That's a very interesting point and answer. I am wondered about what you think in this case. Supposedly, A knows that B is driving but doesn't expect B to be distracted when A texts B. So A texts B and B responds (regardless who starts the texting session). During their texting session (while B is still driving and A knows that B is driving but believe that B is not being distracted by the text), B was texting back and rear end another car in front at the same time (and may cause a lot of damage). Would A be liable for the accident as well under the law??? I am just curious and thanks for answering.
No, I would agree more on grayscale v. color from the GP. The animated and stand still images are completely 2 different contents. In other words, one is displaying content in a different way compared to the other.
I would suggest another comparison which I think it is more appropriate. The 2DS would be similar to a browser that does NOT support gradient display (which imitate 3D display); whereas, the 3DS could properly display gradient. As a result, the same content is displayed in the same manner, but the visual of 3D is better than 2D in some sense.
I am now not sure what the word "researcher" mean? The link for the campaign page mentioned about "independent researchers." However, the summary used the word "one researcher." If I correctly recall from his own blog (Khali), he said he is an "unemployed" which is far from a "researcher." Besides, he happened to stumble on the security issue. This does NOT mean a "research"! This web page is simply to get "attention" from people in the community and should NOT be posted on./ at all. The campaign owner guy, Marc Maiffret, is tainting real independent researcher's name...
I believe that the endorsing email sent to you is actually another type of spam from LinkedIn. It is similar to those invitation emails. I have 2 different email addresses that I am using for different purposes, and one is registered to LinkedIn for years. I never tie these 2 address together (not in each other's contact list). Then a year ago, my friend got an invitation email from LinkedIn from someone else and he registered with the LinkedIn. His email is tied to my email address which is not registered to LinkedIn. All the sudden, I got an invitation email from him through LinkedIn in the email (the one which is not registered). The email kept coming at least 3 times within a week. So LinkedIn turns itself into a spammer. Watch out now. If you registered with LinkedIn, it will take all the contacts in your email and send this kind of spam email to every email address in the contact that is not registered with them.
I would look at it a different way. I do not believe that human rights would be only a part of the reason. Another important reason is that the situation is exploitable. How would you like to be accused of doing something you did not do (a set up) and be given a death sentence, and then your organs are harvested? There are always a loop hole in laws, and laws are not always right. As a result, the false positive cases could intentionally be the exploitation of the system (organ harvest). That said, to me, it is out weight any laws to allow harvesting organs from prisoners with a death sentence.
And that's why I blame FB team to not scrutinize on bug report. Have you ever been in an environment that you and a few other people have to deal with hundreds of hundreds of new vague bug report every day for months, and that you are one of them to verify and fix them? I am not saying that you could use that as an excuse not to be careful, but I am saying that it leads to what FB team did. It may or may not be acceptable depends on who is looking at the issue.
Well, you should not overlook that there may be other factors involved in these parties...
The bug reporter
1)Did he describe how to reproduce the bug step-by-step?
2)Did he describe the set up to reproduce the bug in detail?
3)How understandable was his email to native English speakers?
The FB team
1)How many similar bug reports do they get each day?
2)What the procedure do they use in bug investigation?
3)How much concern they have to each bug report?
1st email:
the bug allow facebook users to share links to other facebook users , i tested it on sarah.goodin wall and i got success post
http:
2nd email:
of course you may cant see the link because sarah's timeline friends posts shares only with her friends , you need to be a friend of her to see that post or you can use your own authority.
this is a picture shows that post:
Now, your reply assumes that the bug reporter clearly explains how to reproduce the bug. What I see from his blog post that the first email is only the "result image" of what he did which cannot be a proof! Why? You should be able to answer that if you know any photo editor software. The second email is not much better than the first. It added a little more preparation to reproduce the bug, but it is still too vague. This is a type of "bug report" from an end user who does NOT understand what "step-by-step" is.
