Federal judges are appointed by Presidents and have to be confirmed by the Senate. They are usually of a very high quality. State judges, by comparison, are not usually as highly regarded. Many of them are political appointees or popular electees - not subject to the same level of peer approval required for federal judges.
That depends on the president appointing them. Thomas and Jackson both were evidently unqualified at the time they were proposed. But on average the quality of federal judges is certainly higher.
I don't think that the class action bill will work the way that its promoters intend. I think that it is most likely to eliminate the '$5 coupon' type of settlement where the principle objective is to pump up the lawyer's fees to the maximum possible and let the persons damaged by the defendant's behavior go hang.
I don't think it very likely that the Federal courts will refuse to hear the cases due to mixed jurisdiction issues either. congress has decided that these cases should be heard in their jurisdiction. All prior case law concerning venue is now obsolete. Legislation trumps precedent, that is the point of legislation. The only way the courts could push the cases out would be to declare the venue clause unconstitutional which I can't believe would happen.
BS. The government is determined to take back the analog spectrum and move TV to the new digital channels. All they have to do is just do it, and the entertainment industry will have to deal with life in the new reality.
And in the process cut off their constituents from watching the political advertising that ensures the 98% incumbent re-election rate. Not very likely.
They'll let the FCC slide on a technicality, mark my words.
There is an important issue behind standing, the idea is to avoid wasting court time and to also make sure that a party can't establish a bogus precedent by bringing a case and deliberately putting up a poor case.
There is one set of constituents who are quite obviously directly affected by the broadcast flag issue, hardware manufacturers. They clearly have standing to bring a case since they are being directly required to implement the flag.
I don't think it makes any sense to throw this one out on standing grounds.
I don't like subscriptions either, but "lifetime" subscriptions are not the best (for the consumer) alternative. Those who don't learn from history are doomed to repeat it.
A subscription only makes sense if the service is actually worth something. The razor and blades model works for Gillette because 80% of the cost of the product is in the razor head, the handle is just a piece of moulded plastic that anyone can make for a few cents in volume. The difficult part is making those razor heads, sharpening them and setting them.
Tivo is not a good fit for the razor and blades model. The information that Tivo provides to the system is cheap to acquire. There is no reason that the subscription should cost more than $12.50 for the year. If there was an open market for the subscription side of the product the cost would be negligible.
The cost of the Tivo unit is not negligible, the Tivo requires pretty much a full PC platform, including a large hard drive. That is an expensive proposition. The razor and blades model breaks down if you end up selling the razor at too a big loss.
For good and ill, technologies continually get developed to work around the loss of flexability such a regime acquires, ususally by providing code-like ability to data files that can still "bypass" the tight security. E-mail and web pages used to be data-only mediums, until client software was made to allow executable data to be embedded in it, via attachments and links at first, then interpreted scripting within data, leading to a new vector for security issues.
One of the reasons I propose requiring code to state the privs it requires to run is precisely to prevent this type of excess privilege.
I would like the ability to lock each application into its own private virtual operating system prison and only allow it out via carefully controlled channels. So Firefox might think it is being loaded C:/Program files/whatever and messing with the registry but really it isn't, its in its own private little jail cell.
This is probably a sign of things to come. As computing becomes more and more dependant on the Internet to even provide basic functionality, security concerns are going to crowd out flexibility and "freedom." It's really a shame; this will only increase the barrier to entry to computing even higher than it is now. Already, classical shareware and freeware have nearly been killed by fears of viruses and spyware.
Well lets separate out cause and effect. The source of the problem here are the bastards who write spyware. The effect is that there is a trust deficit for shareware vendors. There are spyware bastards out there who are selling 'anti-spyware' that is in fact spyware. That is why Microsoft had to go and buy Giant and give away the code.
have already been opening salvos of FUD fired at the Open Source movement for not having a "certified" credential system for contributing programmers and writers.
Its not FUD, it is an issue that has to be taken very seriously. There is a real danger of attack and it is not possible to detect the attack using automated code inspection designed to detect bugs.
The only architectural solution here is to take 'least privillege' seriously. UNIX and derrivatives are vulnerable here. The privillege system is binary, all or nothing. Microsoft is somewhat better off but is a long way from having the pieces joined up. Every binary (and some data files) needs to be signed and the privilleges required to run it specified as attributes.
