brazil, and it's low budget. Can you get a film of similar quality made for me, that can be distributed for free?
If you can't and it has something to do with copyright laws as they stand, then can you let me know how they can be reformed so you can do this? And can you show me how those reforms are better than what we have today?
The last time I asked this question, the response was that removing the ability to fund movie making was a price worth paying if copyrights were abolished. I hope you have a better answer, because from where I stand, it isn't.
You strange person!