Yes, this guy has found a way to present a bug in the SSL protocol as a security panic.
When SSL was designed IPv4 addresses were not scarce and the HTTP protocol did not support multiple hosts in any case. And the basic idea of SSL was to make the addition of security totally transparent and allow it to be added to any protocol. And when SSL certs cost a minimum of $350 nobody was thinking that an IPv4 address per SSL cert was a problem.
So until a fairly recent version of TLS there has been no way for the server to know which domain is being accessed until the SSL handshake is complete.
This is really not a problem. If someone connects to a Web site using SSL and an invalid cert they are still better off than not using a cert at all.
Browsers conformant to the current best practices will warn if the domain does not match. But a better approach would probably be to just enable SSL and not show the stupid lock icon.
>>Nope, the code was almost certainly produced by a contractor and thus the copyrights vests in the contractor in the first instance.
>Umm that was the third of the three options I cited. I don't see that it is by any means a certainty however. It looks like the guy running the project at the whitehouse is a coder and has employees that are the same.
You posted a theory. I worked at the EOP on those systems when they were first put in.
Nope, the code was almost certainly produced by a contractor and thus the copyrights vests in the contractor in the first instance. The contract will require the contractor to relinquish at least some rights to the government, this typically extends to a general requirement to 'open source' the code.
GPL is actually the most restrictive open source license that is commonly used. If you are a contractor wanting to prevent other parties from selling your code in a commercial product that is not open source, the GPL allows you to do that. If on the other hand you want to make the code as open as possible then BSD or public domain are better.
The original Web code running in the Clinton White House was the NCSA server. It may have changed to Netscape Server at some point, but that was pretty much understandable when the NCSA server was falling into disrepair pre-Apache. Incidentally the reason that the Clinton White House adopted the Web as their standard over the alternatives was that they had free use of the NCSA copyright code because it had been developed under a US government funded grant.
At this point the British Government has gone way beyond open source to open data. This is a much bigger deal as I really could not care less what office suite the civil service use, it has no effect on me. Allowing access to government data in machine readable format is a much, much bigger deal. That is something I cannot do for myself.
Rather than having this bizarre obsession with open source on the desktop, I wish people could take a look at the bigger picture of government IT contracting and ask why every IT project attempted turns into a fiasco. The amount spent on desktop and O/S apps is a drop in the bucket compared to what has been wasted on the NHS IT system.
Childs refused to divulge the passwords to his superiors before he was fired for insubordination.
Of course it would be ridiculous if he was suddenly arrested without notice and asked for the passwords by the police. But that does not appear to be what actually happened, it is merely what his defence attorney would like to fool gullible people into imagining happened.
According to the depositions in the case, this claim is utterly false.
The site policy was for the passwords to be entered in a security database. He may have disagreed with the policy but he was not entitled to refuse to comply with it.
I find the claim that he did not recognize his superiors or that his actions were genuinely motivated by a desire to protect the network as somewhat incredulous. His actions are rather more consistent with attempting to preserve his job security by ensuring that he was the only person that could control the network and refusing to co-operate with legitimate attempts by his management to regain control.
The idea that this should be a concern to someone acting in good faith is ludicrous.
You know I had wondered why I stopped reading slashdot, then when I come back I find this story which is about as balanced as Fox News and I remember why. It is not a 'fact' that the DA has done no homework on the case, that is a speculative claim from what appears to be a highly partisan source - a journalist who snagged an interview with the perp and wants to retain access.
The guy tried to hold the city hostage. Venezia fails to mention that in his bizarrely one sided account.
Specifically, the guy had changed the passwords on the routers and refused to tell his employers what he had changed them to. That is, or at least should be recognized as extortion. The employers paid Childs to administer the system, they had a right to expect him to do so honestly and in a way that would allow them to use their property if he was not available.
The guy is lucky not to be up on federal charges. The water treatment plants were amongst the infrastructures that he disabled.
The incident does demonstrate a security risk that is often given insufficient consideration: failure to maintain control of the system.
The SCO stock last traded at 13 cents. That does not mean that anyone will buy for 13 cents. Volume is less than 5000 shares a day, you can see the individual trades in the chart.
In fact the main reason people would buy SCO at this point is because they had previously sold the stock short and want to buy to cover so they can recognize the profit this tax year rather than be forced to recognize the profit when the company goes bankrupt. Looks to me like today's trading means that someone paid $700 to close a SCO short.
After that there are probably a bunch of pump and dump scammers out there and folk who recon that maybe IBM will decide its cheaper to buy SCO out than continue litigation.
The price of a single share is not the same as the proportional value of the company, nor should it be. Real companies do not increase or decrease in value by 10% in a single day. The market prices of shares can over or under value the company significantly.
At $13 a share the marketcap of SCO is about $2.5M. That is more than the company is worth but less than you would need to pay to buy the company.
Are you saying that C++0x is unnecessary?
If so, then you haven't stumbled upon C++'s many problems. Like, lack of rvalue references. Or, lack of a proper lambda.