Microsoft has every incentive to keep the shareware for Windows market open and working, same for open source. Its all about developers, remember.
There is a real and serious risk that a spyware ring will attempt to infiltrate a FOSS project with the aim of injecting hostile code. At the moment they seem to be content to redistribute contaminated code.
Programmers do not like doing code reviews. It is hard enough to get them to review their own code, let alone somebody else's. Looking for a programming mistake is much easier than looking for actual malice.
FOSS projects need to carefully monitor who is in their group, who is allowed to make code updates, who can be trusted.
SP2 is better, that really isn't a point of argument. The only thing that nags at me is why Microsoft didn't do this ten or so years ago, when home users were beginning to connect to the Internet in large numbers. It isn't like stack protection is new technology, nor is having basic firewall functionality available.
Until the Windows 98-XP transition was completed there was no point. There is no way to make Win 98 secure, too much support for legacy systems. Sure you could do a firewall, but it would be too easy for a trojan to disable it. I don't think the stack protection scheme would work in Win-98.
We waited ten years for Apple to get its act together and finaly release OS-X and give us basic memory protection.
The hold up here is because there are a bunch of corporate IT departments who have not got arround to making XP SP2 deployment a priority which in turn is because many of them have a small number of apps that are not SP2 compliant.
All I use my machine for is Office, IE and Visual Studio. But I have to wait until they have checked out several hundred Oracle, Clarify etc. apps.
Ok, so the everybody at 1% is off obviously, but come on he has a valid question -- is this a case of everybody vs. MS?
Not quite, the issue is not just the browser providers, the browser users and the application developers also have a significant stake.
Apple is most usually conspicuous by its absence in standards forums. They may write standards based stuff but I don't run into their people very often. Firefox is represented in W3C but its difficult to get resources together as a volunteer effort.
I really don't see why a standards war over forms is meant to help anyone.
OK, I just discussed the attack with Burt Kaliski at RSA. He has seen the paper which puts him ahead of Bruce and me. The attack is actually a full break on SHA1, not just a compressor collision. Also it was somewhat poor form for Bruce not to mention that this was announced at the RSA conference in the cryptographers panel.
In the wake of crypto there was a general agreement that the industry needs to move to a new digest algorithm. I am not a cryptographer, I am a consumer of their work product as a protocol designer.
I agree that SHA-256/SHA-512 may turn out to not be the final choice. When the crypto-2004 results came out there was a push to go for the new hash functions, given the status of SHA-1 then I said that I want to wait till I hear whether the SHA-2 digests are also vulnerable to the Biham neutral bit technique or a variation of it.
At this point however we have to make a decision on the cipher function for Domain Keys/Identified Internet Mail in the next few months. I think we need to hold a council meeting with the cryptographers next week. So in that context we may have to go with SHA-256 and hope that there are at least 2^100 bits of security there.
Another choice that we may want to look at is using an HMAC as a signature digest primative.
Meanwhile we need a competition for a new digest function. The cryptographers had fun last time. Lets do it again. I will bring this up with NIST this afternoon.
Don't panic! 'Broken' is not Cracked
on
SHA-1 Broken
·
· Score: 4, Insightful
After some research, I decided that SHA1 was more secure than MD5.
MD5 was 'broken' in 1995 by Hans Dobbertin who discovered compressor function collisions. It was almost another 10 years before the compressor function collisions were turned into an attack which produced hash collisions.
So there is a serious security problem here but it does not mean that everything that uses SHA-1 is now vulnerable. There are many applications where MD5 is completely adequate. If you have a really good reason to do so and a really good understanding of the security requirements and risks you can use even something like MD2.
Today paul Kocher complained that Microsoft was using MD5 in its anti-spyware to identify known bad software. This is not actually a major problem, much worse would be using MD5 to identify known good software to keep, that is when a collision would bite. For known bad programs well i don't want any variant of the program to run...
But if you are writing an entirely new application then use SHA-256 or SHA-512, more rounds, more bits.
Meanwhile we need to research some new hash functions pronto.
Still its hard to compete with $0 dollars cause you just have to download OpenOffice. Its not like a word processor requires any support. I've never seen one fail and they aren't complicated to use. So what does microsoft have to offer with a payed product?
