Two years ago, Russia invaded a sovereign country, Ukraine, and occupied it. More recently, Russia (maybe) took part in telling the truth about the DNC.
Which do you think will result in a stronger response from Obama. As a reminder, his response on Ukraine was basically wagging his finger at them, saying "bad Russia, bad boy" - no concrete action.
> whatever shell company will officially "own" the cars might not have 50 bucks. Putting legal distance between you and possible liabilities is the first rule of business
If a shell company didn't have reasonably sufficient capital, that would actually do the opposite - it *exposes* the executives to *personal* liability. To shield the executives (and major investors), you separate different lines of business different companies, each with appropriate funding for their operations, including potential liabilities.
I didn't learn this from a book. Well I did, but right now the government is giving me a painful reminder. They are making every effort to find an excuse to come after me personally for the liabilities of a company I used to work for. I did things correctly, more or less, with no shenanigans involving shell companies, so I don't think they'll win. They'll get the business assets and I'll have to personally pay off the original amount due, but I won't have to pay the late fees, interest, etc. Had I messed around with an underfunded shell company, that would give the government the excuse they want to hold me personally liable for the late fees and interest as well.
I don't know what happened in the phone calls between Trump and the executives who control Sprint, who has has worked with before. I do know that just because they were considering a move like this, that doesn't mean discussions with Trump didn't figure into the ultimate decision and announcement. In fact, if I were Sprint (and even actually being the head of a tiny company), I often wouldn't finalize major decisions during a presidential campaign. A year ago, Sprint / Softbank knew that the political and regulatory environment in the US might make a major change either way.
Heck a year ago Bernie Sanders was polling almost as high as Clinton. There was a real chance that Bernie Sanders, the self-described socialist, would be sworn in as president before Sprint opened the US facility. So Sprint was trying to decide where to build the facility, not knowing if they'd be subject to regulations and tax policy from either Sanders, Clinton, trump, or possibly someone else. It wouldn't surprise me at all if the final decision to press "Go" was influenced was a) Trump winning and b) Trump's discussions with them, assuring them that the new president will appreciate the value of jobs, not just at Sprint, but jobs related to the Sprint facility - the cafe where the workers eat lunch, etc.
> A screen that is displayed if memory corruption or a hardware error or kernel fault occurs is going to zip off to the registry to try to read its desired colour from a key somewhere?... > the MS engineers responsible need to be told to keep it simple, stupid.
If MS engineers were smart, most of us wouldn't ever seen a BSOD. QED they are not smart, and do stuff like putting this in the registry, a binary blob of everything.
> I'm open for suggestions. Single payer seems logical.
From my research, it appears that there are lot of problems, requiring a lot of fixes. Anybody who says "x will fix it" is either uninformed or lying, for any x. There are also a lot of compromises, though choices. Everybody I know in Canada makes trips to the US to buy medical care that they've already paid for in Canada - ut has a two-year wait. "Better" generally costs more, for most measures of "better", so there are tough choices to make.
In general, much of the cost, many of the problems, are gigantic mountains of paperwork. When you go get a prescription, it might take 30-60 minutes to get it filled. Counting out the pills takes 2 minutes; the paperwork takes the vast majority of the time (and therefore money). This is something to keep in mind when you talk about "Somebody has to put a check on the insurance, medical, and drug industries". A lot of people have put a lot of checks on the companies. Guess who ends up paying the check?
> If you want a $10 flu shot, go to Walgreens, CVS, Kroger, shit even Wal-Mart's pharmacy will do one.
Which tells you the actual cost of the flu shot.
> A flu shot meant a $35 co-pay at the very least, even if the injection itself was "free" under the insurance policy.
"Free under the insurance (healthcare) policy" means "paperwork for the insurance company". The difference between the $10 shot and the $35 is paying for the insurance bureaucracy.
> Have you ever tried to use this major illness insurance you had then?
Yes, Blue Cross Blue Shield of Texas was a good company then, as it is now.
Medical INSURANCE is/was regulated by state law. "Health discount plans" not so much. The really bad ones said "Health Care Discount Plan" or whatever at the top, at at the bottom said "this is not an insurance product". In most states the less-regulated plans couldn't use the word "insurance" in their marketing, other than a disclaimer stating that it's not insurance.
