Here's a detailed step-by-step example that shows how this problem could play out:
Programmer P downloads the Konqueror web browser, receiving it under terms of GPL.
P learns of a new web standard that requires exercising a technique for parsing URLs that is patented by Corporation C. C has licensed the patent under an RF, non-exclusive license, but with a "field of use" restriction that says the license can be used to "implement the standard". The standard, as it turns out, covers only what browsers must do with URLs, and says nothing about the server side or clients that aren't user browsers.
P implements this technique in Konqueror, and seeks to redistribute the modified version on his website so that other users can benefit from Konqueror now complying with the standard. If he does, he is bound by the GPL under copyright law, because he is redistributing a modified version.
However, he knows full well of a condition on that code that contradicts the GPL (violating Section 7) -- namely, he knows that C's patent license prohibits folks from taking his URL parsing code and putting it into, say, a search engine. Therefore, under GPL Section 7, he is prohibited from redistribution.
You might think that he can simply assign his copyright to the existing copyright holder of Konqueror let distribution happen from that source. They could distribute under GPL, but they would be granting a self-contradicting license. Nothing (to my knowledge, but IANAL) prohibits someone from distributing copyrighted works under licenses that make no sense and are self-contradictory. However, it is certainly true that those who receive distribution of the works are stuck and can't undertake further distribution or modification themselves.
Thus, regardless of who makes the changes, the result either shuts down distribution or forces the original developer to abandon GPL. Both outcomes are very unfortunate.
Feature creep is only bad when necessary focus on the existing product and its features is lost. The current Google Search product development is essentially stagnant, and rightly so. Other than the occassional maintenance and search algorithm tweaking, I don't really want Google's Search to change much.
Who cares of Google adds a few more tabs that I don't have to click on (but usually do). New features that you don't use aren't "bloat" when they're inconspicuous and harmless.
Their addition of AdWords and the Web Developer API shows that they're committed to adding new search-related technology, they're supporting the existing infrastructure, and the search GUI remains uncluttered. What more could we ask for?
The notion that "evil is growing" is no more applicable to Google than Fruit of the Loom.
Are you joking? Many companies invest hundreds of million dollars to build a product, take it to market, and scale it. Look at projects like Sprint's Broadband Wireless Group and their national ISP build-out to companies laying dark fiber across the country and around the world -- huge capital investment before they see any ROI.
Unlike GIMP, Photoshop actually supports CMYK, Pantone, and 16-bit/channel images. The entire pre-press industry depends on these features.
The only app for Linux that's competitive in this space is GIMP. According to GIMP's web site, supporting CMYK will "require a complete rewrite" of the painting engine and will not be available until GIMP 2.0 which some speculate will never come to fruition.
There are entire industries blocking on Linux having the capabilities that Photoshop provides. This is a great step in the right direction, even if it's just a stop-gap until GIMP 2.0 is available.
CMYK is a color model in which all colors are described as a mixture of these four process colors. CMYK is the standard color model used in offset printing for full-color documents. Because such printing uses inks of these four basic colors, it is often called four-color printing.
In contrast, display devices generally use a different color model called RGB, which stands for Red-Green-Blue. One of the most difficult aspects of desktop publishing in color is color matching -- properly converting the RGB colors into CMYK colors so that what gets printed looks the same as what appears on the monitor.
Are you disrespecting my PhD? Come to one of my classes and watch me write Win32 VXDs that make calls to WDM and see whether you still think that I was born in a cracker jack box, bitch.
Oh, by the way...I have another certification,too.
on
Borland C++ For Linux
·
· Score: 1, Troll
You've probably seen some hardware reviews like this that describe some of the lateral front-side improvements that some of the ASIC frontiersmen have been embarking on, but the reality of it all doesn't always sink in during the course of creating a chipset duel like this. You can't ignore the inability to do PCI syncs on most of the higher-end pipelined components like the Creative Audigy and GeForce 3 Ti500.
If you dig a little, you'll see that those folks also have long history of solving problems like those described in your post. In fact, one of the market segments they've been targetting for the last few months involves sub-AGP register performance enhancement tailoring. So, while you end up with some benchmarks resembling AGP 8x, you find yourself wallowing in a sea of self-pity as your multimedia performace drops off the charts.
The practical implications of this are worse than vaporware. With all of this attention flowing in the direction of negative progress, we're likely to be more inhibited than we helped by this uncommitted branching of GDI code.
