From your statements alone, I'd say Ron Paul is a "kook" because of his stance on the war. To be simplistic, Republicans are for war, Democrats are against it. So, if Paul is voting against the war he is not siding with the Republican Party; He is siding with the Democrats. So, a Republican siding with the Democrats is a "kook".
Oh dear, I knew when I saw the thread there would be trouble. Thought to myself 'Cmdr Taco is yanking their chain by leaving their man out'.
Ron Paul is unfortunately a kook who has in the past published racist and anti-semitic drivel. He might not have written it himself but it went out under his name and there is no way he can claim ignorance of what the magazine was about, when challenged on the drivel in the past he made no effort to disown it, much less condemn it.
I don't think Ron Paul's position on Iraq is the same as the Democrats. The Democrats are for Israel but opposed to continuing the fiasco in Iraq. Ron Paul on the other hand appears to have much the same position as Iran's Ahmedinijad, its kooky, cynical and probably anti-semitic.
The Republican position will be against the war in a not very short time. In fact some of them are already blaming the Democrats for starting it, I kid you not. Before long Faux News will be 'accidentally' labeling Bush a Democrat.
We could also destroy a couple of key water plants and cripple their country.
They could close the Straits of Hormuz to shipping and cripple every Western economy.
If we attack their civilian infrastructure they can and will retaliate against ours. We have rather more points of vulnerability than they do: power plants, chemical works, storage depots.
Why would a US carrier get within range of Iranian missiles? A USN CVBG is built around using it's aircraft to strike the enemy, and they can use air-to-air refueling to extend their range more than ten times that of an Iranian shore-to-sea missile. If the Iranian Navy wants to come out to fight they'll sink quite quickly. Iran has no hope of striking a US carrier.
The further out the carrier is from the targets, the longer the time it takes to get to and from the target area, the less time can be spent over the targets.
The supercarrier strategy was developed when? 1970s? 60s? Since then Russia and China have spent rather a lot of time working out strategies to sink them. Both have the resources to build a supercarrier, neither has chosen to do so. One explanation is the standard US military chest thumping 'we are supreme' approach, another is that missile technology has rendered supercarriers obsolete the same way that the machine gun rendered the cavalry charge obsolete.
If you're referring to the 2006 Hizbollah attack on a Saar 5 corvette, keep in mind that the Saar 5 has a displacement of 1227 tons, and a Nimitz-class carrier displaces over 100,000 tons. Damaging a Saar 5 is a long, long way from sinking a carrier.
The World Trade Center was even bigger, your point? If the electronic countermeasures can be defeated on the small ship by one missile I would not be too confident that the countermeasures on the larger ship cannot possibly be defeated by a simultaneous attack from many missiles.
Iran's airforce hasn't had proper maintenance since the days of the Shah. This was made clear in the first Persian Gulf war, when they couldn't defeat Iraq.
This is somewhat true of the US supplied planes, but the revolution was almost thirty years ago. Since then Iran has been buying planes from Russia and China and even more missiles. Iran has the second largest missile fleet in the third world, second only to North Korea.
If Iran is a pushover then why is everyone nervous of her? Seems to me that this is just more of the happy-think that got us into Iraq. Its easy to blunder into a disaster when anyone who dares suggest that the military might not be quite as strong as imagined can be dismissed as unpatriotic, a traitor or whatever.
I don't think that there is anyone in the military command left who has the guts to actually raise hard questions. After seven years of politicization the only generals left are the yes men.
Second, you're absolutely right that it would be suicidal. My understanding is that the Iranian Sunburn missiles can rather easily take out our supercarriers. Don't we just happen to have three right there in striking range? Is the idea that we get Iran to take out our supercarriers to JUSTIFY the ceaseless war and kick it up a notch?
Well one possibility is that they plan to use nuclear weapons after they lose the carriers. My working assumption is that Bush is a clinical psychopath and that he actually enjoies getting people killed, gives him a buzz. If so using a nuclear weapon would give him the biggest buzz of his life.
Before you dismiss this as Bush hatred, consider the peculiar reaction Bush had to the Texas executions, his insistence on keeping open the option to use torture at huge political cost despite the evident fact that the US is no longer using torture. I cannot explain this situation in political terms, it makes no sense.
These adventures in the middle east have not made the US stronger, they have made Iran stronger and the US weaker. A war with Iran will have the same effect resulting in a single pan-Shia state.
If this is the work of our spies, they aren't earning their salary. They're incompetent bastards who should be fired for lacking any type of stealth or subtlety.
Its a provocation, it does not have to be stealthy, the whole point is to get the Iranians to declare war on the US. Bush wants to start another war but lacks the political support at home to make the first move, he would be impeached. So instead the administration has been attempting to provoke the Iranians in various ways: arresting their diplomats in Iraq, conducting special operations in Iran, belicose rhetoric 'axis of evil', stationing three supercarriers in the gulf, etc.
The other half has been 'Tokinizing' Iranian activities, attempting to reconstruct the Tonkin Gulf incident, allegations that the Iranians are supplying the insurgency in Iraq, WMD claims and so on.
"A communications disruption can mean only one thing - invasion."
Who the hell thinks this comment is funny?
War is never funny. A war with Iran is likely to cost tens of thousands of US ervice lives and a hundred thousand or more Iranian lives within a few weeks. Cutting the cables is very likely intended to be a prelude to war. Most likely it is simply another provocation intended to cause Iran to commence the hostilities, if it was intended to support an actual invasion they should have waited until the last moment.
Iran is not going to be the pushover that Iraq was, although their military spending is only 1% of US spending, their cost basis is much lower. They have bought a lot of missiles, they have proved that their missiles are capable of sinking an Israeli naval ship with advanced electronic countermeasures. They are more than likely capable of sinking the supercarriers. They are certainly capable of sinking any tanker that is stupid enough to lumber through the straits.