> Obamacare actually defined what "counts" as health insurance
Completely REDEFINED. You can't legally just buy actual insurance anymore. Now you have to buy a health care plan. The difference, as noted above, is that insurance insures you against unforeseen high costs. Home insurance is for if your home burns down, not a new toilet flapper ($12); car insurance covers a wreck that totals your car, not new spark plugs. Imagine if you and your mechanic had to deal with 100 pages of insurance and government paperwork for each oil change. An oil change wouldn't cost $35 anymore!
The state-regulated medical insurance had a range pf different plans at different prices, appropriate for different people. At least where I've lived, they all did okay on the catastrophic coverage, which was most important to me, what varied the most was the lower cost stuff, under $5,000. That made a big diference because $25 of administrative costs on a $25 service doubles the cost; $200 of administrative cost on a $2,500 procedure has less impact. It was important to understand that with the state regulated insurance you did get what you paid for - plan with a lower monthly premium probably had a higher deductible etc.
Uber could easily buy $5 million in insurance, of course, but there's little reason to do. If you destroy your house, you need insurance because you can't afford to replace the house amd everything in it out of your own pocket. If Uber causes a crash, they just pay the damages directly - no point in putting an insurance company in the middle.*
Generally, you should insure for costs you can't readily pay directly. For something you can afford, paying the insurance company's overhead and profit is stupid.** Uber has a billion dollars in their "shit happens" fund, so they can easily pay for any crash they cause. $5 million in insurance wouldn't change that at all.
Further, to save even more money, when you're unsure whether to buy insurance on something, such as a mobile phone, here's what you can do instead. Suppose the insurance costs $10. Put the $10 in an envelope marked "small insurance" or "shit happens". Do that every time you think about buying a protection plan - for tickets that offer cancellation insurance, whatever. After two years you might have $200 in your "small insurance" envelope. Right about then maybe your phone breaks. So you go get the money out of your envelope. You've bought insurance from yourself, and you don't pay the insurance company's profit (or the retailer's 50% commission on protection plans). Over time, your "shit happens" fund will grow and you'll find you no longer need to buy insurance on a $1,000 purchase, and aren't completely screwed when you're car breaks down.
* Which is what frustrates me about Obamacare. I can easily afford a $10 flu shot; I don't need insurance company overhead making it cost $25. I can pay $45 for a checkup, but insurance company paperwork makes it cost $65. I preferred ten years ago, when I could insure against major illness and injury for 75% less than I pay now.
** Even though Uber can easily self-insure for car accidents, an insurance company *might* provide some value by providing an objective, independent view of their safety protocols. The insurance company might say "to get insurance from us, you must make it safer by _______".
Indeed I was thinking of the false discovery rate - what percentage of positive results are false. After doing some reading, I just learned that false discovery rate is most useful when testing a small number of samples for many conditions. False positive rate is most useful when testing a large number of samples for a small number of conditions.
That's interesting to me because I develop a testing system that tests for about 90,000 conditions and tests about 90,000 "patients". My patients are computers, and I test for 90,000 different security weaknesses.
Thanks. What I was thinking of, I have now learned, is called the "false discovery rate". FDR is "10% of the samples flagged positive were actually negative". If a test is cheap, a 10% FDR os okay, a 10% FPR is not, (unless perhaps a large percentage of samples actually are positive).
I just studied the two for a few minutes to get an idea of which rate is most useful to consider for the tests I create. It seems false DISCOVERY rate is often useful when there are many tests done on a relatively small number of samples. That somewhat describes my testing - I test for about 90,000 hypotheses (90,000 conditions) on approximately 90,000 samples. I normally think about "what percentage of our positives are false? (FDR)" and it seems that's appropriate for the testing we do.
I don't think it is a 10% false positive rate, but if so that would be great. From the description, it sounds like the cost per test would be very low after economies of scale are realized. Therefore, the doctor could use this as a routine part of the annual checkup. If the machine says "Parkinson's is likely", then the doctor would know to investigate the possibility of Parkinson's. Many (most?) of the routine screening tests aren't definitive - they provide evidence that the doctor will then follow up on.