Being said that, you also assume that the FB team has nothing to do at all. There is always a reason for whatever one does; however, the reason may or may not be acceptable to the general public. At least, you need to put yourself into other's shoes in order to understand it better. The work load of validating bug reports could be a lot more than you think. When monetary system is involved, there are always some people who attempt to exploit the system. In this case, I guarantee that there are plenty of fake bug reports sending to their team. When you have seen a lot of fake bug reports and you need to invalidate them, you would likely be sceptical toward any bug report at first. If there is no step-by-step procedure in place, you may apply the simplest way to deal with -- in this case attempt to post something on someone else's time line that is not in your friend list. Then the second report said you have to be a friend of the person. You may assume that it is not a bug because the person is in your "friend" list, and that you have permission to post on their timeline (assume that the person permission is set to allow friends to post).
Anyhow, I do blame both sides. I blame the reporter because he gave an incomplete bug report which makes sense to him but not others at the time. Then he escalates his action and steps over the line. I blame the FB team because they did not scrutinize on every single bug report but rather make an assumption in order to do less work. If I were to judge this, I would not reward the reporter still because of his second action (steps over the line). I hope that the reporter loses his attitude and learn from this situation that he should be more professional in the field. The mistake he did (now) is not serious but rather excellent experience for him to be more clear and careful in the future.
PS: For those who said why he did not use a dummy account to do the test, I half agree. Seeing his blog, it seems that he does not know how to disguise his connection on the Internet, using a dummy account does not help...
Of course, this means that if someone clicks OK, they are hosed, but it is better than just sticking an adapter on and doing dirty work without knowing the device's PIN or password.
Hmm... So how is that different from the Apple charger case if a user manually authorizes the process? Didn't you read the TFA or even the summary?
Once the charger is plugged in and the user inputs their PIN code,...
You see, it means that an iPhone user has to input their PIN or "authorize" the access, which is similar to clicks "OK" as you mentioned. From here, I see no difference between the USB debugging feature enabled and charger...
This may becomes BRCA1 & BRCA2 case in the future if they can "patent" these genes... I hope they fail miserably on getting a patent if what they called "technology" is actually "genes"! Below is from TFA...
The researchers have filed a patent on the technology and are working with the UW Center for Commercialization. They hope to integrate it into a paper-based diagnostic test for diseases that could be used in parts of the world with few medical resources.
Re:Insane... AT&T actually ahead of the game?
on
Rooting SIM Cards
·
· Score: 1
Vulnerability or security research is done in order to ensure security. Regardless who funds the research, it is better to find out the vulnerabilities before black-hat hackers do. Nobody knows does NOT mean it is secure...
I actually read that book, or tried to. As an intro to programming any language it sucked. Hard.
I completely agree with you for this! I have read the whole book to see how it is written. There are so many points that the author did NOT thoroughly describe or even misleads.
Before I go into the book, I want to talk about an issue that JavaScript introduces and I did not realize the changes -- variable scope. It used to be that the keyword 'var' is to declare a variable and the variable will live through out its scope. Not anymore, except between functions! Everything now becomes global and you do not need the 'var' keyword! (You do not need a semicolon at the end of the line either but for the sake of clarity.)
// Browser: Firefox 20.0 and Chrome 25.0.1364.160-0ubuntu0.10.04.1 // OS: Ubuntu 10.04
a = 7;// new variable, declare as global
function RunThis() {
var a = 1;// expect to be local
b = 100;
alert("Before Outside a/b: "+a+"/"+b)// 1/100, OK
if (true) {// force going into a scope
var a = 99;// expect to be local
var b = 9;// expect to be local
alert("After Inside a/b: "+a+"/"+b);// 99/9, OK
}
alert("After Outside a/b: "+a+"/"+b);// 99/9, shouldn't it be 1/100 ???
callAnother();
}
function callAnother() {
b = 77;
alert("See a/b: "+a+"/"+b);// 7/77, OK
}
This is a very dangerous change that could get those who come from compiled language programming in trouble, and vice versa.
As you can see that 'var' keyword is now pretty much useless. The author said "The word var is used to create a new variable," which is no longer true from the example above (everything becomes a varible after an assign symbol -- '=').
Next issue with the book is some functions that are used through out the book -- print(), show(), and load(). I am not sure whether these functions are available in server-side version (i.e. Node.js), but they are NOT standard or working functions as the author claims. The print() function is a built-in and will pop up the "print" dialog on the browser. The alert() function is preferred to display whatever as a pop up on a browser. The author uses the alert() function here and there. The show() and load() functions are not built-in/standard; however, both can be found on JQuery which is a delivertive work of JavaScript!