Not necessarily, he might just want C++ to die.die.die.
I have not stumbled on many of C++s problems after taking a look at it in the 80s and deciding it was the work of confused minds, to be avoided at all costs.
FORTRAN has its problems as well. Shouldn't we fix that first?
I remember C++ from way back when it really was C-with-classes. Plus some operators. (I think the rot set in with operators.) Back then, one person (who already knew C) really could grok the language in a day or two.
Oh I remember those days. Less good than you imagine. The language might have been simple but the compilers were a complete bitch. Some of them were not even compilers, they were preprocessors.
They would throw up the type of errors that Visual Studio did when I tried to compile Google Chrome when it came out, 'Type *QWUejw::int(*float) is not equal to *QWUejw::int(*float)'. So instead of taking a week to write your code you could spend three days coding and a month debugging the compiler.
Thats the real reason everyone jumped onto Java. It was clear that C++ was the product of very confused minds but it was the successor chosen by AT&T labs themselves, it was odds on to win. The only other player in the game was Objective C which was being touted by Steve Jobs, but you had to have a $!0,000 NextStation game cube to run it on. Eifel was maybe interesting but looked highly unlikely to win.
Yeah, but it is reasonable. Concepts are a complex feature, and C++ is an (overly) complex language. Do you really want to hold back all the other very important features like lambda, rvalue references, variadic templates, type deduction etc. just because of concepts?
Hell yes.
Actually I would like to hold back concepts as well.
Then take out templates and multiple inheritance and classes.
And merge the result with randomly chosen features from AWK and FORTRAN.
There is a serious purpose here. There comes a time when the best thing to do with a computing language is to phase out use. C++ has all the disadvantages of C and none of the advantages. Like the name says - increment by one and use the old value
At this point we have two mainstream successors to C that offer more functionality with less clutter. If you want to do object oriented programming you use Java or C# (or Objective C on the Apple platforms). They have object systems that make sense. C++ is the product of confused minds. Its something you want to avoid for fear of contamination. At least with COBOL you can get paid big bucks for turning out the code.
No karma for 'funny' mods? The kama system gets weirder and weirder. But I guess ambiguity is a useful component in deterrence.
But you can see the reason the original Republican article is wrong from the fact that this entire thread is about Libertarianism and Libertarianism and nothing else. And while it makes perfect sense for a US right wing party to make a bid for Libertarian votes, the GOP is entirely incapable of doing so and will be incapable for at least ten years.
The modern GOP is essentially a feudal organization devoted to the worship of power and the powerful. A Libertarian wants to pay less tax or no tax. A member of the GOP is obsessed with what the richest of the rich will pay in taxes and will support tax cuts for them even if they get no tax cuts at all or a net tax increase.
This might sound illogical, but it is anything but. It is a lottery mentality. The social purpose of a lottery is to allow losers at the bottom of society to vicariously engage in the lifestyles of the ultra-rich. That is why people who pay no taxes turned up to the teabagging protests.
The GOP has become an ideological party and now that it has lost power the remnant is engaging in even more ferocious factional warfare against anyone not of like mind within the party. Libertarians are even less welcome than gays. You can't be a part of the GOP machine unless you are willing to drink all the cool aid.
I do not see how anyone can expect San Francisco metro area to turn Republican while the party is fulminating against gays, 'immigrants' (Latinos) and imagined conspiracy theories. Now that Bush is no longer in office they are finally taking civil liberties seriously, but accusing Obama of running a police state might have a bit more credibility if they had made just one complaint against the Bush wiretaps or had the guts to call torture torture.
People do vote with their pocket books. But it is going to be really difficult to persuade many people that this current mess is not primarily a Republican mess. Republicans lowered taxes and increased spending. How is that not going to create trouble?
At $50K, the F5 offering is hardly going to save anyone much in the way of SSL certs.
But a lower cost open source accelerator might well do so. Offloading the RSA operations to a server farm makes excellent sense. But what might well make a lot more sense is to find a way to use graphics processor cards as SSL accelerators. They are not purpose designed but they are made in vast volume and contain all the parts for a vector processor machine.
A machine that sells a thousand units a year is going to be a lot more expensive price/performance wise than one based on a chip that sells by the hundred million.
If I was starting out 18 months ago I might well think of building something like that. But I strongly suspect that we will see several products of that type being announced next week at RSA.
BTW before folk start accusing me of shilling for my employer, I no longer work there. I am now spending my time making podcasts (see http://quantumofstupid.com) and building daleks in my basement.
p
Just burning a podcast on Ubuntu at the moment which should be up in about an hour and will be putting together a podcast to handicap and explain the prospects of interesting announcements at next week's RSA cryptographers panel later on today.
This is not a good faith question. Nobody is going to waste their time writing an open source extension to a proprietary operating system that duplicates the functionality of the core O/S. And if they did the result is probably not going to be worth using because nobody with sense is going to use and test it.
What this amounts to is that the slashcrew will post pretty much anything that panders to their biases and so they will post without thinking a question that is clearly designed to provide the answer 'no'.