The Iranians can certainly level the green zone and decapitate the US occupation. They can mount a land invasion and cut off the US forces by capturing Basra. They have had four years to gather comprehensive knowledge of the US order of battle etc. in Iraq from their HUMINT assets on the ground. The US does not even have an embassy in Iran, all US operatives in Iran are illegals and it is highly unlikely that the CIA has a tenth the number of agents in the whole of Iran as the Iranians have in Basra or Baghdad.
The US is unable to occupy Iraq, Iran has three times the population. Russia and China rely on Iranian oil supplies and are going to take every step necessary to prevent the US from gaining control of the middle east. They are just as willing to use nuclear weapons as the Bush administration is.
What we are looking at here is quite likely the end of US superpower status. If the US goes head to head with Iran and loses a supercarrier it will immediately sink to being on the same rank as China and Russia. That is not funny at all.
Around here, they're more like whipping boys. Now, if he'd started in on Linux security...
Well yes, kinda difficult to think of any forum where this type of presentation would be considered 'risky material'. But that does not stop it being any less true or needing to be said.
I do wish that Bruce would choose his targets a bit more carefully though. He has a tendency to come out with sweeping statements that sound good but don't mean quite what he intends them to mean.
Slight clarification about that last point. We do in fact seem to hear a lot about "Inept Terrorists" in the news, although the news never reports them as inept, rather they spin it as the brave efforts of the police narrowly avoiding massive catastrophe.
All the terrorists are inept, that does not stop them from being dangerous. The second generation of the Baader-Meinhof gang was litteraly recruited from a lunatic asylum. Catching inept criminals is still very difficult.
The problem with the recent scare-ware announcements in the US is that they have tended to be of wannabees and never-was types. Such folk can become dangerous, but not as dangerous as the posturing and grandstanding that the likes of Freeh, Ridge, Ashcroft, Giuliani and the rest have engaged in.
But comming back to the original question, yes having observed terrorists professionally for a number of years I would say that very few of them have what you would call a scientific mindset. They are not interested in enquiry, they have a complete ideological system that answers every question. They are certainly not interested in testing their precious little ideas.
The other point of reference is that a scientist is not much use to a terrorist group, they want practical skills like how to blow stuff up. Bin Laden is a civil engineer, so hw knows the weak spots in building design. But most terrorists have no real engineering skill either.
"No wait. I changed my mind. Destroy your copies! If you give away one of your photocopies, I will have you convicted for trafficking stolen property."
Well in the US he can say that, but whether the courts would enforce the claim is another matter entirely.
IANAL: The loophole some folk have attempted to use in the past is that copyright licenses cannot be granted verbally, there must be a signed statement. But the electronic signatures act means that no longer needs to be physical paper.
So what it comes down to is whether the copyright holder can revoke a license, I seriously doubt anyone knows for sure. It is the type of question that could easily cost a million or two to decide through litigation.
If someone took the code and made any sort of investment in it in the well founded belief that the code was under GPL then the doctrine of detrimental reliance would probably give that party recourse. If I was in that situation I would first send the guy a bill for my time charged at my last paid consulting rate ($3,000/day) or grant me a GPL2 license. If the bill was unpaid I would then file a lawsuit. The facts are fairly simple and uncontested, the case should not be expensive.
I suspect we might see a variation of this particular attack occur if GPL3 ever takes off and some folk decide that they are going to revoke the GPL2 license in favor of GPL3. That would be a bad, bad idea.
They want to make Cyber warfare illegal thus having a legal recourse for those who use it.
I think that they just want to blather on as if they understand what is going on here. Trying to ascribe other motives assumes too much of them.
Cyberwarfare has been going on for almost ten years. It does not amount to very much because we are not as dependent on technology as folk imagine. Case in point we lost all power on the North East coast of the US a few years back, civilization did not collapse. Even if these particular attacks are cyberwarfare and not just vandalism they are not going to bring society to its knees.
I don't think this is a particularly viable approach for extortion either. For an extortion racket to work you have to be sure that the target is not going to go to the police which means you have to either target a criminal business or be able to credibly threaten violence.
The real threat is not from the attack itself but the possibility of using a cyber-attack to augment a physical attack. So take out the Internet when you bomb the city so the disaster relief cannot function.
On terrorism the issue is money. AQ is not likely to turn to cyberwarfare. They have already taken out the NYSE and NASDAQ for a week and nobody cared much about that particular issue - it was the 3,000 murders. some AQ leaders have told their followers to learn how to do Internet crime, they can earn more in a day than a Pakistani policeman earns in a week.
Problem is, they're not feeding on each other; the feeding order is not circular, but rather pyramidal. The smart and resourceful ones get even richer through the bottom-feeders' "work".
Exactly, in the chat rooms the criminals are far more worried about each other than the forces of law and order. OK they are concerned that the person might be from a security company (our guys) or a police officer. But they are rather more angry about 'rippers' -criminals who take the money but never deliver the goods or take goods and don't pay for them.
In the shadowcrew organization about a third of the management team was occupied as enforcers. In fact that is how they got caught, they ended up in a turf war and someone turned them in to police.
As in all criminal organizations the guys at the bottom get chicken feed. All the money flows up the pyramid, just like the Sopranos. A street drug dealer is likely to be in prison of dead in two to three years on average and makes less than minimum wage. The typical botnet herder makes less than they would flipping burgers. All the money flows up.
Re:Software is under the eyes of regulators
on
Geekonomics
·
· Score: 1
How much money can a criminal expect to make selling illegal satellite decoders?
Between seven and eight figures, US dollars. It was very big business at the time. The cards sold for hundreds of dollars. Up to a million were sold. It was for a short time a very large market.
By contrast, how much money can a fraudster make defeating bank security? It should minimize the petty fraud, but not ellminate all fraud.
The typical phishing ring takes in much less than the pirate satellite gangs did in their prime. The largest phishing rings might come close to the satellite rings but I doubt that.