Next, the author talks about how to initialize array and object. The author does NOT talk about variation of array initialization until later! One way to initialize an array object is on page 42 ([]), and the other is on page 118 (new Array() or new Array(length)). But then the author doesn't explain that specifying array length in JavaScript may not give much benefit if the array is not huge/complex or there are not many array manipulations (which is usually the case) because JavaScript will automatically extend the length of an array.
a = []// []
a[3] = 12// [undefined, undefined, undefined, 12]
a = new Array(4)// [undefined, undefined, undefined, undefined]
a[3] = 12// [undefined, undefined, undefined, 12]
a["1"] = 7// [undefined, 7, undefined, 12]
The same issue applies to Object ({} on page 39 and new Object() on page 104). The use of array and object may be overlapped but the author does not talk about advantages/disadvantages which would lead to different purposes of use.
When the author talks about Object ({}) and gives an example of creating a date object using Object and class Date (page 48-49), it misleads the readers! The book transition jumps from a simple object to a (built-in) class object without any explanation
Well, he might be dreaming on getting a huge payment (if he could ever win). Or at least, he just wants publicity if he sues a corporation (Apple) rather than his own wife, so that he can be [in]famous...
That is not UNDONE, that is an attempt to recover. You can NOT erase everyone from knowing that there is/was the operation (unless you have a way to completely erase people's memory).
It may be true. However, it is useless to talk about what if because it's been done and cannot be undone. No good to keep talking about this. What should be talking about is how to deal with it and how to recover from the damage.
The catch phrase is in the last sentence "I am going to write me a new minivan this afternoon." In other words, the guy is going to write a full load of bugs software and fix them. Each bug he found (intentionally left in the software) and fixed would be worth $10. If he is going to be able to buy a new minivan, how many bugs does he need to create & find?
I assume this is the reason he is suggesting this. If you can't see them, you are probably too narrow-minded. Enforcing the norm provides a stronger social order, a clear balance of power and a more unified set of values, more collectivism, and generally more efficient state maintenance and exchanges. Going out of the norm, on the other hand, leads to more freedom, more individualism and less restricted creativity. It's purely a matter of which aspects of society you want to promulgate.
My answer already mentioned in my previous reply. I did not say that there is NO benefit. I said there are similar because there are some benefit. It depends on how you define "benefits" at this point. Maybe the benefit from the poster is what you call "narrow-minded."
This is the definition of the norm, yes. Note that a democracy is a system which is based on the concept of following the majority's decisions. If they are opposed to the minority's, then so be it.
So it is "Argumentum ad Populum" and it could may or may not be right. Although, I am not going to define what "right" or "wrong" because it depends on one's interpretation.
By the poster's idea, are you referring to the idea of vocally encouraging people to boycott the movie on ad hominem principles? The only benefit of doing that is to set up a large scale ad hominem campaign.
I still see that they both are equal. Let say A=poster, B=Card, C=government, and D=target. B suggests/encourages C to attack D. A suggest/encourges D to attack A. It is very similar but on a different route. The difference of D in this point is that latter D would include those who are not in the former D. But I would leave the judgement to them because they are not me.
Orson Scott Card has suggested that the government should enforce certain societal rules and discourage people from going outside of the norm in public.
What the cause of Card suggestion to do so? Could it be from hatred/belief? What is the "norm"? Majority? If it is, could it be a "Argumentum ad Populum"? Yes, it is still a valid idea and there is an expectation of damage to the target group. It is up to the government (or actual people) to apply his idea.
And the poster suggest may also be the same feeling/belief. It is another encouragement/suggestion/expression to others, and I see it is valid (similar expectation of the outcome).
When you said the outcome of following his idea may have some benefits, the similar trend would also applies to the poster idea. The difference is there would be different groups of those who gain the benefits. If you are in the benefit group from his idea but not the poster, you would feel that the poster is more bigotry than he is, and vice versa.
As I said earlier, whether or not the poster point would be applied to me is all up to me (or any other reader). That's why I don't really see which is worse/better than the other.
I am seeing his point of view as "eyes for eyes and teeth for teeth." There isn't really a "more than" in this case... It is his point of view and I respect that. Will I apply his point of view to my action? It is up to me.