These bastards can take their front side resonating bleed factor, cover it in bubble wrap, and mail it to their mothers.
In Brian's case, this reminds me more of a guy walking his dog around his neighborhood on the sidewalk who notices that the front door of one of the houses was left wide open and that there are flashing neon signs pointing to the open door that read
ENTER HERE -->
TAKE EVERYTHING IN MY HOUSE! PLEASE! I DON'T WANT IT! IF I DID, WHY WOULD I PUT THIS SIGN UP AND LEAVE MY FRONT DOOR OPEN?
So, the guy looks at the mailbox to find a house number, looks up the number in the neighborhood directory, and calls the owner to make sure he's aware of the situtation.
We can start an entire thread on analogies for things like what Brian did and what portscanning is, but it just becomes subjective depending on how familiar you are with the technology. To many of us, open up a file that contains contact information after Frontpage accidentally goes into editing mode instead of read-only mode (or whatever) and then contacting someone about it seems trivial. But to your average FBI cybersleuth, it's just as trivial to spin this in an insanely dark direction.
Isn't it more fun to catch cybercriminals than to wander around determining that those people are actually innocent? Try to convince your average cocky FBI boy of that.
Tar up your terabyte, copy it across the Internet (or a private circuit, if you're really smart) to your off-site spare teraservers that cost $5k a piece. That's still an order of magnitude more cost-effective than shelling out the dough for Digital's disaster-tolerant FDDI remote clustering technology.
The bandwidth costs are irrelevant since they apply to any backup/clustering technology, and it's quite obvious that it's cheaper to buy lots of $5k terabytes and spread 'em out across the country than any of the big guys' "commercial enterprise-class solutions."
When in doubt, have your company buy 10 more terabytes just to be on the safe side. It's only $50k! Most manager-level positions at Fortune 500s can sign off on a purchase that size.
This stuff is great! Give terabytes as stocking-stuffers to your kids at Christmas.
I guarantee you that N, the cost for however many layers of redundancy it would take to make you comfortable with using these as production servers, where N = $5,000 * your preferred number of layers, is cheaper than your Netapp filers.
After careful consideration, I have determined that every terabyte of data you want to backup will cost roughly $5,000.
Even if you don't do incremental backups, it's still a bargain. Hell, get some more of these teraservers and do software RAID between them; this is phenomenally cheap space, folks. For the price that companies are paying for this kind of space currently, you could buy tens of terabytes of space and make it octuple-redundant and still knock a heap of cash off of your capital budget.
"FBI uses reverse hacking to catch Russians" -- CNN.com
Oh yeah, reverse hacking... that's kinda like when someone punches you in the stomach and then you use reverse punching to get back at 'em.
Let's take a look at an executive summary of the etymology of this term: it's cropped up in a couple of mailing lists and yet it seems to have no useful meaning. A mere 35 hits on Google for 'reverse hacking', but it seems to have a different meaning each time it was used, from "corporate cyber-vigilantism" to "hacking your own computer." Although, it's used exclusively on reputable mailing lists like 'The Hacker Bulletin Board' and 'Windows Security Advice'.
"Reverse hacking" was referenced as early as 1987 by 1 person in the phreaking community to describe "services putting a carrier tone in thier recordings to fool your friendly hacking program into thinking that the code was valid". If that doesn't prove that this term adds no value to the English language, I'm not sure what would.
Anyhow, it's amusing that I suspected that this term was only used by a moron at CNN, and after 5 minutes of investigation, I determined that it was only used by morons around the world.
You can have one (and only one) of the following lines on your resume. Pick one:
- "I screwed my school by driving them nuts"
- "I started a web programming firm"
The difference between these two is non-trivial.
Letting yourself get caught up in the system (i.e. public education) is a great way to waste time. Take a step back and recognize that the opinions of your educators are insignificant and that you should do what will be best for yourself in the long run (e.g. not completing school, barely getting by to finish that high school diploma), not "showing them who's smartest by getting straight A's".
If Carnivore is designed to capture RADIUS packets, then it is a password-stealing program
According to the presentation given at NANOG (North American Network Operators Group) by the FBI on Carnivore, RADIUS is used to associate the user ID of the person whose traffic is being intercepted with their dynamically-assigned IP address.
Without giving the targetted individual a static IP (that would be too suspicious), it's extremely difficult to design Carnivore in a way that would allow it to function without searching through all traffic on an entire IP subnet without using RADIUS.