Losses due to Internet crime are large, profits to the criminals are much smaller and divided many ways. The vast bulk of the costs is caused by the petty fraud. Each phishing spam run costs a huge amount in customer service as people call up to enquire even if there is no actual monetary loss.
Put it this way, banks are all about making money. Why do you think improved security hasn't been implemented?
Well that is the subject of the two books, isn't it. The short form is that we are pretty good at deploying tactical security measures that have a short term effect, where the costs and benefits align. We are not so good at deploying strategic measures where the costs are not neatly aligned. In the case of Chip and PIN we need government action, we cannot deploy without it because of the anti-trust laws.
However I do know Pascal and to say Pascal is a broken language, when variants have been used with great success in niche markets is something I find hard to agree with. (eg. Borland Pascal compilers and then Delphi, also Miranda though not commercially).
All of which ignored the worst examples of Wirth's idiocy. For example the idea of typechecking the size of arrays. In ANSI Pascal an array of 4 integers is totally different from an array with 5. You cannot have a subroutine with a signature foo (int bar []). It has to be foo (int bar [4]). Try doing string handling libraries with that!
Kernighan pretty much nailed it in 1980 why Pascal is not my favorite language. I have used Borland Pascal quite a bit, back in the days it was just TurboPascal. It has much more in common with C than ANSI Pascal. It took me much longer to rewrite my programming class assignments in ANSI Pascal than it did to get them written in Turbo Pacal in the first place.
Sure you can make a decent-ish language using Pascal-like syntax. But the result is not Pascal. Back in the 80s we did a lot of things to make it possible to compile code on the 12 Mhz 16 bit PCs of the day. I don't see any value in inflicting them on student's today any more than punch cards and paper tape.
Just for your information, smallpox was not eradicated by vaccination. It was already on it's way out and in great decline before vaccination, which failed by the way at first to have any impact. It was only when the WHO started quarantine rules of villagers where smallpox was found that a decline was seen.
Well the argument I made did not depend on the efficacy of vaccination so in that respect the claim is irrelevant.
But the claim you are making here is not generally accepted in the field. It appears that there is ample reason to beleive the efficacy of vaccination. You don't provide any backing for your counter-claims.
Doesn't work well with punch card tabulator MUAs or something.
Actually its the Pine/Mutt crowd who have their clients set to show the end of the message by default. Same as there are folk who complain about HTML email.
And what's this "HTML allows a much more pleasant user experience than plaintext" business? Your crappy legal-pad background with glitter stars and blinking comic sans does not constitute a "much more pleasant user experience."
Like Algol60, HTML 2.0 was rather better than its successors in many respects. I don't like backgrounds or fancy fonts, they should be for the reader to choose. Use colour and other cues to distinguish between posters in the thread.
The features of HTML email I think useful are the ability to do bold, italic and change font size and the reader's MUA gets to wrap the lines correctly for the reader's screen rather than having them wrapped at an arbitrary 76 or 66 or whatever - which then breaks when quoted text is re-wrapped.
Whoa. How'd we get from C# to APL? I'm supposed to be the one advocating arcane mathematical languages.
You tried to make a point based on Fortran support for COMPLEX data types as built in rather than libraries. APL is reducto ad absurdum on that one.
I'm supposed to be the one advocating arcane mathematical languages.
You picked the wrong person for that weenie-measurement contest. I have probably designed more languages than you have used.
Exactly. Which is why you use the right tool for the job. If you want to make online games, use a byte code interpreter
Why? I think the byte code approach is a mistake. It was done for Sun tactical reasons in the days when they were still plugging away with SPARC. Byte code compatibility is not very interesting. The Microsoft approach with CRL is much more powerful: compile down to the target processor at install time or on the fly.
The CLR completely eliminates the overhead associated with the byte code approach. The CLR output is simply the intermediate stage of the pre-existing Microsoft C++ compiler. So you get full access to all the power of the machine.
This is going to become even more apparent going forward as the CLR format is extended to support vector operations. Then it becomes possible for the code installer to target code to the video processors. Try that in Java.
Re:Software is under the eyes of regulators
on
Geekonomics
·
· Score: 1
I think you'd find you'd just up the ante. Criminals would respond.
Easy to say, but rather less likely than you might imagine. Ten years ago there was a large market for pirated satellite decoders. The security systems used for satellite TV are nowhere close to the security of EMV Chip and PIN but there really hasn't been a viable pirate decoder market since Season 7 in the mid 90s. The satellite systems are a much harder proposition because the communication is unidirectional and the attacker can physically destroy one or many cards to extract the keys.
For starters no standard file access: "ALGOL 60 as officially defined had no I/O facilities; implementations defined their own in ways that were rarely compatible with each other."
Well having had the editor of the Algol 60 spec as my college tutor I would tend towards his explanation which was that Algol became too complex. The features that were added to Algol 68 seemed to be a good idea at the time but the result was a language that was too complex and unweildy.
Using Pascal as a counter-example here is pretty weak to say the least, its a bit like saying that Scheme made LISP redundant. Pascal was designed from the start to be an alternative successor to Algol 60, just as Java and Objective C were alternative successors to C. The ability to spawn off successors that supercede the parent is a sign of health, not failure. Fortran and COBOL have been sterile dead ends for decades. Their only successors will be themselves. The only way that they will change is by acreeting features of successful languages like Java and C#.
Using Pascal as a teaching language is a very bad idea because it is a broken language. Wirthless as the saying goes. Optimizing the language to support one pass compilation was a dreadful mistake. The type system is utterly broken, the syntax pedantic.
In the 1990s there was good reason to use Pascal over FORTRAN or Basic. I learned Pascal for a mandatory computer programming course after learning Basic, Assembler, FORTRAN, ACSL and C. By that time there really wasn't anything to recommend it.
If you are going to correct someone on a point of pedantry, get the pedantry right.