That could be true; however, have you read the audit paper written by OIG in PDF (http://www.oig.doc.gov/OIGPublications/OIG-13-027-A.pdf)? It is very interesting and contains what the auditor (OIG) thinks where to blame (although those who are at fault simply brush the responsibility to others). Everything seems to be from miscommunication between DOC CIRT and EDA, and both did not know about this miscommunication until too late (the end of 2012, about a year after the incident).
What happened (from the audit paper) was that the incident handlers from DOC CIRT sent out 2 notifications to EDA regarding the US CERT notification. The first notification simply listed all 146 components, and EDA thought all of them were infected. Then the incident handlers from DOC CIRT sent the 2nd notification with accurate analysis of only 2 infected commponents, but the notification did not clarify or mention that the 1st notification was inaccurate (wrong). As a result EDA thought all 146 components were still infected.
Then the EDA selected and submitted 2 components to the DOC CIRT as a process to verify whether they were infected. Apparently, the EDA submitted the 2 components mentioned in the 2nd notification, and the result came back positive. As a result, the EDA thought that all 146 components were infected.
It got worse when EDA already knew that their IT system is outdated and needed a lot of updates/patches (since 2006 from NSA and OIG system reviewed) but they never fixed the issues. They believed this incident was an attack from nation-state actors (hackers), so their system could be extremely vulnerable to the attack. As a result, their system could open a hole to other systems' access. Therefore, the system was isolated.
Keep in mind, the Chief Information Officer (CIO) believed that this incident is from hackers. Then the EDA hired an external security company (contractor) to come in and assess the situation/system. The contractor found no actual malware infections. However, the CIO of EDA asked for a guarantee that there is non-existing of infection at all in the system [CIO is trying to safe his behind because of his belief]. The contractor could not give a guarantee due to the different between "could not exist" and "did not exist" of infections. That let to destroying the hardware part.
During the wait for recovery, the EDA entered into an agreement with Census to use their resources (e-mail, Internet, laptops, etc).
This is not done yet (and not included in the summary of this topic). The EDA did not listen to the recommendation from NSA or DHS about recovery plan -- quickly & fully recovery IT system. The EDA wanted a whole new system. This would cost $26 millions in total and won't be finished until the end of FY2014.
In summary, the miscommunication and other factors escalate the issue to be worse and worse.
1.DOC CIRT incorrectly handled the notification
1.DOC CIRT did not admit that their 1st notification was wrong to EDA
2.EDA did not verify the 2nd notification against the 1st with DOC CIRT
3.EDA did not submit random components (from 146) for verification
4.EDA IT system is outdated and has never been fixed/patched
5.CIO of EDA wanted to cover his behind by asking for a guarantee which is unrealistic
6.EDA wanted a whole new IT system which cost $26 millions
What do these people learn from the incident? No punishment but simply recommendations Deputy Assistant Secretary and the CIO of EDA (page 17 of the report/page 22 of the PDF file)! This situation is very similar to a big corporation making a mistake, and as a result, tax payers paid the price and nobody who were involved in the incident was punished.
With Obamacare just around the corner...you are correct. We are ALL next.
First, you (or the other AC) attempted to blame the whole situation on homosexual -- a myth that HIV is from homosexual. The HIV is also from heterosexual as well (especially prostitution) and is under radar. Please take the bias out of the context.
Then you are pulling politic into the topic; whereas, there is no relation to the topic at all. So both posts of AC are flame bait.
Now back to the topic, I believe that incubation period if HIV can be longer than 1 year -- http://www.healthalert.net/Dispelling_Misconceptions/?p=31 -- so they should not make a BIG news out of their experiment when only a couple months have passed. This is just to get publicity. What would happen if all the sudden it is no longer true (they found the HIV again on the patients)?
Slashdot Mirror
That's a very interesting point and answer. I am wondered about what you think in this case. Supposedly, A knows that B is driving but doesn't expect B to be distracted when A texts B. So A texts B and B responds (regardless who starts the texting session). During their texting session (while B is still driving and A knows that B is driving but believe that B is not being distracted by the text), B was texting back and rear end another car in front at the same time (and may cause a lot of damage). Would A be liable for the accident as well under the law??? I am just curious and thanks for answering.
No, I would agree more on grayscale v. color from the GP. The animated and stand still images are completely 2 different contents. In other words, one is displaying content in a different way compared to the other.