Have you ever had a throat culture? The doctor did a culture because there was some evidence of an infection that could be definitely diagnosed by a culture. First there's the screening which tells the doctor which more reliable (and expensive) tests should be run, THEN you run the more reliable test.
> but I don't see how someone claiming to have a PhD in nuclear physics is somehow more credible just because
If you read here often, you start to recognize some of the names. Actually even if you DON'T read here often, you may recognize somw names, like Bruce Perens. Bruce doesn't "claim" to have a PhD, Bruce is a *recognized* expert. When Bruce writes about security and such, you can bet that he has good reason to say whatever he says, he knows what he's talking about. When I disagree with Bruce, I know that I should take a moment to really think about what he says - if it sounds dumb at first, I might be missing something.
I've read enough posts by TacoCowboy to know that he's insightful, and to know a bit of his life story. When he says something, a) I want to read it and b) I know where he's coming from, so I can understand his comment *in the context of who he is and where he's coming from*. Reading a paragraph, I can understand better if I know which story that paragraph is part of.
Some other commenters, I know where their coming from too, they are here to advance an agenda and don't mind making up completely fictional "facts" to try to advance their propaganda. I know that if I bother to read a post by MdSolar, and "facts" he claims likely came from his ass. Having his name in those posts is helpful.
A few people probably read hear enough that raymorris is a veteran IT security professional, writing security software and detection/export code. They've seen enough of raymorris's posts to realize that he knows this topic, so when he gives analysis or advice, they read it with that in mind. Other people may have noticed that raymorris also likes to troll the most Koolaid drinking the liberals here, the guys who blindly follow and parrot anything they hear about "evil corporations" and "investors", but don't know anything at all about the topics they flame about. So those who have noticed this don't take raymorris's posts seriously when they see him trolling the most clueless of liberals.
It's useful to have the names on the posts. You might see a ridiculous political post and if it's by raymorris you know he's parodying liberals, if the exact same words are posted by MdSolar you know he's being completely serious - he actually believes a parody of liberalism.
Besides, my former boss used to read and occasionally post here. When arguing with some idiot on the internet, it's good to know if that idiot happens to be your boss.:) He can certainly know when it's me replying to him!
A year ago I was at a garage sale when three boys came running up. They were SO excited about one of the items -a REAL bow & arrow! Not a compound bow, just a simple, cheap thing. But a REAL BOW AND ARROW! Oh how the boys wished they could buy it.
I remember being a boy, making a bow with a stick from the yard and a shoe string. Today I could so easily spend the $10 or $20 for that garage sale bow. I didn't, because there wasn't any excitement there for me.
Wouldn't it be great if we DID still get exuberant over a $10 garage sale item? We could give ourselves an awesome Christmas present every day!
> A full-blown computer that can only run a browser, feh. Everybody who uses one will run into that limitation sooner or later and complain about it
My wife replaced her Linux desktop with a Chromebook, which I immediately istalled Ubuntu on. I also left ChromeOS as dual boot. By booting Ubuntu, it ran pretty much just like the desktop she had before. My wife loved that little computer. One great thing was the battery life - it would suspend amd resume very quickly and gracefully, so by just closing the lid whenever she wasn't using it, it only needed to be charged about once a week.
Here's what surprised me - she never booted Ubuntu. ChromeOS did exactly what she wanted. She never once ran asked me "how do I _____ on this computer?" Not once. When she wanted to check her email, she went to her email as she always had - in the browser. She used Pinterest, Groupon, maps, looked up TV listings - all the things she did on her desktop computer worked just the same on ChromeOS.
So while *I* would be unsatisfied with its limitations I found out that NOT "everybody who uses one will run into that limitation". For a lot of people, including my wife and my mom, it fits their needs perfectly. And actually since it has ssh and a browser, I used it when traveling and it fit my needs for a travel computer - mostly I use my local computer to ssh to various servers. My stuff isn't stored on any particular local terminal.
Slashdot - News for nerds. I take it Mr. Garbz isn't a computer nerd. What type of nerd are you, anyway?
Also it occurs to me that some of the hacking "cool" flavor that the OP mentions may now be found around the Raspberry Pi, Arduino, and other hobbyist platforms.