Can your namby pamby little Java applet correctly multiply two complex matrices with a simple, native multiplication operator? Didn't think so.
Can you do a Fast Forurier Transform in Fortran using a native operator? You can in APL. In FORTRAN you probably end up using Rene Brun's CERNLIB code, oh dear, bad luck.
You are never going to be able to support every possible function in the core. The C approach of removing as much functionality from the core as possible and using libraries has proved much better in the long run. Fortran has built in I/O primitives based on an obsolete hardware reference model. Java and C# have no intrinsic I/O, nor do they need any.
Far more significant than whether something is intrinsic or not is how well extrinsic functions integrate. Here C# beats Fortran hands down. You can overload any operator. So you can write code like a = b + c * d where the variables are complex or matrices and such. In Fortran you have to call a subroutine to do anything beyond the core. And because of the legacy issues it is probably called something like FFTRL2 because it was originally written for an MVS machine with a 6 character linker.
That unfortunately is the reason most quoted for using e-mail in the first place. Most upper management (and middle management) view e-mail not as a communication tool, but as a way to CYA. The phrase "Send it to me in an e-mail." is uttered far to often not because they need reminding or somehow didn't hear you just tell them that, but because they want it in writing.
Likewise the most common management complaint on email is not lack of netiquette but complete lack of common sense. The emails with sexual content, harassment, insults, expletives etc sent to co-workers are bad enough. The ones sent out to customers are rather worse.
Oh yes it does happen, and often enough for people to ask me for a solution.
The nettiquete complaints tend to be in the eye of the beholder and the beholder's email client. Some folk complain endlessly about top-posting. But if you use an email-pager there really is no choice but to top post: the alternative would be to download the whole message onto the device. Likewise trimming the thread, simply cannot be done on most handhelds.
Making the email clients more intelligent is one approach, making the content more intelligent is probably a better one. HTML is not designed as an email format (trust me, I was there). HTML allows a much more pleasant user experience than plaintext formatted to a VT100 screen width but it does not expose the annotation structure of the message as you would want.
FORTRAN is not obsolete. It is still the most powerful language for hard-core mathematical operations.
I think you will find Mathematica is orders of magnitude more powerful.
What specific feature of Fortran do you consider to make it more suitable for mathematical operations? The parsing of equations is rudimentary, the built in math functions minimal. Other languages support hints for vectorization.
This is one of those statements that is endlessly repeated regardless of whether it is true.
Incidentally, its been Fortran not FORTRAN since Fortran95 and FORTRAN was never an acronym.
Having seen the code written by physicists it is clear to me that the less Fortran they see the better. It certainly does not teach anyone to write good code, nor does COBOL. Look at an extensive system in either and you will find acres of poorly abstracted template code. Hundreds of subroutines that do essentially the same thing in the same way with very minor changes.
FORTRAN (the current version) is still very much alive in academia. You'll find a lot of scientists still write programs in the language. In fact that was what it was designed for, it's NOT a General Purpose Language such as Java, Pascal, C/C++.
That is not true, certainly as far as Fortran8X is concerned. I discussed this point with the raporteur for the standard. It was intended to be a general purpose language.
I have had extensive experience of watching scientists plug away in FORTRAN. It is not a pretty sight.
At the time there was a real value in Fortran over C, it had array bounds checking for starters. And it was certainly easier to find a compiler that did vectorization for FORTRAN than for C. But the idea that FORTRAN was optimized for scientific computing is a fable. You could say that of APL but not FORTRAN.
By the time 8x became FORTRAN90 it had been superceeded in every way by Microsoft BASIC.
Re:Software is under the eyes of regulators
on
Geekonomics
·
· Score: 1
I think you'll find that while improving security is easy over the current situation, provided you're willing to wear the cost of doing so (which unfortunately may be the difference between a company or technology being technologically viable and not), the idea that a perfect attack-proof system could be built is a fallacy.
Every successful attack against Chip and PIN to date has been against the transition arrangements to support legacy systems. While smartcards are not invulnerable (Pau Kocher's timing attacks etc) they are more than sufficient to mitigate risk.
Besides which I never said that we could eliminate the possibility of Internet crime. The point is that we can stop pretty much all the Internet crimes that hit the headlines today by changing the banking infrastructure.
It's way too easy to blame the initial inventors of the C language for not checking for buffer overflows, but that too is a mistake. They wrote the system in the 60s for machines that today are routinely outdone by desktop calculators.
The machines they were using were several orders of magnitude faster than the ones that Hoare and co wrote Algol 60 on. Algol 60 had bounds checking. Hoare argued against it at the time - it was the subject of his Turing award lecture.
The difference was the switch from batch mode to interactive. Running in batch the cost of a mistake is much greater - it costs an entire run. Running interactive you are waiting for the result.
Even so, I find it somewhat incongruous for folk to praise UNIX and flame Microsoft for a type of security bug that was introduced by the UNIX architects and identified as a mistake at the time.
Thanks for reading my post. I can see you clearly have a lucid understanding of what I said by the fact that you replied on a completely different topic. My point, if you'd bothered to try to comprehend it, is that the universities/colleges/etc are interested not in teaching, but in producing "coding fodder" for the IT industry.
You had a point? I thought you were just karma whoring with a contentless snark.
I do agree that Universities should teach better karma whoring technique, not just produce coding foder, it is pretty sad to see folk like yourself who are still waiting to get their +1 karma bonus after over a hundred posts.
Get rid of Cobol, Ada, SQL and FORTRAN. Students don't need 'em half as much as they need prime slashdot snarking skills.
As for TFA, when is a dupe not a dupe? When it is posted as a followup to the original with zero new content.
Re:Software is under the eyes of regulators
on
Geekonomics
·
· Score: 1
Ob Disclosure: I wrote The dotCrime Manifesto: How to stop Internet crime which is a companion book in the same series. My take is rather different however.