I would suggest another comparison which I think it is more appropriate. The 2DS would be similar to a browser that does NOT support gradient display (which imitate 3D display); whereas, the 3DS could properly display gradient. As a result, the same content is displayed in the same manner, but the visual of 3D is better than 2D in some sense.
I am now not sure what the word "researcher" mean? The link for the campaign page mentioned about "independent researchers." However, the summary used the word "one researcher." If I correctly recall from his own blog (Khali), he said he is an "unemployed" which is far from a "researcher." Besides, he happened to stumble on the security issue. This does NOT mean a "research"! This web page is simply to get "attention" from people in the community and should NOT be posted on ./ at all. The campaign owner guy, Marc Maiffret, is tainting real independent researcher's name...
I believe that the endorsing email sent to you is actually another type of spam from LinkedIn. It is similar to those invitation emails. I have 2 different email addresses that I am using for different purposes, and one is registered to LinkedIn for years. I never tie these 2 address together (not in each other's contact list). Then a year ago, my friend got an invitation email from LinkedIn from someone else and he registered with the LinkedIn. His email is tied to my email address which is not registered to LinkedIn. All the sudden, I got an invitation email from him through LinkedIn in the email (the one which is not registered). The email kept coming at least 3 times within a week. So LinkedIn turns itself into a spammer. Watch out now. If you registered with LinkedIn, it will take all the contacts in your email and send this kind of spam email to every email address in the contact that is not registered with them.
That's right. Thanks for a better explanation. :)
I would look at it a different way. I do not believe that human rights would be only a part of the reason. Another important reason is that the situation is exploitable. How would you like to be accused of doing something you did not do (a set up) and be given a death sentence, and then your organs are harvested? There are always a loop hole in laws, and laws are not always right. As a result, the false positive cases could intentionally be the exploitation of the system (organ harvest). That said, to me, it is out weight any laws to allow harvesting organs from prisoners with a death sentence.
And that's why I blame FB team to not scrutinize on bug report. Have you ever been in an environment that you and a few other people have to deal with hundreds of hundreds of new vague bug report every day for months, and that you are one of them to verify and fix them? I am not saying that you could use that as an excuse not to be careful, but I am saying that it leads to what FB team did. It may or may not be acceptable depends on who is looking at the issue.
Well, you should not overlook that there may be other factors involved in these parties...
The bug reporter
1)Did he describe how to reproduce the bug step-by-step?
2)Did he describe the set up to reproduce the bug in detail?
3)How understandable was his email to native English speakers?
The FB team
1)How many similar bug reports do they get each day?
2)What the procedure do they use in bug investigation?
3)How much concern they have to each bug report?
1st email:
. :
the bug allow facebook users to share links to other facebook users , i tested it on sarah.goodin wall and i got success post
http:
2nd email:
of course you may cant see the link because sarah's timeline friends posts shares only with her friends , you need to be a friend of her to see that post or you can use your own authority
this is a picture shows that post
Now, your reply assumes that the bug reporter clearly explains how to reproduce the bug. What I see from his blog post that the first email is only the "result image" of what he did which cannot be a proof! Why? You should be able to answer that if you know any photo editor software. The second email is not much better than the first. It added a little more preparation to reproduce the bug, but it is still too vague. This is a type of "bug report" from an end user who does NOT understand what "step-by-step" is.
Being said that, you also assume that the FB team has nothing to do at all. There is always a reason for whatever one does; however, the reason may or may not be acceptable to the general public. At least, you need to put yourself into other's shoes in order to understand it better. The work load of validating bug reports could be a lot more than you think. When monetary system is involved, there are always some people who attempt to exploit the system. In this case, I guarantee that there are plenty of fake bug reports sending to their team. When you have seen a lot of fake bug reports and you need to invalidate them, you would likely be sceptical toward any bug report at first. If there is no step-by-step procedure in place, you may apply the simplest way to deal with -- in this case attempt to post something on someone else's time line that is not in your friend list. Then the second report said you have to be a friend of the person. You may assume that it is not a bug because the person is in your "friend" list, and that you have permission to post on their timeline (assume that the person permission is set to allow friends to post).