As an aside, RADIUS packets are not sent in clear-text; they are encrypted using a common plain-text key that is (usually) manually assigned on both the RADIUS client and server. Is it breakable? Sure. But, then again, any value given to the FBI's explanation is derived from the notion that they aren't lying to you.
The bottom line(s):
Carnivore isn't stealing passwords
It actually makes a lot of sense to use RADIUS to allow the monitoring of a user with a dynamic IP address
Regardless of how little you trust the FBI, the design and implementation methodology that they claim to be using is actually not phenomenally bad
I'm curious about something and I think the follow-up discussion will be interesting:
How do people that have been blind their entire life visualize things?
I don't mean to imply that they can't visualize, only that I'm wondering about the extent of their ability to create mental images and how they differ from my own (FYI, I am not blind). That is, it seems as thought they could feel an object and create some sort of wireframe-like thing in their head. Maybe a more appropriate question would have been directed at what they visualize. Most my visualization consist of a combination of things I've perceived with my eyes, not to mention issues associated with color.
Well, there's my potentially ignorant question that's probably only answerable by either blind people or someone who has close contact with them.
WARNING: Reading this entire post will warm your heart
(Slashback threads are generally boring, so I don't mind being this off-topic)
So, aside from the actual off-topic at hand, assertions like "Well, he graduated <Greek phrase> from <university>, so obviously he's pretty smart!" are breath-takingly worthless.
I'm not implying that I have the first clue about Mr. Nader's cluefulness, merely casting doubt on the value of any statement that somehow relates one's education or position at a legal journal (gee, a well-respected lawyer -- can you say "dime a dozen?") to that indistinguishable level of intelligence that very few people actually possess (and that far fewer can consistently recognize).
Intermediary conclusion: I have pent up aggression that I felt like venting on the first mildly ignorant statement I read on Slashdot. The sad truth is that you might very well be right, but for all the wrong (purveyed) reasons.
Sidenote: I took a look at the Green Party's "Ten Key Values" in the interest of not being entirely ignorant. The following excerpt struck me as being the most vaguely dumb thing I've ever read:
Future Focus and Sustainability
"Our actions and policies should be motivated by long-term goals . . . Our overall goal is not merely to survive, but to share lives that are truly worth living."
Wow, if ever there was a time when "lol" was appropriate (and I doubt there is), this would be it.
Based on this marvelously common-sensical statement, I propose that we organize Slashdot's political platform. Yes, here's my suggestion (not that I'm trying to be ridiculously agreeable and appeal to every self-aware mammal):
Invariably Ultraistic Happiness
Secure inter-hemispherical beatitude
And let me tell you something, I believe that if we can converge on this platform that we will be able to . . . well, as the Green Party so eloquently puts it (this is hilariously classic): "Human societies must operate with the understanding that we are part of nature." (I do apologize to those of you who read this far into the comment not realizing that you were going to be moved to tears by these strikingly original thoughts).
Conclusion: George W. Bush is dumb, so Ralph Nader is smart!
There were several stories on Slashdot in the months before the RedHat IPO happened because many active Slashdot users were affected by it. There were several more during the week or two before the IPO due to price changes and E*Trade eligibility issues. There were many more after the IPO actually happened. The RedHat IPO was one of the most widely covered single events on Slashdot during that time. Oh, and did you know that RedHat is a company that makes a distribution of the operating system that this site tends to revolve around?
Gee . . . and you're searching for relevance.
You obviously were not clued into the whole RedHat IPO frenzy on Slashdot. That's okay, but you might not want to spend a significant portion of your time pointing out your own ignorance to the entire Slashdot community.
I agree 100% with this post. The explanations of your comments that were previously just generalizations are much more intellectually satisfying. Thanks for the reply.
Well, someone didn't read the article. Using the word "machine" in reference to this problem shows that your clue level has dropped off the charts, as it has nothing to do with hardware.
First of all, you're completely missing the methodology of the testing procedure (as are many other Slashdot readers). You're also assuming that they displayed the color on two separate machines simultaneously with different versions of a browser and just eyeballed 'em to see if they looked the same. This could not be further from the truth. From the article:
We started by creating a test page with all 216 colors. We placed a 60 x 60 GIF in the center of a table cell with CELLPADDING=10 and BGCOLOR set to the same HEX value as the GIF. What we're hoping for is that the little square GIF in the center will be identical to the color of the cell. If we can see the square -- even in the slightest degree -- it means that something went wrong.