Same thing happens on the camera forums. For years Canon fanatics used to appear in Nikon forums to ask about full frame sensor cameras. Then Nikon came out with a model that beat the Canon and then some and they started asking about fast prime lenses. Now that Nikon have started releasing a new range of fast primes they are asking about constant aperture f/4 zooms. None of it makes the slightest sense. Very few professional photographers would regard the Canon lenses as superior to Nikon in optical quality and certainly not in range. The Canon super-teles were much better at focus speed at one point because Nikon had their heads up their butts with their insistence on only putting the motor in the camera. But that changed long ago.
This type of question is not helpful unless what you really want to do is to have an argument for the sake of it and fix the terms of debate so you are bound to win.
At this point we have five windows boxes, three macs and a Linux box operating in the house. Of the nine machines the Linux box was by far the hardest to get running because the geniuses at Ubuntu decided to write a 700Mb distribution on a format with a maximum design capacity of 650Mb.
There is plenty of stupidity to go round. If people want to take pot shots, Linux is just as open to stupidity as anything else. When someone makes a similar attack on Linux the response is typically 'but these people are volunteers'.
Well it certainly makes Tom Tom's previous complaints about patent bullies look a bit thin. As they admit they threatened Microsoft. To their surprise, Microsoft fired first.
In other words the Microsoft suit had nothing whatsoever to do with Linux, except to the extent that if your product uses Linux and you try to sue Microsoft for infringement of your own patents you can expect to be sued in return.
This is not a new situation. The car industry discovered that it was impossible to build cars without cross licensing between all the major manufacturers in the 1950s.
Copyright and patents serve entirely different purposes. Patents are much less useful in practice as they expire and they are only available to the first inventor.
I doubt that the amateur lawyering that began this thread bears any resemblance to reality. In the first place there is a question of who has the right to bring an infringement case and what the scope would be. Linus is highly unlikely to want to get into a patent pissing contest with Microsoft. He is even less likely to try to sue TomTom for signing a cross licensing deal.
There is also the issue of public policy which in US terms is roughly speaking that the rich be allowed to get richer.
Microsoft is not a monolith. There are many views on software patents in the company. To date they have spent billions to license other company patents. They seem to be net payers on all their cross licenses. My guess would be that Microsoft's objective is not to get stung by another multi-hundred million dollar patent troll suit.
If their objective was to use patents to exclude competition from the market they would be idiots. All signs point to the Obama administration returning to the line that existed up till Reagan that severely punished companies with dominant market positions that abuse patent rights.
And an interface-less interface would be absolutely ideal in my view.
Problem is that the WiFi specs are botched and that makes it hard to do a good job of a UI. The way I would do the UI for WiFi (and I describe how to do this in detail in my book) is to generate a self signed cert for every WiFi device during manufacture. Then I would put the fingerprint of the cert onto the case.
When a device tries to connect there are two modes 'guest' and 'permanent'. Guest mode is optional and allows a device to connect for a time set by the owner after which they have to wait for a while (e.g. get 24 hours access then have to wait a week).
Permanent mode is as it suggests, permanent. Once the association is set up the router remembers it. No more stupid passwords that OS/X or Windows manage to forget. The first association is set up as administrator mode automatically. Further permanent associations can be approved by a machine with an administrator association.
This sounds complex but the practical effect would be that instead of having to remember a password you simply need to accept or reject requests to connect.
Oh and the association mode has a means to verify that the connection succeeded. So no having to re-enter the access data because the UI is borked.
Companies are using Windows "Out of habit". Hopefully, the Obama stimulus will involve converting all government computers to use Ubuntu and hiring thousands of college students and underemployed programmers to work on FREE Open Source Software.
Where did you see that in the manifesto? I suspect you are in for a big disappointment.
The problem with Word competitors is that they are all pretty much carbon copies of Word. So there really isn't much to be gained from switching It costs a minimum of $50,000 with overheads to employ a white collar worker. $250 for a three year bulk license for Office is a rounding error.
Every one of the competing clones has the same broken idea that spreadheets, documents and databases are different things to be joined together by clumsy notions like COM.
A better system would have the end-user pay someone they trust to identify the site; they are directly paying for the identification service and can take their business elsewhere if they get crap service.
Kind of hard to make that scale. And how does the chosen third party authenticate the site? Is the site going to co-operate with umpteen different checks by different providers? Seems something of a hassle to me.
When the CA business started the general complaint was that the authentication checks required were too onerous. So a group of CAs came into the market offering ever weaker authentication criteria until the point was reached when some certificates recognized by the browser were worthless. Which is precisely why we developed the Extended Validation program.
EV is the result of a committee process and may be fairly criticized as been somewhat over-engineered. But that was inevitable, an auditable and effective means of validating accountability will inevitably be more cumbersome than one that is merely effective. But it does work.
One side effect of EV is that every browser now supports certificate revocation checking and increasingly revocation checks are the default. So even if there is a failure in a Domain Validated cert, it is more likely to be shut down.