I suppose "most" or not very much depends how how big your system is and what you use it for. In a small CLI-based system, most of what the user interacts with is gnu tools. On a Gnome desktop - not so much. Perhaps I should instead say:
Most of the OS we call "Linux" is governed by the freedom-focused licensing created by GNU.
> I ran Linux in a corporate environment for 10 years. It certainly worked, and I found ways to get what I needed done.
It does work, my corporation ran Linux exclusively for 15 years. It was a network security company, so for most of those years Windows was not allowed on the corporate network.
> I think Linux is fine for the home, fine web browsing, but it becomes a major problem for people in corporations, simply because they're addicted to Windows
Working in a Windows-centric company, there is a compromise I've been using for four years. OS X is certified Unix. When you want to, you can ignore the shiny Mac GUI and run all your favorite GPL software that you've used on Linux. Also when you want to, you can run Adobe Photoshop, Adobe Acrobat, Microsoft Office 2016, 2016, etc. It integrates pretty well with a Windows-based company. Of course there are small issues here and there, but there are also small issues here and there when using Windows.
> many "basic freedoms" of the old-school computer nerd are increasingly disappearing
There is an organization devoted to computer freedom called the Free Software Foundation, closely allied with GNU. GNU makes most of the operating system we call Linux.
> Software is available to rent only now (e.g. Photoshop)
There are several alternatives to Photoshop which use free licenses, meaning licensees that respect freedom. None of them do everything Photoshop does in the exact same way Photoshop does it, but for any *particular* Photoshop user, there's probably a free software package that fits their particular needs well.
> Windows 10's spyware aspects made him give up on his beloved PC platform and that he will use Linux
Linux is certainly one way to avoid Windows built-in spyware.
> viruses, ransomware, hacking, crapware
That's 99% Windows too, Linux desktop users see viruses and malware very, very rarely - maybe once every 15 years.
Linux isn't perfect. It does however address most of the concerns mentioned.
> Plenty of veteran programmers understand basic concepts such as making sure code can handle invalid parameters properly.
And I *know* basic Spanish. I *think* in English. Most programmers have heard something about programming defensively, a few do so as a matter of course. Most of us, most of the time, think about how things are supposed to work (not how they can fail). For decades we've said things like "garbage in, garbage out." We may know, intellectually, that "garbage in, garbage out" is no longer valid since attackers will submit garbage daily, yet we continue to write functions that fail quite ungracefully when fed garbage input.
Some of this may be SQA 101, but I'd posit that 90% of programmers don't know what SQA stands for, much less have SQA as their native tongue. Evidence of this is the hundreds of CVEs issued every month. Half of the people who created the flaws behind those CVEs can probably look at the flawed code and tell you where they went wrong, how they should have written it. The safe way isn't what came naturally, though.
I think I misunderstood what you were trying to say. You're under the impression that learning software engineering is nothing more than learning the vocabulary of a particular language. A programmer couldn't learn anything that applies to programming in PHP until after learning the PHP vocabulary, you think.
Not really so, IMHO. Most of software engineering, and systems architecture in general, is quite independent of any particular programming language. Heck I've written software that's valid in three or four languages, and when someone releases a new language my old code might run as that language too. Do you remember in your high school textbooks for each chapter there would be four or five vocabulary words at the beginning or end of each 50 page chapter? Those four or five vocabulary words are the language of each chapter. The other 99% is the stuff you should know. Programming is the same - the language is about 1% of what a competent programmer should know.
You don't need sudo to update your files, including your PHP files. They can be owned by your regular user, and updated via ftp/sftp or ssh. The scripts should *run* as user "nobody", so they don't have the same access that you do. Even better, the scripts can run as your own personal nobody, a user created for the purpose such as "execthis_scripts". Using the standard system "nobody" is far more common, though.