I remember when we used to pay $2000 for a word processor that didn't do a tenth what Open Office does.
Most people only use a fraction of the power of Word, but if you need functionality where OpenOffice is 'not quite there yet' $200 a seat to get it is small change.
The real TCO calculation has to be in terms of user's time. If my company tried to get us to switch from Office then the departments would simply declare UDI from the IT dept and buy it themselves. It costs $200 per day to keep the lowest paid office staff on premises. In addition their salary, stock options and benefits you have the cost of the building etc.
The bottom line is that if it takes Suzie in accounts a week to work out open office then I have lost a lot of money on the deal. If Suzie needs to call the support desk or get someone to help same thing.
For a long time I have had (occasionally heated) arguments with SQL addicts who insist that almost everything about an application should be coded in SQL and stored procedures. Meanwhile I have been moving all my logic away from the database engine, using APIs such as Java Data Objects, which makes my code very rapidly portable between databases.
Wouldn't it be nice if either Sun or Microsoft finally got a clue and added persistence to their platform so the whole SQL crap could be left in the garbage dump?
It is completely illogical to use a database back end with a different data model to the programming language. If entity relational is the way to go, then build Java arround it. Since its not build a back end data store that works.
Really, this stance strikes me as the antithesis of the problem. It is programmers who bear the blame here. I'm not singling out Microsoft programmers (despite the large and tempting target they present). I'm talking about most people who write system software or applications for general use.
I agree with this as well. I am not saying that the users are at fault, what I am saying is that there is a strong statistical bias here. The Linux community does not have the slightest interest in doing what it takes to attract non-technical users.
It is very easy to design a security interface for people with strong technical skills. Designing a user interface for the typical user is very very hard.
Most people do not want their lives to be taken over by the machine which is what UNIX demands. They don't want to think about running the computer, they want to think about the problem they bought the computer for or to play games or any other important use.
Linux just does not target the core demographic that the Internet criminals are trying to reach, mostly rich retirees and people who think they need body part enlargement. Not only is linux 5% of the market it is an uninteresting 5% for the criminals, mostly students and 20 somethings.
No way would I buy an iPod, too expensive, too cute, too proprietary. There are plenty of good MP3 players out there, at least one of them will add a sirius radio.
At this point I would much prefer an Mp3 player that is small, lightweight and takes a compactflash card to an ipod. I have a secure digital MP3 player, works great, plenty of room for music. Add the sirius capability into that and give it the ability to rebroadcast its signal on an FM radio band short distance so I can use it in the car.
Or better yet build it into a compact cassette form factor and let me use the most useless feature of the built in car radio for satelite connectivity. Make it a bluetooth connector for my cell phone while you are at it.
This is true, but let's face it. To say that this is a real example of how GNU/Linux is superior is kind of a cheap shot. If GNU/Linux were mainstream, what would the normal user do? Download goodies.tar.gz from your email, compile and su to install it. Tada, your system is screwed. This is what an "average," unsuspecting, Unix user would do. Buffer overflows and the like are legitimate vulnerabilities, but to blame Microsoft for a trojan being written is just not a legitimate criticism. Any operating system that lets the user install anything is "vulnerable" to trojans.
Bingo, the problem isn't Windows, its Windows Users.
There are folk who try to avoid spam by making everyone who sends them email 'pass' a Turing test. There are folk who avoid security problems that requires a monumental effort in makework learning to use.
Linux is nowhere near as secure as open genera where security measures are superflouous, there are only 200 or so people who know how to hack it and we know where they all live.
Or even more obscure, ITS with no security at all, but again the number of possible candidates is very very small.
There is a way to fix this though, write a trigger in the O/S so that any process that attempts to delete program files/microsoft/anti-virus is automaticaly halted. Or install the software with admin privs.
My three year old son does not have admin privs on his account for this very reason.
Well, I wish Judge Jackson the best of health, of course. But this judge is making the same mistake that Jackson did in the Microsoft trial.
Do not blast the litigants until the trial is over.
This is completely different from Jackson the Jackass. It is a court opinion delivered from the bench after the judge has analysed the evidence. Jackson was giving private interviews to a journalist. He tried to appoint Larry Lessig as a special master a second time after the appeals court had told him not to. Given Lessig's subsequent public possitions on free software there is absolutely no way he can be considered impartial in the matter.