Anyhow, I do blame both sides. I blame the reporter because he gave an incomplete bug report which makes sense to him but not others at the time. Then he escalates his action and steps over the line. I blame the FB team because they did not scrutinize on every single bug report but rather make an assumption in order to do less work. If I were to judge this, I would not reward the reporter still because of his second action (steps over the line). I hope that the reporter loses his attitude and learn from this situation that he should be more professional in the field. The mistake he did (now) is not serious but rather excellent experience for him to be more clear and careful in the future.
PS: For those who said why he did not use a dummy account to do the test, I half agree. Seeing his blog, it seems that he does not know how to disguise his connection on the Internet, using a dummy account does not help...
Opps, TFA, not TSA...
IEEE Std 1363a defines a method to to Elliptic Curve Crypto that is not patent encumbered.
I don't think what is patented in the TSA is the method, but its implementation (quote below).
Implementations of ECC were pioneered and patented by a company called Certicom that is now a subsidiary of the phone manufacturer BlackBerry.
So my question is that is there only ONE implementation for the algorithm???
Of course, this means that if someone clicks OK, they are hosed, but it is better than just sticking an adapter on and doing dirty work without knowing the device's PIN or password.
Hmm... So how is that different from the Apple charger case if a user manually authorizes the process? Didn't you read the TFA or even the summary?
Once the charger is plugged in and the user inputs their PIN code, ...
You see, it means that an iPhone user has to input their PIN or "authorize" the access, which is similar to clicks "OK" as you mentioned. From here, I see no difference between the USB debugging feature enabled and charger...
This may becomes BRCA1 & BRCA2 case in the future if they can "patent" these genes... I hope they fail miserably on getting a patent if what they called "technology" is actually "genes"! Below is from TFA...
The researchers have filed a patent on the technology and are working with the UW Center for Commercialization. They hope to integrate it into a paper-based diagnostic test for diseases that could be used in parts of the world with few medical resources.
Vulnerability or security research is done in order to ensure security. Regardless who funds the research, it is better to find out the vulnerabilities before black-hat hackers do. Nobody knows does NOT mean it is secure...
I actually read that book, or tried to. As an intro to programming any language it sucked. Hard.
I completely agree with you for this! I have read the whole book to see how it is written. There are so many points that the author did NOT thoroughly describe or even misleads.
Before I go into the book, I want to talk about an issue that JavaScript introduces and I did not realize the changes -- variable scope. It used to be that the keyword 'var' is to declare a variable and the variable will live through out its scope. Not anymore, except between functions! Everything now becomes global and you do not need the 'var' keyword! (You do not need a semicolon at the end of the line either but for the sake of clarity.)
// Browser: Firefox 20.0 and Chrome 25.0.1364.160-0ubuntu0.10.04.1
// OS: Ubuntu 10.04 // new variable, declare as global // expect to be local // 1/100, OK // force going into a scope // expect to be local // expect to be local // 99/9, OK // 99/9, shouldn't it be 1/100 ???
// 7/77, OK
a = 7;
function RunThis() {
var a = 1;
b = 100;
alert("Before Outside a/b: "+a+"/"+b)
if (true) {
var a = 99;
var b = 9;
alert("After Inside a/b: "+a+"/"+b);
}
alert("After Outside a/b: "+a+"/"+b);
callAnother();
}
function callAnother() {
b = 77;
alert("See a/b: "+a+"/"+b);
}
This is a very dangerous change that could get those who come from compiled language programming in trouble, and vice versa. As you can see that 'var' keyword is now pretty much useless. The author said "The word var is used to create a new variable," which is no longer true from the example above (everything becomes a varible after an assign symbol -- '=').
Next issue with the book is some functions that are used through out the book -- print(), show(), and load(). I am not sure whether these functions are available in server-side version (i.e. Node.js), but they are NOT standard or working functions as the author claims. The print() function is a built-in and will pop up the "print" dialog on the browser. The alert() function is preferred to display whatever as a pop up on a browser. The author uses the alert() function here and there. The show() and load() functions are not built-in/standard; however, both can be found on JQuery which is a delivertive work of JavaScript!