You can look at the te st page to see what they're referring to (I'd suggest dropping down to 8-bit/256-color to get the point).
It has nothing to do with colors not looking quite right from one videocard/monitor/OS to another, it's all about the way the browser/OS match colors. That is, if you tell the browser to display #CCFF66 in 8-bit mode, it has to find the closest match that's actually in its available palette. Here is the problem: some browsers might determine that the closest match is #CCFFFF and some might determine that the closest match is #CCFF00.. and then when you throw in a GIF that's supposed to be the same color, your computers tends to use a completely different "algorithm" for determining how to match the GIF's color. So, the actual internal HEX value associated with a single-color GIF that's #CCFF66 and a section of a page with BGCOLOR set to #CCFF66 might not be the same on two different browsers. It is a tangible and measurable difference in values.
This isn't some sort of video-dependent thing or weird, quirky phenomenon that just makes colors "kinda look different." There is a qualitative variation in the way that colors are selected, regardless of how similar (or different) they might appear, depending on your monitor.
Although you could test more browsers and operating systems (this test was only concerned with Windows and Mac), there is nothing arbitrary about these 22 colors.
If you don't "untaint" it, then the program won't run. That's the beauty of tainted mode: you get an error telling you what variables might still be tainted if you haven't run them through a regexp of some sort. That's why it's perfect for people who don't have as much of a clue as they should have. (Note: this explanation of taint-checking is not comprehensive).
By the way, just pass -T to the Perl interpreter(e.g. "perl -T blah.pl") to enable tainting checks, or add -T to the header (e.g. "#!/usr/bin/perl -T"). Also, check out "perldoc perlsec" for a much more detailed explanation of everything Perl does to address the issues described in the article, including taint checks.
"Actually, no it doesn't... I have a suspicion... if I'm not mistaken... I'm not sure... I bet..."
If you're not sure, then your entire post is worthless. I'd be very interested to know whether you're right about environment variables. Once you figure out whether or not you have a clue, let us know. Until then, this doesn't shed a single ray of light on the issue.
Slashdot Mirror
From the FSF's Position on Proposed W3 Consortium "Royalty-Free" Patent Policy:
Feature creep is only bad when necessary focus on the existing product and its features is lost. The current Google Search product development is essentially stagnant, and rightly so. Other than the occassional maintenance and search algorithm tweaking, I don't really want Google's Search to change much.
Who cares of Google adds a few more tabs that I don't have to click on (but usually do). New features that you don't use aren't "bloat" when they're inconspicuous and harmless.
Their addition of AdWords and the Web Developer API shows that they're committed to adding new search-related technology, they're supporting the existing infrastructure, and the search GUI remains uncluttered. What more could we ask for?
The notion that "evil is growing" is no more applicable to Google than Fruit of the Loom.
Are you joking? Many companies invest hundreds of million dollars to build a product, take it to market, and scale it. Look at projects like Sprint's Broadband Wireless Group and their national ISP build-out to companies laying dark fiber across the country and around the world -- huge capital investment before they see any ROI.
Unlike GIMP, Photoshop actually supports CMYK, Pantone, and 16-bit/channel images. The entire pre-press industry depends on these features.
The only app for Linux that's competitive in this space is GIMP. According to GIMP's web site, supporting CMYK will "require a complete rewrite" of the painting engine and will not be available until GIMP 2.0 which some speculate will never come to fruition.
There are entire industries blocking on Linux having the capabilities that Photoshop provides. This is a great step in the right direction, even if it's just a stop-gap until GIMP 2.0 is available.
CMYK is a color model in which all colors are described as a mixture of these four process colors. CMYK is the standard color model used in offset printing for full-color documents. Because such printing uses inks of these four basic colors, it is often called four-color printing.
In contrast, display devices generally use a different color model called RGB, which stands for Red-Green-Blue. One of the most difficult aspects of desktop publishing in color is color matching -- properly converting the RGB colors into CMYK colors so that what gets printed looks the same as what appears on the monitor.
Photoshop does this rather well.
Are you disrespecting my PhD? Come to one of my classes and watch me write Win32 VXDs that make calls to WDM and see whether you still think that I was born in a cracker jack box, bitch.
Also, I'm an MCSE.
Const defaults to int. You're doing a direct comparison of a floating point with an integer.
I have a PhD in Visual C++. This is widely known among my graduate students.