Blasting the littigants in this case is quite justified because SCO is attempting to profit from its lawsuit by claiming to own the copyright to Linux.
SCO has had an ample opportunity for discovery and come up short. The Judge is making an empirical observation here which is exactly what he is meant to do.
... and yet you still haven't figured out that unprovoked, irrelevant bragging impresses no one. Curious
I strongly suspect that the effect reported would disappear if people received some training in taking the tests. I went to a private school with an entrance exam for the senior school. So every week we did practice tests. I managed to increase my score substantially.
Then we have idiots who say that IQ tests measure innate intelligence. Utter rubbish, there were 20 boys in the class and everyone had increased their score by at least 10 points.
One of the things you can teach is concentration and mental discipline.
You villified the previous poster, comparing him to Timothy McVeigh. You may as well have accused him of being a mass murderer because he has beliefs inline with McVeighs. The point I made was that beliefs don't make someone a mass murderer, actions do.
No I correctly pointed out that the actions of the last poster, i.e. his posting were the same type of crap that McVeigh used to post.
Incitement to murder is no different in principle than murder itself. Anyone who talks about taking up arms to solve their problems with the government when the ballot box is available is inciting people to murder in my book and no different to McVeigh, Bin Laden, Gerry Adams, Bader-Meinhoff and the rest.
It may be legal, it may even be protected byu the first ammendment but it is still supporting murderers.
They accepted Hitler with open arms too (not THOSE arms). I doubt you know anything about Germany.
Apart from working there for almost two years...
The Germans did not elect Hitler, he never got a majority. Hitler was able to seize power because he had been allowed to create a private army of armed thugs just like McVeigh and his militia cronies.
I do not see any of the NRA folk out their protesting the Patriot act.
He also thinks the same way that Thomas Jefferson used to, and Thomas Payne in those weird papers of his. I thought they were all dangerous before they dumped thousands of pounds worth of tea in the sea and then went to war against the government that kept them safe.
Do not confuse anarchy and liberty. If Paul Revere had followed your advice he would have begun by inciting a riot which would have been quickly put down and led to absolutely no change whatsoever.
Instead the Whigs used a tax strike to make their demands, when that failed they waited for the King's forces to resort to violence first.
Comparing McVeigh to Jefferson is as disgusting as comparing Bin Laden to Jefferson. Jefferson believed in government, his complaint was that the colonists were not represented in government, his response was a better form of government.
Much of these same people also support firearm bans. So the group of people who demand the most change from their government shun the most powerful tool in bringing about that change.
You think just the same way that Timothy McVeigh used to on Usenet. I thought he was a dangerous nut before he murdered close to 300 people in his attempt to do exactly what you suggest. Try a google search and look for his posts on Usenet.
Bin Laden and McVeigh are both cut from the same cloth. The most powerful tool you have for changing your government is the Web.
Bin Laden has changed nothing, achieved nothing. The IRA achieved nothing. Mao and Stalin ultimately achieved nothing.
Ghandi won India's freedom without a shot being fired. Lech Walensa in Poland, the Velvet, Rose revolutions, far more is achieved with the power of speech than has ever been achieved with guns.
The East Germans I met in the 1980s never asked for guns, they wanted photocopiers and type writers. They knew what they needed.
For you and I, I'd say that exploits are the issue...but in my experience, most average users don't get a malware infestation via browser exploits (mainly because when you and I see the words Gator or Newnet, we say hell no). They simply click "yes" when asked if they'd like to install a piece of software. I don't know if the mentality is "yeah I want more functionality" or "yeah yeah, just show me the damn webpage!".
There is a bug in the original IE authenticode interface (fixed in XP SP2) that allows a site to repeatedly present the user with the download dialogue.
The real problem here is that the idiot who invented Javascript thought that the creator of the page should gain complete control over the user's Web browser. Its an interactive TV model, the content provider controls the user experience completely. Netscape did this because they were paid by the big media companies to do so. Microsoft made a big mistake in following suit.
Slashdot Mirror
That depends on the president appointing them. Thomas and Jackson both were evidently unqualified at the time they were proposed. But on average the quality of federal judges is certainly higher.