If books did steal credit card numbers, whose fault would that be? The authors, the publishers, the readers or the banks who use credit card numbers as an authentication mechanism rather than Chip and PIN smart cards?
It is really easy to point fingers, but working out where the responsibility should lie is rather harder. I don't think that Microsoft, Apple or the Internet should be blamed for the fact that the banks have idiotic security systems.
Dumping on Microsoft rather than Bank of America and Citibank is certainly easier and more popular. But who has the greater capability to change?
It does not matter which system you use, they all have at least one security bug and that is enough for an attacker. The different rates of attack track incentive above all. If we are going to blame anyone in the security world then Kernighan, Richie, Pike et al. would seem to be the prime culprits for inventing the buffer overflow error.
Telling people to build secure systems is easy. Telling them how, rather harder. We have tried building secure software by not making mistakes for twenty years. It simply has not happened. There are some folk like Bernstein who can actually write secure code without errors, but thats one programmer in a hundred.
We need to work out ways to build systems so that they are not so vulnerable to a single mistake. Credit card numbers should be considered obsolete. They could be deployed in North America. They are not deployed because of an economic mismatch: the costs and benefits of upgrading to Chip and PIN are out of alignment. That did not matter in Eurpoe because the card issuers are also the acquirers. In the states there are 10,000 issuers and 6 acquirers that matter.
At the end of the day I do agree that getting the economics right is vital if we are going to stop Internet crime. I just think we need to look beyond what reinforces our prejudices and makes us feel happy.
There is absolutely nothing to be said for learning how to program using badly designed tools. Cobol, Fortran, Ada are obsolete tools.
There is certainly something to be said for learning C. Can't say that I would bother with C++ at this point. If you are going to implement an interpreter or run time package you are going to need to understand pointers.
Slashdot Mirror
Oh dear, I knew when I saw the thread there would be trouble. Thought to myself 'Cmdr Taco is yanking their chain by leaving their man out'.
Ron Paul is unfortunately a kook who has in the past published racist and anti-semitic drivel. He might not have written it himself but it went out under his name and there is no way he can claim ignorance of what the magazine was about, when challenged on the drivel in the past he made no effort to disown it, much less condemn it.
I don't think Ron Paul's position on Iraq is the same as the Democrats. The Democrats are for Israel but opposed to continuing the fiasco in Iraq. Ron Paul on the other hand appears to have much the same position as Iran's Ahmedinijad, its kooky, cynical and probably anti-semitic.
The Republican position will be against the war in a not very short time. In fact some of them are already blaming the Democrats for starting it, I kid you not. Before long Faux News will be 'accidentally' labeling Bush a Democrat.
They could close the Straits of Hormuz to shipping and cripple every Western economy.
If we attack their civilian infrastructure they can and will retaliate against ours. We have rather more points of vulnerability than they do: power plants, chemical works, storage depots.
The further out the carrier is from the targets, the longer the time it takes to get to and from the target area, the less time can be spent over the targets.
The supercarrier strategy was developed when? 1970s? 60s? Since then Russia and China have spent rather a lot of time working out strategies to sink them. Both have the resources to build a supercarrier, neither has chosen to do so. One explanation is the standard US military chest thumping 'we are supreme' approach, another is that missile technology has rendered supercarriers obsolete the same way that the machine gun rendered the cavalry charge obsolete.
If you're referring to the 2006 Hizbollah attack on a Saar 5 corvette, keep in mind that the Saar 5 has a displacement of 1227 tons, and a Nimitz-class carrier displaces over 100,000 tons. Damaging a Saar 5 is a long, long way from sinking a carrier.
The World Trade Center was even bigger, your point? If the electronic countermeasures can be defeated on the small ship by one missile I would not be too confident that the countermeasures on the larger ship cannot possibly be defeated by a simultaneous attack from many missiles.
Iran's airforce hasn't had proper maintenance since the days of the Shah. This was made clear in the first Persian Gulf war, when they couldn't defeat Iraq.
This is somewhat true of the US supplied planes, but the revolution was almost thirty years ago. Since then Iran has been buying planes from Russia and China and even more missiles. Iran has the second largest missile fleet in the third world, second only to North Korea.
If Iran is a pushover then why is everyone nervous of her? Seems to me that this is just more of the happy-think that got us into Iraq. Its easy to blunder into a disaster when anyone who dares suggest that the military might not be quite as strong as imagined can be dismissed as unpatriotic, a traitor or whatever.
I don't think that there is anyone in the military command left who has the guts to actually raise hard questions. After seven years of politicization the only generals left are the yes men.
Well one possibility is that they plan to use nuclear weapons after they lose the carriers. My working assumption is that Bush is a clinical psychopath and that he actually enjoies getting people killed, gives him a buzz. If so using a nuclear weapon would give him the biggest buzz of his life.
Before you dismiss this as Bush hatred, consider the peculiar reaction Bush had to the Texas executions, his insistence on keeping open the option to use torture at huge political cost despite the evident fact that the US is no longer using torture. I cannot explain this situation in political terms, it makes no sense.
These adventures in the middle east have not made the US stronger, they have made Iran stronger and the US weaker. A war with Iran will have the same effect resulting in a single pan-Shia state.
Its a provocation, it does not have to be stealthy, the whole point is to get the Iranians to declare war on the US. Bush wants to start another war but lacks the political support at home to make the first move, he would be impeached. So instead the administration has been attempting to provoke the Iranians in various ways: arresting their diplomats in Iraq, conducting special operations in Iran, belicose rhetoric 'axis of evil', stationing three supercarriers in the gulf, etc.
The other half has been 'Tokinizing' Iranian activities, attempting to reconstruct the Tonkin Gulf incident, allegations that the Iranians are supplying the insurgency in Iraq, WMD claims and so on.
Who the hell thinks this comment is funny?