Just to remind you, Microsoft bundled IE with Windows when it had a monopoly on Windows. And, just to remind you in case you forgot, there's nothing illegal about having a monopoly. It just means you outcompeted everyone else. What is illegal is abusing that monopoly.
No, what Google and Yahoo were planning to do was to stop competing with each other and from a joint venture. That is specifically prohibited under the anti-trust laws. Obtaining a monopoly through fair competition is legal in the US. Obtaining a monopoly or dominant market position by forming a cartel with competitors is not.
It is very different from what Microsoft was accused of which in turn was rather different from the anti-competitive behavior that they engaged in. David Boies botched the Microsoft anti-trust case from the start. He brought it on the basis of complaints from Sun and Netscape that were really more about providing an alibi for their own incompetence than justified compaints. Netscape's treatment of Spyglass was vastly more aggressive than Microsoft's treatment of Netscape. Sun could have partnered with Microsoft to establish itself as a viable alternative to Intel. Instead they tried to challenge Intel and Microsoft at the same time.
Netscape was giving the browser away so that they could sell a server that exploited exploit the latest essentially proprietary features of their client. By essentially proprietary I mean their habit of releasing a product and submitting the 'standards proposal' to W3C on the same day with no prior discussion whatsoever. That is how cookies were deployed, that is how SSL was deployed and that is how Javascript was deployed. And in every case the Netscape version was initially broken in ways that have taken years to fix afterwards. If you tried to use Javascript in 1995 it was much more likely to crash your browser than do what was intended.
Now if the DoJ had concentrated on the pricing of Windows they had a real argument. The unit pricing scheme was certainly anti-competitive. But giving away the browser with the O/S was not anticompetitive, the browser was originally intended to be free software that shipped with the O/S. tim Berners-Lee proposed the deep integration into the O/S.
It's too bad these positions will, most definitely, be filled by military personnel.
Want to do this work for real? Send in a resume to iDefense. They do exactly the same work. And there are several other operations that do open source intelligence. In the modern world intelligence is outsourced just like everything else.
Now the Air Force cyber-command is something a little different, the idea the Air Force generals had was that they would be fighting a cyber war from that bunker and that is the reason the civilian leadership keeps shutting them down. In the first place cyberwarfare is the job of the NSA, not the air force. The NSA has the skills for the job and the Air Force does not.
But the bigger reason that the cyber-command was shut down the first time was that the Air Force generals had been talking trash about burying China in cyberspace. That not unsurprisingly had led the Chinese to mount a few cyber-warfare demonstrations of their own.
The fact is that cyber-warfare could be a highly effective compliment to a conventional attack. The kicker is that the US is vastly more vulnerable on this point than any other country and the NATO countries as a whole are more vulnerable than potential opponents.
Many people are stupid. Sarah Palin and her husband *are* the parents of her youngest child. Of course we should question her.
If people set themselves up on a pedestal then they deserve scrutiny. Palin has endorsed the GOP culture wars, in particular the anti-gay hate plank. Palin campaigns on her family being an exemplar, so why not rub her nose in the fact that by the standards she set when grabbing for votes she is a failed parent?
Not only that but I think a frank discussion of her position on the efficacy of abstinence only sex education is warranted(this is the issue you were dancing around),
Its not just the abstinence only sex-ed, its the anti-science, anti-knowledge approach to government behind it.
How sad then that the Clinton administration was behind the Clipper chip.
It was a civil service measure that they had been waiting to spring on a new administration. Clipper was sold to the administration as being entirely uncontroversial.
What that meant was that when the opposition appeared there was no base of support for the proposal. In normal circumstances it would have died quickly.
The reason it did not was Louis Freeh, the single worst Clinton appointee. He was ignorant, incompetent and disloyal. Freeh did not understand the opposition to Clipper because he had no clue about the implications of actually making use of intercepts competently. At the same time Freeh was pushing for Clipper he was opposing funding for FBI schemes to modernize the analysis capability.
More than any other single individual, Louis Freeh was responsible for the failures that allowed 9/11 to happen.
When the administration told Freeh they would not be backing him on banning crypto he responded by sucking up to Republicans in Congress and used his office to facilitate partisan 'investigations' of Clinton.
His WWW would never have blossomed the way it did under such Big Brother conditions, and we'd all be a lot poorer for it.
It is hard to know where to start here.
Back in the 1990s the use of cryptography was subject to a whole rack of restrictions. The fight between advocates of cryptography and Louis Freeh's FBI is known as the crypto-wars and some folk like Phil Zimmerman were harassed in the same way that the FBI harassed Charlie Chaplin and other opponents of Hoover.
Fortunately there were also folk who were much smarter than Louis Freeh (not difficult, the man was personally responsible for botching the FBI response to leads that could have uncovered the 9/11 plot).
I was working with the Clinton-Gore '92 online campaign right at the start of the Web and later with the Whitehouse. They saw the opportunity to disintermediate the mainstream press, what W. has called 'the filter'.
But a much larger part of their concern was the ability to disintermediate the press in repressive regimes like Cuba, Saudi Arabi etc.