I don't think that the class action bill will work the way that its promoters intend. I think that it is most likely to eliminate the '$5 coupon' type of settlement where the principle objective is to pump up the lawyer's fees to the maximum possible and let the persons damaged by the defendant's behavior go hang.
I don't think it very likely that the Federal courts will refuse to hear the cases due to mixed jurisdiction issues either. congress has decided that these cases should be heard in their jurisdiction. All prior case law concerning venue is now obsolete. Legislation trumps precedent, that is the point of legislation. The only way the courts could push the cases out would be to declare the venue clause unconstitutional which I can't believe would happen.
And in the process cut off their constituents from watching the political advertising that ensures the 98% incumbent re-election rate. Not very likely.
There is an important issue behind standing, the idea is to avoid wasting court time and to also make sure that a party can't establish a bogus precedent by bringing a case and deliberately putting up a poor case.
There is one set of constituents who are quite obviously directly affected by the broadcast flag issue, hardware manufacturers. They clearly have standing to bring a case since they are being directly required to implement the flag.
I don't think it makes any sense to throw this one out on standing grounds.
A subscription only makes sense if the service is actually worth something. The razor and blades model works for Gillette because 80% of the cost of the product is in the razor head, the handle is just a piece of moulded plastic that anyone can make for a few cents in volume. The difficult part is making those razor heads, sharpening them and setting them.
Tivo is not a good fit for the razor and blades model. The information that Tivo provides to the system is cheap to acquire. There is no reason that the subscription should cost more than $12.50 for the year. If there was an open market for the subscription side of the product the cost would be negligible.
The cost of the Tivo unit is not negligible, the Tivo requires pretty much a full PC platform, including a large hard drive. That is an expensive proposition. The razor and blades model breaks down if you end up selling the razor at too a big loss.
Actually no, it would be a mutual checkmate. The king can never place itself in check though so the game would start in an illegal state.
One of the reasons I propose requiring code to state the privs it requires to run is precisely to prevent this type of excess privilege.
I would like the ability to lock each application into its own private virtual operating system prison and only allow it out via carefully controlled channels. So Firefox might think it is being loaded C:/Program files/whatever and messing with the registry but really it isn't, its in its own private little jail cell.
Well lets separate out cause and effect. The source of the problem here are the bastards who write spyware. The effect is that there is a trust deficit for shareware vendors. There are spyware bastards out there who are selling 'anti-spyware' that is in fact spyware. That is why Microsoft had to go and buy Giant and give away the code.
have already been opening salvos of FUD fired at the Open Source movement for not having a "certified" credential system for contributing programmers and writers.
Its not FUD, it is an issue that has to be taken very seriously. There is a real danger of attack and it is not possible to detect the attack using automated code inspection designed to detect bugs.
The only architectural solution here is to take 'least privillege' seriously. UNIX and derrivatives are vulnerable here. The privillege system is binary, all or nothing. Microsoft is somewhat better off but is a long way from having the pieces joined up. Every binary (and some data files) needs to be signed and the privilleges required to run it specified as attributes.
Microsoft has every incentive to keep the shareware for Windows market open and working, same for open source. Its all about developers, remember.
There is a real and serious risk that a spyware ring will attempt to infiltrate a FOSS project with the aim of injecting hostile code. At the moment they seem to be content to redistribute contaminated code.
Programmers do not like doing code reviews. It is hard enough to get them to review their own code, let alone somebody else's. Looking for a programming mistake is much easier than looking for actual malice.
FOSS projects need to carefully monitor who is in their group, who is allowed to make code updates, who can be trusted.
Until the Windows 98-XP transition was completed there was no point. There is no way to make Win 98 secure, too much support for legacy systems. Sure you could do a firewall, but it would be too easy for a trojan to disable it. I don't think the stack protection scheme would work in Win-98.
We waited ten years for Apple to get its act together and finaly release OS-X and give us basic memory protection.
The hold up here is because there are a bunch of corporate IT departments who have not got arround to making XP SP2 deployment a priority which in turn is because many of them have a small number of apps that are not SP2 compliant.
All I use my machine for is Office, IE and Visual Studio. But I have to wait until they have checked out several hundred Oracle, Clarify etc. apps.