NForce = NuisanceForce
You've probably seen some hardware reviews like this that describe some of the lateral front-side improvements that some of the ASIC frontiersmen have been embarking on, but the reality of it all doesn't always sink in during the course of creating a chipset duel like this. You can't ignore the inability to do PCI syncs on most of the higher-end pipelined components like the Creative Audigy and GeForce 3 Ti500.
If you dig a little, you'll see that those folks also have long history of solving problems like those described in your post. In fact, one of the market segments they've been targetting for the last few months involves sub-AGP register performance enhancement tailoring. So, while you end up with some benchmarks resembling AGP 8x, you find yourself wallowing in a sea of self-pity as your multimedia performace drops off the charts.
The practical implications of this are worse than vaporware. With all of this attention flowing in the direction of negative progress, we're likely to be more inhibited than we helped by this uncommitted branching of GDI code.
These bastards can take their front side resonating bleed factor, cover it in bubble wrap, and mail it to their mothers.
In Brian's case, this reminds me more of a guy walking his dog around his neighborhood on the sidewalk who notices that the front door of one of the houses was left wide open and that there are flashing neon signs pointing to the open door that read
ENTER HERE -->
TAKE EVERYTHING IN MY HOUSE! PLEASE! I DON'T WANT IT! IF I DID, WHY WOULD I PUT THIS SIGN UP AND LEAVE MY FRONT DOOR OPEN?
So, the guy looks at the mailbox to find a house number, looks up the number in the neighborhood directory, and calls the owner to make sure he's aware of the situtation.
We can start an entire thread on analogies for things like what Brian did and what portscanning is, but it just becomes subjective depending on how familiar you are with the technology. To many of us, open up a file that contains contact information after Frontpage accidentally goes into editing mode instead of read-only mode (or whatever) and then contacting someone about it seems trivial. But to your average FBI cybersleuth, it's just as trivial to spin this in an insanely dark direction.
Isn't it more fun to catch cybercriminals than to wander around determining that those people are actually innocent? Try to convince your average cocky FBI boy of that.
Tar up your terabyte, copy it across the Internet (or a private circuit, if you're really smart) to your off-site spare teraservers that cost $5k a piece. That's still an order of magnitude more cost-effective than shelling out the dough for Digital's disaster-tolerant FDDI remote clustering technology.
The bandwidth costs are irrelevant since they apply to any backup/clustering technology, and it's quite obvious that it's cheaper to buy lots of $5k terabytes and spread 'em out across the country than any of the big guys' "commercial enterprise-class solutions."
When in doubt, have your company buy 10 more terabytes just to be on the safe side. It's only $50k! Most manager-level positions at Fortune 500s can sign off on a purchase that size.
This stuff is great! Give terabytes as stocking-stuffers to your kids at Christmas.
I guarantee you that N, the cost for however many layers of redundancy it would take to make you comfortable with using these as production servers, where N = $5,000 * your preferred number of layers, is cheaper than your Netapp filers.
A quick search on google yields this:
$20k for a terabyte of rackmountable RAID5
Believe it, folks: Terabytes really are as cheap as the Slashdot headline makes it seem like they are.
After careful consideration, I have determined that every terabyte of data you want to backup will cost roughly $5,000.
Even if you don't do incremental backups, it's still a bargain. Hell, get some more of these teraservers and do software RAID between them; this is phenomenally cheap space, folks. For the price that companies are paying for this kind of space currently, you could buy tens of terabytes of space and make it octuple-redundant and still knock a heap of cash off of your capital budget.
"FBI uses reverse hacking to catch Russians" -- CNN.com
Oh yeah, reverse hacking... that's kinda like when someone punches you in the stomach and then you use reverse punching to get back at 'em.
Let's take a look at an executive summary of the etymology of this term: it's cropped up in a couple of mailing lists and yet it seems to have no useful meaning. A mere 35 hits on Google for 'reverse hacking', but it seems to have a different meaning each time it was used, from "corporate cyber-vigilantism" to "hacking your own computer." Although, it's used exclusively on reputable mailing lists like 'The Hacker Bulletin Board' and 'Windows Security Advice'.
"Reverse hacking" was referenced as early as 1987 by 1 person in the phreaking community to describe "services putting a carrier tone in thier recordings to fool your friendly hacking program into thinking that the code was valid". If that doesn't prove that this term adds no value to the English language, I'm not sure what would.
Anyhow, it's amusing that I suspected that this term was only used by a moron at CNN, and after 5 minutes of investigation, I determined that it was only used by morons around the world.