Back in the late 1980s the cold war was won, not by politicians making speeches but by the humble photocopier. Reagan's speeches didn't mean diddly behind the iron curtain, not unless you were in range of the Western TV stations. The communist state media did not report them much and if they did they would present them Faux News style. It was getting the photocopiers through the wall that allowed material to circulate.
East Germany fell in the end because a large number of young people just said 'enough, we are not going to support this system any more'. And they got that idea into their heads at the same time because the communication system had been taken out of the hands of state media.
What is unique about the LHC is not the energies of the collisions. It is the number and the ability to observe the results.
Much higher energy collisions are taking place in the upper atmosphere all the time. If they were going to create a black hole we would already be gonners.
This is all the fault of the CERN spinmeisters talking about recreating the Big Bang. But then again I guess you need spin to get the money to do that type of experiment.
Hey, we have a "Godwin's Law" for mentions of Nazism. Can we get some sort of snarky law for people who suddenly bring up a Star Trek analogy in a discussion?:-)
Unfortunately for you, meta-Godwins law states that attempts to bring Godwin's law into a slashdot discussion will cause it to go on forever.
Slashdot Mirror
Yes, this guy has found a way to present a bug in the SSL protocol as a security panic. When SSL was designed IPv4 addresses were not scarce and the HTTP protocol did not support multiple hosts in any case. And the basic idea of SSL was to make the addition of security totally transparent and allow it to be added to any protocol. And when SSL certs cost a minimum of $350 nobody was thinking that an IPv4 address per SSL cert was a problem. So until a fairly recent version of TLS there has been no way for the server to know which domain is being accessed until the SSL handshake is complete. This is really not a problem. If someone connects to a Web site using SSL and an invalid cert they are still better off than not using a cert at all. Browsers conformant to the current best practices will warn if the domain does not match. But a better approach would probably be to just enable SSL and not show the stupid lock icon.
>>Nope, the code was almost certainly produced by a contractor and thus the copyrights vests in the contractor in the first instance.
>Umm that was the third of the three options I cited. I don't see that it is by any means a certainty however. It looks like the guy running the project at the whitehouse is a coder and has employees that are the same.
You posted a theory. I worked at the EOP on those systems when they were first put in.
Nope, the code was almost certainly produced by a contractor and thus the copyrights vests in the contractor in the first instance. The contract will require the contractor to relinquish at least some rights to the government, this typically extends to a general requirement to 'open source' the code. GPL is actually the most restrictive open source license that is commonly used. If you are a contractor wanting to prevent other parties from selling your code in a commercial product that is not open source, the GPL allows you to do that. If on the other hand you want to make the code as open as possible then BSD or public domain are better. The original Web code running in the Clinton White House was the NCSA server. It may have changed to Netscape Server at some point, but that was pretty much understandable when the NCSA server was falling into disrepair pre-Apache. Incidentally the reason that the Clinton White House adopted the Web as their standard over the alternatives was that they had free use of the NCSA copyright code because it had been developed under a US government funded grant. At this point the British Government has gone way beyond open source to open data. This is a much bigger deal as I really could not care less what office suite the civil service use, it has no effect on me. Allowing access to government data in machine readable format is a much, much bigger deal. That is something I cannot do for myself. Rather than having this bizarre obsession with open source on the desktop, I wish people could take a look at the bigger picture of government IT contracting and ask why every IT project attempted turns into a fiasco. The amount spent on desktop and O/S apps is a drop in the bucket compared to what has been wasted on the NHS IT system.
Of course it would be ridiculous if he was suddenly arrested without notice and asked for the passwords by the police. But that does not appear to be what actually happened, it is merely what his defence attorney would like to fool gullible people into imagining happened.
The site policy was for the passwords to be entered in a security database. He may have disagreed with the policy but he was not entitled to refuse to comply with it.
I find the claim that he did not recognize his superiors or that his actions were genuinely motivated by a desire to protect the network as somewhat incredulous. His actions are rather more consistent with attempting to preserve his job security by ensuring that he was the only person that could control the network and refusing to co-operate with legitimate attempts by his management to regain control.
The idea that this should be a concern to someone acting in good faith is ludicrous.
You know I had wondered why I stopped reading slashdot, then when I come back I find this story which is about as balanced as Fox News and I remember why. It is not a 'fact' that the DA has done no homework on the case, that is a speculative claim from what appears to be a highly partisan source - a journalist who snagged an interview with the perp and wants to retain access. The guy tried to hold the city hostage. Venezia fails to mention that in his bizarrely one sided account. Specifically, the guy had changed the passwords on the routers and refused to tell his employers what he had changed them to. That is, or at least should be recognized as extortion. The employers paid Childs to administer the system, they had a right to expect him to do so honestly and in a way that would allow them to use their property if he was not available. The guy is lucky not to be up on federal charges. The water treatment plants were amongst the infrastructures that he disabled. The incident does demonstrate a security risk that is often given insufficient consideration: failure to maintain control of the system.