Not quite, the issue is not just the browser providers, the browser users and the application developers also have a significant stake.
Apple is most usually conspicuous by its absence in standards forums. They may write standards based stuff but I don't run into their people very often. Firefox is represented in W3C but its difficult to get resources together as a volunteer effort.
I really don't see why a standards war over forms is meant to help anyone.
Not until the troll filter blocks mention of it, or throws up an idiot screen to educate people who repeat it.
In the wake of crypto there was a general agreement that the industry needs to move to a new digest algorithm. I am not a cryptographer, I am a consumer of their work product as a protocol designer.
I agree that SHA-256/SHA-512 may turn out to not be the final choice. When the crypto-2004 results came out there was a push to go for the new hash functions, given the status of SHA-1 then I said that I want to wait till I hear whether the SHA-2 digests are also vulnerable to the Biham neutral bit technique or a variation of it.
At this point however we have to make a decision on the cipher function for Domain Keys/Identified Internet Mail in the next few months. I think we need to hold a council meeting with the cryptographers next week. So in that context we may have to go with SHA-256 and hope that there are at least 2^100 bits of security there.
Another choice that we may want to look at is using an HMAC as a signature digest primative.
Meanwhile we need a competition for a new digest function. The cryptographers had fun last time. Lets do it again. I will bring this up with NIST this afternoon.
MD5 was 'broken' in 1995 by Hans Dobbertin who discovered compressor function collisions. It was almost another 10 years before the compressor function collisions were turned into an attack which produced hash collisions.
So there is a serious security problem here but it does not mean that everything that uses SHA-1 is now vulnerable. There are many applications where MD5 is completely adequate. If you have a really good reason to do so and a really good understanding of the security requirements and risks you can use even something like MD2.
Today paul Kocher complained that Microsoft was using MD5 in its anti-spyware to identify known bad software. This is not actually a major problem, much worse would be using MD5 to identify known good software to keep, that is when a collision would bite. For known bad programs well i don't want any variant of the program to run...
But if you are writing an entirely new application then use SHA-256 or SHA-512, more rounds, more bits.
Meanwhile we need to research some new hash functions pronto.
I remember when we used to pay $2000 for a word processor that didn't do a tenth what Open Office does.
Most people only use a fraction of the power of Word, but if you need functionality where OpenOffice is 'not quite there yet' $200 a seat to get it is small change.
The real TCO calculation has to be in terms of user's time. If my company tried to get us to switch from Office then the departments would simply declare UDI from the IT dept and buy it themselves. It costs $200 per day to keep the lowest paid office staff on premises. In addition their salary, stock options and benefits you have the cost of the building etc.
The bottom line is that if it takes Suzie in accounts a week to work out open office then I have lost a lot of money on the deal. If Suzie needs to call the support desk or get someone to help same thing.
Wouldn't it be nice if either Sun or Microsoft finally got a clue and added persistence to their platform so the whole SQL crap could be left in the garbage dump?
It is completely illogical to use a database back end with a different data model to the programming language. If entity relational is the way to go, then build Java arround it. Since its not build a back end data store that works.
Running a jetty into a pond and launching your piddly motorboad doth not a harbor make, still less a port.
Cape Canaveral does not engage in interplanetary trade, thus the moniker is a little overblown even in its case.
I agree with this as well. I am not saying that the users are at fault, what I am saying is that there is a strong statistical bias here. The Linux community does not have the slightest interest in doing what it takes to attract non-technical users.
It is very easy to design a security interface for people with strong technical skills. Designing a user interface for the typical user is very very hard.
Most people do not want their lives to be taken over by the machine which is what UNIX demands. They don't want to think about running the computer, they want to think about the problem they bought the computer for or to play games or any other important use.
Linux just does not target the core demographic that the Internet criminals are trying to reach, mostly rich retirees and people who think they need body part enlargement. Not only is linux 5% of the market it is an uninteresting 5% for the criminals, mostly students and 20 somethings.