You can have one (and only one) of the following lines on your resume. Pick one:
- "I screwed my school by driving them nuts"
- "I started a web programming firm"
The difference between these two is non-trivial.
Letting yourself get caught up in the system (i.e. public education) is a great way to waste time. Take a step back and recognize that the opinions of your educators are insignificant and that you should do what will be best for yourself in the long run (e.g. not completing school, barely getting by to finish that high school diploma), not "showing them who's smartest by getting straight A's".
Without giving the targetted individual a static IP (that would be too suspicious), it's extremely difficult to design Carnivore in a way that would allow it to function without searching through all traffic on an entire IP subnet without using RADIUS.
As an aside, RADIUS packets are not sent in clear-text; they are encrypted using a common plain-text key that is (usually) manually assigned on both the RADIUS client and server. Is it breakable? Sure. But, then again, any value given to the FBI's explanation is derived from the notion that they aren't lying to you.
The bottom line(s):
I'm curious about something and I think the follow-up discussion will be interesting:
How do people that have been blind their entire life visualize things?
I don't mean to imply that they can't visualize, only that I'm wondering about the extent of their ability to create mental images and how they differ from my own (FYI, I am not blind). That is, it seems as thought they could feel an object and create some sort of wireframe-like thing in their head. Maybe a more appropriate question would have been directed at what they visualize. Most my visualization consist of a combination of things I've perceived with my eyes, not to mention issues associated with color.
Well, there's my potentially ignorant question that's probably only answerable by either blind people or someone who has close contact with them.
Educate us.
Which leads us to:
CPAN or C-PAN?
There were several stories on Slashdot in the months before the RedHat IPO happened because many active Slashdot users were affected by it. There were several more during the week or two before the IPO due to price changes and E*Trade eligibility issues. There were many more after the IPO actually happened. The RedHat IPO was one of the most widely covered single events on Slashdot during that time. Oh, and did you know that RedHat is a company that makes a distribution of the operating system that this site tends to revolve around?
Gee . . . and you're searching for relevance.
You obviously were not clued into the whole RedHat IPO frenzy on Slashdot. That's okay, but you might not want to spend a significant portion of your time pointing out your own ignorance to the entire Slashdot community.
I agree 100% with this post. The explanations of your comments that were previously just generalizations are much more intellectually satisfying. Thanks for the reply.
First of all, you're completely missing the methodology of the testing procedure (as are many other Slashdot readers). You're also assuming that they displayed the color on two separate machines simultaneously with different versions of a browser and just eyeballed 'em to see if they looked the same. This could not be further from the truth. From the article:You can look at the te st page to see what they're referring to (I'd suggest dropping down to 8-bit/256-color to get the point).
It has nothing to do with colors not looking quite right from one videocard/monitor/OS to another, it's all about the way the browser/OS match colors. That is, if you tell the browser to display #CCFF66 in 8-bit mode, it has to find the closest match that's actually in its available palette. Here is the problem: some browsers might determine that the closest match is #CCFFFF and some might determine that the closest match is #CCFF00.. and then when you throw in a GIF that's supposed to be the same color, your computers tends to use a completely different "algorithm" for determining how to match the GIF's color. So, the actual internal HEX value associated with a single-color GIF that's #CCFF66 and a section of a page with BGCOLOR set to #CCFF66 might not be the same on two different browsers. It is a tangible and measurable difference in values.
This isn't some sort of video-dependent thing or weird, quirky phenomenon that just makes colors "kinda look different." There is a qualitative variation in the way that colors are selected, regardless of how similar (or different) they might appear, depending on your monitor.
Although you could test more browsers and operating systems (this test was only concerned with Windows and Mac), there is nothing arbitrary about these 22 colors.
That's just plain hilarious. I agree 100%.
If you don't "untaint" it, then the program won't run. That's the beauty of tainted mode: you get an error telling you what variables might still be tainted if you haven't run them through a regexp of some sort. That's why it's perfect for people who don't have as much of a clue as they should have. (Note: this explanation of taint-checking is not comprehensive).
By the way, just pass -T to the Perl interpreter(e.g. "perl -T blah.pl") to enable tainting checks, or add -T to the header (e.g. "#!/usr/bin/perl -T"). Also, check out "perldoc perlsec" for a much more detailed explanation of everything Perl does to address the issues described in the article, including taint checks.
not to generalize, but they're all dumb.
(umm.. joke)