The SCO stock last traded at 13 cents. That does not mean that anyone will buy for 13 cents. Volume is less than 5000 shares a day, you can see the individual trades in the chart. In fact the main reason people would buy SCO at this point is because they had previously sold the stock short and want to buy to cover so they can recognize the profit this tax year rather than be forced to recognize the profit when the company goes bankrupt. Looks to me like today's trading means that someone paid $700 to close a SCO short. After that there are probably a bunch of pump and dump scammers out there and folk who recon that maybe IBM will decide its cheaper to buy SCO out than continue litigation. The price of a single share is not the same as the proportional value of the company, nor should it be. Real companies do not increase or decrease in value by 10% in a single day. The market prices of shares can over or under value the company significantly. At $13 a share the marketcap of SCO is about $2.5M. That is more than the company is worth but less than you would need to pay to buy the company.
Not necessarily, he might just want C++ to die.die.die.
I have not stumbled on many of C++s problems after taking a look at it in the 80s and deciding it was the work of confused minds, to be avoided at all costs.
FORTRAN has its problems as well. Shouldn't we fix that first?
Oh I remember those days. Less good than you imagine. The language might have been simple but the compilers were a complete bitch. Some of them were not even compilers, they were preprocessors.
They would throw up the type of errors that Visual Studio did when I tried to compile Google Chrome when it came out, 'Type *QWUejw::int(*float) is not equal to *QWUejw::int(*float)'. So instead of taking a week to write your code you could spend three days coding and a month debugging the compiler.
Thats the real reason everyone jumped onto Java. It was clear that C++ was the product of very confused minds but it was the successor chosen by AT&T labs themselves, it was odds on to win. The only other player in the game was Objective C which was being touted by Steve Jobs, but you had to have a $!0,000 NextStation game cube to run it on. Eifel was maybe interesting but looked highly unlikely to win.
Hell yes.
Actually I would like to hold back concepts as well.
Then take out templates and multiple inheritance and classes.
And merge the result with randomly chosen features from AWK and FORTRAN.
There is a serious purpose here. There comes a time when the best thing to do with a computing language is to phase out use. C++ has all the disadvantages of C and none of the advantages. Like the name says - increment by one and use the old value
At this point we have two mainstream successors to C that offer more functionality with less clutter. If you want to do object oriented programming you use Java or C# (or Objective C on the Apple platforms). They have object systems that make sense. C++ is the product of confused minds. Its something you want to avoid for fear of contamination. At least with COBOL you can get paid big bucks for turning out the code.
But you can see the reason the original Republican article is wrong from the fact that this entire thread is about Libertarianism and Libertarianism and nothing else. And while it makes perfect sense for a US right wing party to make a bid for Libertarian votes, the GOP is entirely incapable of doing so and will be incapable for at least ten years.
The modern GOP is essentially a feudal organization devoted to the worship of power and the powerful. A Libertarian wants to pay less tax or no tax. A member of the GOP is obsessed with what the richest of the rich will pay in taxes and will support tax cuts for them even if they get no tax cuts at all or a net tax increase.
This might sound illogical, but it is anything but. It is a lottery mentality. The social purpose of a lottery is to allow losers at the bottom of society to vicariously engage in the lifestyles of the ultra-rich. That is why people who pay no taxes turned up to the teabagging protests.
The GOP has become an ideological party and now that it has lost power the remnant is engaging in even more ferocious factional warfare against anyone not of like mind within the party. Libertarians are even less welcome than gays. You can't be a part of the GOP machine unless you are willing to drink all the cool aid.
I do not see how anyone can expect San Francisco metro area to turn Republican while the party is fulminating against gays, 'immigrants' (Latinos) and imagined conspiracy theories. Now that Bush is no longer in office they are finally taking civil liberties seriously, but accusing Obama of running a police state might have a bit more credibility if they had made just one complaint against the Bush wiretaps or had the guts to call torture torture.
People do vote with their pocket books. But it is going to be really difficult to persuade many people that this current mess is not primarily a Republican mess. Republicans lowered taxes and increased spending. How is that not going to create trouble?
But a lower cost open source accelerator might well do so. Offloading the RSA operations to a server farm makes excellent sense. But what might well make a lot more sense is to find a way to use graphics processor cards as SSL accelerators. They are not purpose designed but they are made in vast volume and contain all the parts for a vector processor machine.
A machine that sells a thousand units a year is going to be a lot more expensive price/performance wise than one based on a chip that sells by the hundred million.
If I was starting out 18 months ago I might well think of building something like that. But I strongly suspect that we will see several products of that type being announced next week at RSA.
BTW before folk start accusing me of shilling for my employer, I no longer work there. I am now spending my time making podcasts (see http://quantumofstupid.com) and building daleks in my basement. p Just burning a podcast on Ubuntu at the moment which should be up in about an hour and will be putting together a podcast to handicap and explain the prospects of interesting announcements at next week's RSA cryptographers panel later on today.