Next, the author talks about how to initialize array and object. The author does NOT talk about variation of array initialization until later! One way to initialize an array object is on page 42 ([]), and the other is on page 118 (new Array() or new Array(length)). But then the author doesn't explain that specifying array length in JavaScript may not give much benefit if the array is not huge/complex or there are not many array manipulations (which is usually the case) because JavaScript will automatically extend the length of an array. // [] // [undefined, undefined, undefined, 12] // [undefined, undefined, undefined, undefined] // [undefined, undefined, undefined, 12] // [undefined, 7, undefined, 12]
a = []
a[3] = 12
a = new Array(4)
a[3] = 12
a["1"] = 7
The same issue applies to Object ({} on page 39 and new Object() on page 104). The use of array and object may be overlapped but the author does not talk about advantages/disadvantages which would lead to different purposes of use.
When the author talks about Object ({}) and gives an example of creating a date object using Object and class Date (page 48-49), it misleads the readers! The book transition jumps from a simple object to a (built-in) class object without any explanation
Well, he might be dreaming on getting a huge payment (if he could ever win). Or at least, he just wants publicity if he sues a corporation (Apple) rather than his own wife, so that he can be [in]famous...
That is not UNDONE, that is an attempt to recover. You can NOT erase everyone from knowing that there is/was the operation (unless you have a way to completely erase people's memory).
It may be true. However, it is useless to talk about what if because it's been done and cannot be undone. No good to keep talking about this. What should be talking about is how to deal with it and how to recover from the damage.
Hmm... Not sure these papers would directly related to the fault plane you are talking about -- http://jbbp.kankyo.tohoku.ac.jp/jbbp/PDF/1997_Zoback.pdf and ftp://ftp.ingv.it/pub/mario.anselmi/MARTA/ktb-sourceparam-bssa1998.pdf (both are around 15 years old). They are not an easy reading though, so be warned...
The catch phrase is in the last sentence "I am going to write me a new minivan this afternoon." In other words, the guy is going to write a full load of bugs software and fix them. Each bug he found (intentionally left in the software) and fixed would be worth $10. If he is going to be able to buy a new minivan, how many bugs does he need to create & find?
I assume this is the reason he is suggesting this. If you can't see them, you are probably too narrow-minded. Enforcing the norm provides a stronger social order, a clear balance of power and a more unified set of values, more collectivism, and generally more efficient state maintenance and exchanges. Going out of the norm, on the other hand, leads to more freedom, more individualism and less restricted creativity. It's purely a matter of which aspects of society you want to promulgate.
My answer already mentioned in my previous reply. I did not say that there is NO benefit. I said there are similar because there are some benefit. It depends on how you define "benefits" at this point. Maybe the benefit from the poster is what you call "narrow-minded."
This is the definition of the norm, yes. Note that a democracy is a system which is based on the concept of following the majority's decisions. If they are opposed to the minority's, then so be it.
So it is "Argumentum ad Populum" and it could may or may not be right. Although, I am not going to define what "right" or "wrong" because it depends on one's interpretation.
By the poster's idea, are you referring to the idea of vocally encouraging people to boycott the movie on ad hominem principles? The only benefit of doing that is to set up a large scale ad hominem campaign.
I still see that they both are equal. Let say A=poster, B=Card, C=government, and D=target. B suggests/encourages C to attack D. A suggest/encourges D to attack A. It is very similar but on a different route. The difference of D in this point is that latter D would include those who are not in the former D. But I would leave the judgement to them because they are not me.
Orson Scott Card has suggested that the government should enforce certain societal rules and discourage people from going outside of the norm in public.
What the cause of Card suggestion to do so? Could it be from hatred/belief? What is the "norm"? Majority? If it is, could it be a "Argumentum ad Populum"? Yes, it is still a valid idea and there is an expectation of damage to the target group. It is up to the government (or actual people) to apply his idea.
And the poster suggest may also be the same feeling/belief. It is another encouragement/suggestion/expression to others, and I see it is valid (similar expectation of the outcome).
When you said the outcome of following his idea may have some benefits, the similar trend would also applies to the poster idea. The difference is there would be different groups of those who gain the benefits. If you are in the benefit group from his idea but not the poster, you would feel that the poster is more bigotry than he is, and vice versa.
As I said earlier, whether or not the poster point would be applied to me is all up to me (or any other reader). That's why I don't really see which is worse/better than the other.