No way would I buy an iPod, too expensive, too cute, too proprietary. There are plenty of good MP3 players out there, at least one of them will add a sirius radio. At this point I would much prefer an Mp3 player that is small, lightweight and takes a compactflash card to an ipod. I have a secure digital MP3 player, works great, plenty of room for music. Add the sirius capability into that and give it the ability to rebroadcast its signal on an FM radio band short distance so I can use it in the car. Or better yet build it into a compact cassette form factor and let me use the most useless feature of the built in car radio for satelite connectivity. Make it a bluetooth connector for my cell phone while you are at it.
Bingo, the problem isn't Windows, its Windows Users.
There are folk who try to avoid spam by making everyone who sends them email 'pass' a Turing test. There are folk who avoid security problems that requires a monumental effort in makework learning to use.
Linux is nowhere near as secure as open genera where security measures are superflouous, there are only 200 or so people who know how to hack it and we know where they all live.
Or even more obscure, ITS with no security at all, but again the number of possible candidates is very very small.
There is a way to fix this though, write a trigger in the O/S so that any process that attempts to delete program files/microsoft/anti-virus is automaticaly halted. Or install the software with admin privs.
My three year old son does not have admin privs on his account for this very reason.
This is completely different from Jackson the Jackass. It is a court opinion delivered from the bench after the judge has analysed the evidence. Jackson was giving private interviews to a journalist. He tried to appoint Larry Lessig as a special master a second time after the appeals court had told him not to. Given Lessig's subsequent public possitions on free software there is absolutely no way he can be considered impartial in the matter.
Blasting the littigants in this case is quite justified because SCO is attempting to profit from its lawsuit by claiming to own the copyright to Linux.
SCO has had an ample opportunity for discovery and come up short. The Judge is making an empirical observation here which is exactly what he is meant to do.
I strongly suspect that the effect reported would disappear if people received some training in taking the tests. I went to a private school with an entrance exam for the senior school. So every week we did practice tests. I managed to increase my score substantially.
Then we have idiots who say that IQ tests measure innate intelligence. Utter rubbish, there were 20 boys in the class and everyone had increased their score by at least 10 points.
One of the things you can teach is concentration and mental discipline.
No I correctly pointed out that the actions of the last poster, i.e. his posting were the same type of crap that McVeigh used to post.
Incitement to murder is no different in principle than murder itself. Anyone who talks about taking up arms to solve their problems with the government when the ballot box is available is inciting people to murder in my book and no different to McVeigh, Bin Laden, Gerry Adams, Bader-Meinhoff and the rest.
It may be legal, it may even be protected byu the first ammendment but it is still supporting murderers.
Apart from working there for almost two years...
The Germans did not elect Hitler, he never got a majority. Hitler was able to seize power because he had been allowed to create a private army of armed thugs just like McVeigh and his militia cronies.
I do not see any of the NRA folk out their protesting the Patriot act.
Do not confuse anarchy and liberty. If Paul Revere had followed your advice he would have begun by inciting a riot which would have been quickly put down and led to absolutely no change whatsoever.
Instead the Whigs used a tax strike to make their demands, when that failed they waited for the King's forces to resort to violence first.
Comparing McVeigh to Jefferson is as disgusting as comparing Bin Laden to Jefferson. Jefferson believed in government, his complaint was that the colonists were not represented in government, his response was a better form of government.
Jefferson was no friend of anarchists.
You think just the same way that Timothy McVeigh used to on Usenet. I thought he was a dangerous nut before he murdered close to 300 people in his attempt to do exactly what you suggest. Try a google search and look for his posts on Usenet.
Bin Laden and McVeigh are both cut from the same cloth. The most powerful tool you have for changing your government is the Web.
Bin Laden has changed nothing, achieved nothing. The IRA achieved nothing. Mao and Stalin ultimately achieved nothing.
Ghandi won India's freedom without a shot being fired. Lech Walensa in Poland, the Velvet, Rose revolutions, far more is achieved with the power of speech than has ever been achieved with guns.
The East Germans I met in the 1980s never asked for guns, they wanted photocopiers and type writers. They knew what they needed.
There is a bug in the original IE authenticode interface (fixed in XP SP2) that allows a site to repeatedly present the user with the download dialogue.
The real problem here is that the idiot who invented Javascript thought that the creator of the page should gain complete control over the user's Web browser. Its an interactive TV model, the content provider controls the user experience completely. Netscape did this because they were paid by the big media companies to do so. Microsoft made a big mistake in following suit.