This is not a good faith question. Nobody is going to waste their time writing an open source extension to a proprietary operating system that duplicates the functionality of the core O/S. And if they did the result is probably not going to be worth using because nobody with sense is going to use and test it.
What this amounts to is that the slashcrew will post pretty much anything that panders to their biases and so they will post without thinking a question that is clearly designed to provide the answer 'no'.
Same thing happens on the camera forums. For years Canon fanatics used to appear in Nikon forums to ask about full frame sensor cameras. Then Nikon came out with a model that beat the Canon and then some and they started asking about fast prime lenses. Now that Nikon have started releasing a new range of fast primes they are asking about constant aperture f/4 zooms. None of it makes the slightest sense. Very few professional photographers would regard the Canon lenses as superior to Nikon in optical quality and certainly not in range. The Canon super-teles were much better at focus speed at one point because Nikon had their heads up their butts with their insistence on only putting the motor in the camera. But that changed long ago.
This type of question is not helpful unless what you really want to do is to have an argument for the sake of it and fix the terms of debate so you are bound to win.
At this point we have five windows boxes, three macs and a Linux box operating in the house. Of the nine machines the Linux box was by far the hardest to get running because the geniuses at Ubuntu decided to write a 700Mb distribution on a format with a maximum design capacity of 650Mb.
There is plenty of stupidity to go round. If people want to take pot shots, Linux is just as open to stupidity as anything else. When someone makes a similar attack on Linux the response is typically 'but these people are volunteers'.
Windows has this feature built in, end of story.
In other words the Microsoft suit had nothing whatsoever to do with Linux, except to the extent that if your product uses Linux and you try to sue Microsoft for infringement of your own patents you can expect to be sued in return.
This is not a new situation. The car industry discovered that it was impossible to build cars without cross licensing between all the major manufacturers in the 1950s.
I doubt that the amateur lawyering that began this thread bears any resemblance to reality. In the first place there is a question of who has the right to bring an infringement case and what the scope would be. Linus is highly unlikely to want to get into a patent pissing contest with Microsoft. He is even less likely to try to sue TomTom for signing a cross licensing deal.
There is also the issue of public policy which in US terms is roughly speaking that the rich be allowed to get richer.
Microsoft is not a monolith. There are many views on software patents in the company. To date they have spent billions to license other company patents. They seem to be net payers on all their cross licenses. My guess would be that Microsoft's objective is not to get stung by another multi-hundred million dollar patent troll suit.
If their objective was to use patents to exclude competition from the market they would be idiots. All signs point to the Obama administration returning to the line that existed up till Reagan that severely punished companies with dominant market positions that abuse patent rights.
And an interface-less interface would be absolutely ideal in my view. Problem is that the WiFi specs are botched and that makes it hard to do a good job of a UI. The way I would do the UI for WiFi (and I describe how to do this in detail in my book) is to generate a self signed cert for every WiFi device during manufacture. Then I would put the fingerprint of the cert onto the case. When a device tries to connect there are two modes 'guest' and 'permanent'. Guest mode is optional and allows a device to connect for a time set by the owner after which they have to wait for a while (e.g. get 24 hours access then have to wait a week). Permanent mode is as it suggests, permanent. Once the association is set up the router remembers it. No more stupid passwords that OS/X or Windows manage to forget. The first association is set up as administrator mode automatically. Further permanent associations can be approved by a machine with an administrator association. This sounds complex but the practical effect would be that instead of having to remember a password you simply need to accept or reject requests to connect. Oh and the association mode has a means to verify that the connection succeeded. So no having to re-enter the access data because the UI is borked.
Where did you see that in the manifesto? I suspect you are in for a big disappointment.
The problem with Word competitors is that they are all pretty much carbon copies of Word. So there really isn't much to be gained from switching It costs a minimum of $50,000 with overheads to employ a white collar worker. $250 for a three year bulk license for Office is a rounding error.
Every one of the competing clones has the same broken idea that spreadheets, documents and databases are different things to be joined together by clumsy notions like COM.
Kind of hard to make that scale. And how does the chosen third party authenticate the site? Is the site going to co-operate with umpteen different checks by different providers? Seems something of a hassle to me.
When the CA business started the general complaint was that the authentication checks required were too onerous. So a group of CAs came into the market offering ever weaker authentication criteria until the point was reached when some certificates recognized by the browser were worthless. Which is precisely why we developed the Extended Validation program.
EV is the result of a committee process and may be fairly criticized as been somewhat over-engineered. But that was inevitable, an auditable and effective means of validating accountability will inevitably be more cumbersome than one that is merely effective. But it does work.
One side effect of EV is that every browser now supports certificate revocation checking and increasingly revocation checks are the default. So even if there is a failure in a Domain Validated cert, it is more likely to be shut down.
No, what Google and Yahoo were planning to do was to stop competing with each other and from a joint venture. That is specifically prohibited under the anti-trust laws. Obtaining a monopoly through fair competition is legal in the US. Obtaining a monopoly or dominant market position by forming a cartel with competitors is not.