I am seeing his point of view as "eyes for eyes and teeth for teeth." There isn't really a "more than" in this case... It is his point of view and I respect that. Will I apply his point of view to my action? It is up to me.
best buddy system.
that's why.
That could be true; however, have you read the audit paper written by OIG in PDF (http://www.oig.doc.gov/OIGPublications/OIG-13-027-A.pdf)? It is very interesting and contains what the auditor (OIG) thinks where to blame (although those who are at fault simply brush the responsibility to others). Everything seems to be from miscommunication between DOC CIRT and EDA, and both did not know about this miscommunication until too late (the end of 2012, about a year after the incident).
What happened (from the audit paper) was that the incident handlers from DOC CIRT sent out 2 notifications to EDA regarding the US CERT notification. The first notification simply listed all 146 components, and EDA thought all of them were infected. Then the incident handlers from DOC CIRT sent the 2nd notification with accurate analysis of only 2 infected commponents, but the notification did not clarify or mention that the 1st notification was inaccurate (wrong). As a result EDA thought all 146 components were still infected.
Then the EDA selected and submitted 2 components to the DOC CIRT as a process to verify whether they were infected. Apparently, the EDA submitted the 2 components mentioned in the 2nd notification, and the result came back positive. As a result, the EDA thought that all 146 components were infected.
It got worse when EDA already knew that their IT system is outdated and needed a lot of updates/patches (since 2006 from NSA and OIG system reviewed) but they never fixed the issues. They believed this incident was an attack from nation-state actors (hackers), so their system could be extremely vulnerable to the attack. As a result, their system could open a hole to other systems' access. Therefore, the system was isolated.
Keep in mind, the Chief Information Officer (CIO) believed that this incident is from hackers. Then the EDA hired an external security company (contractor) to come in and assess the situation/system. The contractor found no actual malware infections. However, the CIO of EDA asked for a guarantee that there is non-existing of infection at all in the system [CIO is trying to safe his behind because of his belief]. The contractor could not give a guarantee due to the different between "could not exist" and "did not exist" of infections. That let to destroying the hardware part.
During the wait for recovery, the EDA entered into an agreement with Census to use their resources (e-mail, Internet, laptops, etc).
This is not done yet (and not included in the summary of this topic). The EDA did not listen to the recommendation from NSA or DHS about recovery plan -- quickly & fully recovery IT system. The EDA wanted a whole new system. This would cost $26 millions in total and won't be finished until the end of FY2014.
In summary, the miscommunication and other factors escalate the issue to be worse and worse. 1.DOC CIRT incorrectly handled the notification
1.DOC CIRT did not admit that their 1st notification was wrong to EDA
2.EDA did not verify the 2nd notification against the 1st with DOC CIRT
3.EDA did not submit random components (from 146) for verification
4.EDA IT system is outdated and has never been fixed/patched
5.CIO of EDA wanted to cover his behind by asking for a guarantee which is unrealistic
6.EDA wanted a whole new IT system which cost $26 millions
What do these people learn from the incident? No punishment but simply recommendations Deputy Assistant Secretary and the CIO of EDA (page 17 of the report/page 22 of the PDF file)! This situation is very similar to a big corporation making a mistake, and as a result, tax payers paid the price and nobody who were involved in the incident was punished.
How much brute force traffic do you expect before you do something?
Obviously, you did not read TFA. Yes, it creates traffic, but it might not create enough noticeable traffic at first until it became obvious later on.
On further investigation Nintendo found that the attempts started on June 9 and the scattered instances of illicit logins became a problem on July 2.
...to butt fuck each other with impunity!
With Obamacare just around the corner...you are correct. We are ALL next.
First, you (or the other AC) attempted to blame the whole situation on homosexual -- a myth that HIV is from homosexual. The HIV is also from heterosexual as well (especially prostitution) and is under radar. Please take the bias out of the context.
Then you are pulling politic into the topic; whereas, there is no relation to the topic at all. So both posts of AC are flame bait.
Now back to the topic, I believe that incubation period if HIV can be longer than 1 year -- http://www.healthalert.net/Dispelling_Misconceptions/?p=31 -- so they should not make a BIG news out of their experiment when only a couple months have passed. This is just to get publicity. What would happen if all the sudden it is no longer true (they found the HIV again on the patients)?