War is never funny. A war with Iran is likely to cost tens of thousands of US ervice lives and a hundred thousand or more Iranian lives within a few weeks. Cutting the cables is very likely intended to be a prelude to war. Most likely it is simply another provocation intended to cause Iran to commence the hostilities, if it was intended to support an actual invasion they should have waited until the last moment.
Iran is not going to be the pushover that Iraq was, although their military spending is only 1% of US spending, their cost basis is much lower. They have bought a lot of missiles, they have proved that their missiles are capable of sinking an Israeli naval ship with advanced electronic countermeasures. They are more than likely capable of sinking the supercarriers. They are certainly capable of sinking any tanker that is stupid enough to lumber through the straits.
The Iranians can certainly level the green zone and decapitate the US occupation. They can mount a land invasion and cut off the US forces by capturing Basra. They have had four years to gather comprehensive knowledge of the US order of battle etc. in Iraq from their HUMINT assets on the ground. The US does not even have an embassy in Iran, all US operatives in Iran are illegals and it is highly unlikely that the CIA has a tenth the number of agents in the whole of Iran as the Iranians have in Basra or Baghdad.
The US is unable to occupy Iraq, Iran has three times the population. Russia and China rely on Iranian oil supplies and are going to take every step necessary to prevent the US from gaining control of the middle east. They are just as willing to use nuclear weapons as the Bush administration is.
What we are looking at here is quite likely the end of US superpower status. If the US goes head to head with Iran and loses a supercarrier it will immediately sink to being on the same rank as China and Russia. That is not funny at all.
Well yes, kinda difficult to think of any forum where this type of presentation would be considered 'risky material'. But that does not stop it being any less true or needing to be said.
I do wish that Bruce would choose his targets a bit more carefully though. He has a tendency to come out with sweeping statements that sound good but don't mean quite what he intends them to mean.
All the terrorists are inept, that does not stop them from being dangerous. The second generation of the Baader-Meinhof gang was litteraly recruited from a lunatic asylum. Catching inept criminals is still very difficult.
The problem with the recent scare-ware announcements in the US is that they have tended to be of wannabees and never-was types. Such folk can become dangerous, but not as dangerous as the posturing and grandstanding that the likes of Freeh, Ridge, Ashcroft, Giuliani and the rest have engaged in.
But comming back to the original question, yes having observed terrorists professionally for a number of years I would say that very few of them have what you would call a scientific mindset. They are not interested in enquiry, they have a complete ideological system that answers every question. They are certainly not interested in testing their precious little ideas.
The other point of reference is that a scientist is not much use to a terrorist group, they want practical skills like how to blow stuff up. Bin Laden is a civil engineer, so hw knows the weak spots in building design. But most terrorists have no real engineering skill either.
How can I get my 3D Pr0n now?
Well in the US he can say that, but whether the courts would enforce the claim is another matter entirely.
IANAL: The loophole some folk have attempted to use in the past is that copyright licenses cannot be granted verbally, there must be a signed statement. But the electronic signatures act means that no longer needs to be physical paper.
So what it comes down to is whether the copyright holder can revoke a license, I seriously doubt anyone knows for sure. It is the type of question that could easily cost a million or two to decide through litigation.
If someone took the code and made any sort of investment in it in the well founded belief that the code was under GPL then the doctrine of detrimental reliance would probably give that party recourse. If I was in that situation I would first send the guy a bill for my time charged at my last paid consulting rate ($3,000/day) or grant me a GPL2 license. If the bill was unpaid I would then file a lawsuit. The facts are fairly simple and uncontested, the case should not be expensive.
I suspect we might see a variation of this particular attack occur if GPL3 ever takes off and some folk decide that they are going to revoke the GPL2 license in favor of GPL3. That would be a bad, bad idea.
I think that they just want to blather on as if they understand what is going on here. Trying to ascribe other motives assumes too much of them.
Cyberwarfare has been going on for almost ten years. It does not amount to very much because we are not as dependent on technology as folk imagine. Case in point we lost all power on the North East coast of the US a few years back, civilization did not collapse. Even if these particular attacks are cyberwarfare and not just vandalism they are not going to bring society to its knees.
I don't think this is a particularly viable approach for extortion either. For an extortion racket to work you have to be sure that the target is not going to go to the police which means you have to either target a criminal business or be able to credibly threaten violence.
The real threat is not from the attack itself but the possibility of using a cyber-attack to augment a physical attack. So take out the Internet when you bomb the city so the disaster relief cannot function.
On terrorism the issue is money. AQ is not likely to turn to cyberwarfare. They have already taken out the NYSE and NASDAQ for a week and nobody cared much about that particular issue - it was the 3,000 murders. some AQ leaders have told their followers to learn how to do Internet crime, they can earn more in a day than a Pakistani policeman earns in a week.
I did a recent blog on this responding to the idiotic Giuliani National Security plan.
Exactly, in the chat rooms the criminals are far more worried about each other than the forces of law and order. OK they are concerned that the person might be from a security company (our guys) or a police officer. But they are rather more angry about 'rippers' -criminals who take the money but never deliver the goods or take goods and don't pay for them.
In the shadowcrew organization about a third of the management team was occupied as enforcers. In fact that is how they got caught, they ended up in a turf war and someone turned them in to police.
As in all criminal organizations the guys at the bottom get chicken feed. All the money flows up the pyramid, just like the Sopranos. A street drug dealer is likely to be in prison of dead in two to three years on average and makes less than minimum wage. The typical botnet herder makes less than they would flipping burgers. All the money flows up.
Between seven and eight figures, US dollars. It was very big business at the time. The cards sold for hundreds of dollars. Up to a million were sold. It was for a short time a very large market.
By contrast, how much money can a fraudster make defeating bank security? It should minimize the petty fraud, but not ellminate all fraud.
The typical phishing ring takes in much less than the pirate satellite gangs did in their prime. The largest phishing rings might come close to the satellite rings but I doubt that.