It is very different from what Microsoft was accused of which in turn was rather different from the anti-competitive behavior that they engaged in. David Boies botched the Microsoft anti-trust case from the start. He brought it on the basis of complaints from Sun and Netscape that were really more about providing an alibi for their own incompetence than justified compaints. Netscape's treatment of Spyglass was vastly more aggressive than Microsoft's treatment of Netscape. Sun could have partnered with Microsoft to establish itself as a viable alternative to Intel. Instead they tried to challenge Intel and Microsoft at the same time.
Netscape was giving the browser away so that they could sell a server that exploited exploit the latest essentially proprietary features of their client. By essentially proprietary I mean their habit of releasing a product and submitting the 'standards proposal' to W3C on the same day with no prior discussion whatsoever. That is how cookies were deployed, that is how SSL was deployed and that is how Javascript was deployed. And in every case the Netscape version was initially broken in ways that have taken years to fix afterwards. If you tried to use Javascript in 1995 it was much more likely to crash your browser than do what was intended.
Now if the DoJ had concentrated on the pricing of Windows they had a real argument. The unit pricing scheme was certainly anti-competitive. But giving away the browser with the O/S was not anticompetitive, the browser was originally intended to be free software that shipped with the O/S. tim Berners-Lee proposed the deep integration into the O/S.
Want to do this work for real? Send in a resume to iDefense. They do exactly the same work. And there are several other operations that do open source intelligence. In the modern world intelligence is outsourced just like everything else.
Now the Air Force cyber-command is something a little different, the idea the Air Force generals had was that they would be fighting a cyber war from that bunker and that is the reason the civilian leadership keeps shutting them down. In the first place cyberwarfare is the job of the NSA, not the air force. The NSA has the skills for the job and the Air Force does not.
But the bigger reason that the cyber-command was shut down the first time was that the Air Force generals had been talking trash about burying China in cyberspace. That not unsurprisingly had led the Chinese to mount a few cyber-warfare demonstrations of their own.
The fact is that cyber-warfare could be a highly effective compliment to a conventional attack. The kicker is that the US is vastly more vulnerable on this point than any other country and the NATO countries as a whole are more vulnerable than potential opponents.
If people set themselves up on a pedestal then they deserve scrutiny. Palin has endorsed the GOP culture wars, in particular the anti-gay hate plank. Palin campaigns on her family being an exemplar, so why not rub her nose in the fact that by the standards she set when grabbing for votes she is a failed parent?
Not only that but I think a frank discussion of her position on the efficacy of abstinence only sex education is warranted(this is the issue you were dancing around),
Its not just the abstinence only sex-ed, its the anti-science, anti-knowledge approach to government behind it.
It was a civil service measure that they had been waiting to spring on a new administration. Clipper was sold to the administration as being entirely uncontroversial.
What that meant was that when the opposition appeared there was no base of support for the proposal. In normal circumstances it would have died quickly.
The reason it did not was Louis Freeh, the single worst Clinton appointee. He was ignorant, incompetent and disloyal. Freeh did not understand the opposition to Clipper because he had no clue about the implications of actually making use of intercepts competently. At the same time Freeh was pushing for Clipper he was opposing funding for FBI schemes to modernize the analysis capability.
More than any other single individual, Louis Freeh was responsible for the failures that allowed 9/11 to happen.
When the administration told Freeh they would not be backing him on banning crypto he responded by sucking up to Republicans in Congress and used his office to facilitate partisan 'investigations' of Clinton.
It is hard to know where to start here.
Back in the 1990s the use of cryptography was subject to a whole rack of restrictions. The fight between advocates of cryptography and Louis Freeh's FBI is known as the crypto-wars and some folk like Phil Zimmerman were harassed in the same way that the FBI harassed Charlie Chaplin and other opponents of Hoover.
Fortunately there were also folk who were much smarter than Louis Freeh (not difficult, the man was personally responsible for botching the FBI response to leads that could have uncovered the 9/11 plot).
I was working with the Clinton-Gore '92 online campaign right at the start of the Web and later with the Whitehouse. They saw the opportunity to disintermediate the mainstream press, what W. has called 'the filter'.
But a much larger part of their concern was the ability to disintermediate the press in repressive regimes like Cuba, Saudi Arabi etc.
Back in the late 1980s the cold war was won, not by politicians making speeches but by the humble photocopier. Reagan's speeches didn't mean diddly behind the iron curtain, not unless you were in range of the Western TV stations. The communist state media did not report them much and if they did they would present them Faux News style. It was getting the photocopiers through the wall that allowed material to circulate.
East Germany fell in the end because a large number of young people just said 'enough, we are not going to support this system any more'. And they got that idea into their heads at the same time because the communication system had been taken out of the hands of state media.
Much higher energy collisions are taking place in the upper atmosphere all the time. If they were going to create a black hole we would already be gonners.
This is all the fault of the CERN spinmeisters talking about recreating the Big Bang. But then again I guess you need spin to get the money to do that type of experiment.
Unfortunately for you, meta-Godwins law states that attempts to bring Godwin's law into a slashdot discussion will cause it to go on forever.