Losses due to Internet crime are large, profits to the criminals are much smaller and divided many ways. The vast bulk of the costs is caused by the petty fraud. Each phishing spam run costs a huge amount in customer service as people call up to enquire even if there is no actual monetary loss.
Put it this way, banks are all about making money. Why do you think improved security hasn't been implemented?
Well that is the subject of the two books, isn't it. The short form is that we are pretty good at deploying tactical security measures that have a short term effect, where the costs and benefits align. We are not so good at deploying strategic measures where the costs are not neatly aligned. In the case of Chip and PIN we need government action, we cannot deploy without it because of the anti-trust laws.
However I do know Pascal and to say Pascal is a broken language, when variants have been used with great success in niche markets is something I find hard to agree with. (eg. Borland Pascal compilers and then Delphi, also Miranda though not commercially).
All of which ignored the worst examples of Wirth's idiocy. For example the idea of typechecking the size of arrays. In ANSI Pascal an array of 4 integers is totally different from an array with 5. You cannot have a subroutine with a signature foo (int bar []). It has to be foo (int bar [4]). Try doing string handling libraries with that!
Kernighan pretty much nailed it in 1980 why Pascal is not my favorite language. I have used Borland Pascal quite a bit, back in the days it was just TurboPascal. It has much more in common with C than ANSI Pascal. It took me much longer to rewrite my programming class assignments in ANSI Pascal than it did to get them written in Turbo Pacal in the first place.
Sure you can make a decent-ish language using Pascal-like syntax. But the result is not Pascal. Back in the 80s we did a lot of things to make it possible to compile code on the 12 Mhz 16 bit PCs of the day. I don't see any value in inflicting them on student's today any more than punch cards and paper tape.
Well the argument I made did not depend on the efficacy of vaccination so in that respect the claim is irrelevant.
But the claim you are making here is not generally accepted in the field. It appears that there is ample reason to beleive the efficacy of vaccination. You don't provide any backing for your counter-claims.
Doesn't work well with punch card tabulator MUAs or something.
Actually its the Pine/Mutt crowd who have their clients set to show the end of the message by default. Same as there are folk who complain about HTML email.
And what's this "HTML allows a much more pleasant user experience than plaintext" business? Your crappy legal-pad background with glitter stars and blinking comic sans does not constitute a "much more pleasant user experience."
Like Algol60, HTML 2.0 was rather better than its successors in many respects. I don't like backgrounds or fancy fonts, they should be for the reader to choose. Use colour and other cues to distinguish between posters in the thread.
The features of HTML email I think useful are the ability to do bold, italic and change font size and the reader's MUA gets to wrap the lines correctly for the reader's screen rather than having them wrapped at an arbitrary 76 or 66 or whatever - which then breaks when quoted text is re-wrapped.
You tried to make a point based on Fortran support for COMPLEX data types as built in rather than libraries. APL is reducto ad absurdum on that one.
I'm supposed to be the one advocating arcane mathematical languages.
You picked the wrong person for that weenie-measurement contest. I have probably designed more languages than you have used.
Exactly. Which is why you use the right tool for the job. If you want to make online games, use a byte code interpreter
Why? I think the byte code approach is a mistake. It was done for Sun tactical reasons in the days when they were still plugging away with SPARC. Byte code compatibility is not very interesting. The Microsoft approach with CRL is much more powerful: compile down to the target processor at install time or on the fly.
The CLR completely eliminates the overhead associated with the byte code approach. The CLR output is simply the intermediate stage of the pre-existing Microsoft C++ compiler. So you get full access to all the power of the machine.
This is going to become even more apparent going forward as the CLR format is extended to support vector operations. Then it becomes possible for the code installer to target code to the video processors. Try that in Java.
Easy to say, but rather less likely than you might imagine. Ten years ago there was a large market for pirated satellite decoders. The security systems used for satellite TV are nowhere close to the security of EMV Chip and PIN but there really hasn't been a viable pirate decoder market since Season 7 in the mid 90s. The satellite systems are a much harder proposition because the communication is unidirectional and the attacker can physically destroy one or many cards to extract the keys.
For starters no standard file access: "ALGOL 60 as officially defined had no I/O facilities; implementations defined their own in ways that were rarely compatible with each other."
Well having had the editor of the Algol 60 spec as my college tutor I would tend towards his explanation which was that Algol became too complex. The features that were added to Algol 68 seemed to be a good idea at the time but the result was a language that was too complex and unweildy.
Using Pascal as a counter-example here is pretty weak to say the least, its a bit like saying that Scheme made LISP redundant. Pascal was designed from the start to be an alternative successor to Algol 60, just as Java and Objective C were alternative successors to C. The ability to spawn off successors that supercede the parent is a sign of health, not failure. Fortran and COBOL have been sterile dead ends for decades. Their only successors will be themselves. The only way that they will change is by acreeting features of successful languages like Java and C#.
Using Pascal as a teaching language is a very bad idea because it is a broken language. Wirthless as the saying goes. Optimizing the language to support one pass compilation was a dreadful mistake. The type system is utterly broken, the syntax pedantic.
In the 1990s there was good reason to use Pascal over FORTRAN or Basic. I learned Pascal for a mandatory computer programming course after learning Basic, Assembler, FORTRAN, ACSL and C. By that time there really wasn't anything to recommend it.
No, it was FORTRAN, right up to FORTRAN90.
After that it became Fortran, as in Fortran95.
If you are going to correct someone on a point of pedantry, get the pedantry right.
Can your namby pamby little Java applet correctly multiply two complex matrices with a simple, native multiplication operator? Didn't think so.
Can you do a Fast Forurier Transform in Fortran using a native operator? You can in APL. In FORTRAN you probably end up using Rene Brun's CERNLIB code, oh dear, bad luck.
You are never going to be able to support every possible function in the core. The C approach of removing as much functionality from the core as possible and using libraries has proved much better in the long run. Fortran has built in I/O primitives based on an obsolete hardware reference model. Java and C# have no intrinsic I/O, nor do they need any.
Far more significant than whether something is intrinsic or not is how well extrinsic functions integrate. Here C# beats Fortran hands down. You can overload any operator. So you can write code like a = b + c * d where the variables are complex or matrices and such. In Fortran you have to call a subroutine to do anything beyond the core. And because of the legacy issues it is probably called something like FFTRL2 because it was originally written for an MVS machine with a 6 character linker.
Likewise the most common management complaint on email is not lack of netiquette but complete lack of common sense. The emails with sexual content, harassment, insults, expletives etc sent to co-workers are bad enough. The ones sent out to customers are rather worse.
Oh yes it does happen, and often enough for people to ask me for a solution.
The nettiquete complaints tend to be in the eye of the beholder and the beholder's email client. Some folk complain endlessly about top-posting. But if you use an email-pager there really is no choice but to top post: the alternative would be to download the whole message onto the device. Likewise trimming the thread, simply cannot be done on most handhelds.
Making the email clients more intelligent is one approach, making the content more intelligent is probably a better one. HTML is not designed as an email format (trust me, I was there). HTML allows a much more pleasant user experience than plaintext formatted to a VT100 screen width but it does not expose the annotation structure of the message as you would want.
We could add those features to HTML via an RDFa gloss. I proposed a similar approach for blogs to stop linkspam at the W3C TPAC last year.
I think you will find Mathematica is orders of magnitude more powerful.
What specific feature of Fortran do you consider to make it more suitable for mathematical operations? The parsing of equations is rudimentary, the built in math functions minimal. Other languages support hints for vectorization.
This is one of those statements that is endlessly repeated regardless of whether it is true.
Incidentally, its been Fortran not FORTRAN since Fortran95 and FORTRAN was never an acronym.
Having seen the code written by physicists it is clear to me that the less Fortran they see the better. It certainly does not teach anyone to write good code, nor does COBOL. Look at an extensive system in either and you will find acres of poorly abstracted template code. Hundreds of subroutines that do essentially the same thing in the same way with very minor changes.
That is not true, certainly as far as Fortran8X is concerned. I discussed this point with the raporteur for the standard. It was intended to be a general purpose language.
I have had extensive experience of watching scientists plug away in FORTRAN. It is not a pretty sight.
At the time there was a real value in Fortran over C, it had array bounds checking for starters. And it was certainly easier to find a compiler that did vectorization for FORTRAN than for C. But the idea that FORTRAN was optimized for scientific computing is a fable. You could say that of APL but not FORTRAN.
By the time 8x became FORTRAN90 it had been superceeded in every way by Microsoft BASIC.
Every successful attack against Chip and PIN to date has been against the transition arrangements to support legacy systems. While smartcards are not invulnerable (Pau Kocher's timing attacks etc) they are more than sufficient to mitigate risk.
Besides which I never said that we could eliminate the possibility of Internet crime. The point is that we can stop pretty much all the Internet crimes that hit the headlines today by changing the banking infrastructure.
It's way too easy to blame the initial inventors of the C language for not checking for buffer overflows, but that too is a mistake. They wrote the system in the 60s for machines that today are routinely outdone by desktop calculators.
The machines they were using were several orders of magnitude faster than the ones that Hoare and co wrote Algol 60 on. Algol 60 had bounds checking. Hoare argued against it at the time - it was the subject of his Turing award lecture.
The difference was the switch from batch mode to interactive. Running in batch the cost of a mistake is much greater - it costs an entire run. Running interactive you are waiting for the result.
Even so, I find it somewhat incongruous for folk to praise UNIX and flame Microsoft for a type of security bug that was introduced by the UNIX architects and identified as a mistake at the time.
You had a point? I thought you were just karma whoring with a contentless snark.
I do agree that Universities should teach better karma whoring technique, not just produce coding foder, it is pretty sad to see folk like yourself who are still waiting to get their +1 karma bonus after over a hundred posts.
Get rid of Cobol, Ada, SQL and FORTRAN. Students don't need 'em half as much as they need prime slashdot snarking skills.
As for TFA, when is a dupe not a dupe? When it is posted as a followup to the original with zero new content.
If books did steal credit card numbers, whose fault would that be? The authors, the publishers, the readers or the banks who use credit card numbers as an authentication mechanism rather than Chip and PIN smart cards?
It is really easy to point fingers, but working out where the responsibility should lie is rather harder. I don't think that Microsoft, Apple or the Internet should be blamed for the fact that the banks have idiotic security systems.
Dumping on Microsoft rather than Bank of America and Citibank is certainly easier and more popular. But who has the greater capability to change?
It does not matter which system you use, they all have at least one security bug and that is enough for an attacker. The different rates of attack track incentive above all. If we are going to blame anyone in the security world then Kernighan, Richie, Pike et al. would seem to be the prime culprits for inventing the buffer overflow error.
Telling people to build secure systems is easy. Telling them how, rather harder. We have tried building secure software by not making mistakes for twenty years. It simply has not happened. There are some folk like Bernstein who can actually write secure code without errors, but thats one programmer in a hundred.
We need to work out ways to build systems so that they are not so vulnerable to a single mistake. Credit card numbers should be considered obsolete. They could be deployed in North America. They are not deployed because of an economic mismatch: the costs and benefits of upgrading to Chip and PIN are out of alignment. That did not matter in Eurpoe because the card issuers are also the acquirers. In the states there are 10,000 issuers and 6 acquirers that matter.
At the end of the day I do agree that getting the economics right is vital if we are going to stop Internet crime. I just think we need to look beyond what reinforces our prejudices and makes us feel happy.
There is certainly something to be said for learning C. Can't say that I would bother with C++ at this point. If you are going to implement an interpreter or run time package you are going to need to understand pointers.