If your scripts are running as you, with the same permissions you have when logged in via ssh, that means any of your scripts can change any of your files. Any security hole in any script allows an attacker to put malware in all of your files. That happens when your web host is incredibly stupid and runs PHP using something called "suexec". Here's what the developers of suexec have to say in the Apache manual:
-- if suEXEC is improperly configured, it can cause any number of problems and possibly create new holes in your computer's security. If you aren't familiar with managing setuid root programs and the security issues they present, we highly recommend that you not consider using suEXEC. --
They aren't kidding. At least half of the badly hacked web sites I've been called in to recover were hacked due to suexec. Every file is potentially affected, so we charge $1000 and up for remediation.
> then looked for the file and it does not exist anywhere on the server.
If it's a shared server, you shouldn't be able to see most of the filesystem easily. Can you see/usr/lib and/var/log? If so, your web host might be an idiot. If not, you may well have used the exploit to create a file in a part of the filesystem that you can't easily see.
Might want to double-check your facts there. I remember when PHP was a CMS written in a mix of Perl and C. That was about 1994 or so. I had already written something similar myself. The first web sites were 1989.
Let me fix that for you:
> In 2003, most significant countries in the world, other than Russia and France ...
> As a reminder, the response of the world was to join together in eliminating Hussein
Two years ago, Russia invaded a sovereign country, Ukraine, and occupied it.
More recently, Russia (maybe) took part in telling the truth about the DNC.
Which do you think will result in a stronger response from Obama. As a reminder, his response on Ukraine was basically wagging his finger at them, saying "bad Russia, bad boy" - no concrete action.
> whatever shell company will officially "own" the cars might not have 50 bucks. Putting legal distance between you and possible liabilities is the first rule of business
If a shell company didn't have reasonably sufficient capital, that would actually do the opposite - it *exposes* the executives to *personal* liability. To shield the executives (and major investors), you separate different lines of business different companies, each with appropriate funding for their operations, including potential liabilities.
I didn't learn this from a book. Well I did, but right now the government is giving me a painful reminder. They are making every effort to find an excuse to come after me personally for the liabilities of a company I used to work for. I did things correctly, more or less, with no shenanigans involving shell companies, so I don't think they'll win. They'll get the business assets and I'll have to personally pay off the original amount due, but I won't have to pay the late fees, interest, etc. Had I messed around with an underfunded shell company, that would give the government the excuse they want to hold me personally liable for the late fees and interest as well.
I don't know what happened in the phone calls between Trump and the executives who control Sprint, who has has worked with before. I do know that just because they were considering a move like this, that doesn't mean discussions with Trump didn't figure into the ultimate decision and announcement. In fact, if I were Sprint (and even actually being the head of a tiny company), I often wouldn't finalize major decisions during a presidential campaign. A year ago, Sprint / Softbank knew that the political and regulatory environment in the US might make a major change either way.
Heck a year ago Bernie Sanders was polling almost as high as Clinton. There was a real chance that Bernie Sanders, the self-described socialist, would be sworn in as president before Sprint opened the US facility. So Sprint was trying to decide where to build the facility, not knowing if they'd be subject to regulations and tax policy from either Sanders, Clinton, trump, or possibly someone else. It wouldn't surprise me at all if the final decision to press "Go" was influenced was a) Trump winning and b) Trump's discussions with them, assuring them that the new president will appreciate the value of jobs, not just at Sprint, but jobs related to the Sprint facility - the cafe where the workers eat lunch, etc.
> A screen that is displayed if memory corruption or a hardware error or kernel fault occurs is going to zip off to the registry to try to read its desired colour from a key somewhere? ...
> the MS engineers responsible need to be told to keep it simple, stupid.
If MS engineers were smart, most of us wouldn't ever seen a BSOD. QED they are not smart, and do stuff like putting this in the registry, a binary blob of everything.
> I'm open for suggestions. Single payer seems logical.
From my research, it appears that there are lot of problems, requiring a lot of fixes. Anybody who says "x will fix it" is either uninformed or lying, for any x. There are also a lot of compromises, though choices. Everybody I know in Canada makes trips to the US to buy medical care that they've already paid for in Canada - ut has a two-year wait. "Better" generally costs more, for most measures of "better", so there are tough choices to make.
In general, much of the cost, many of the problems, are gigantic mountains of paperwork. When you go get a prescription, it might take 30-60 minutes to get it filled. Counting out the pills takes 2 minutes; the paperwork takes the vast majority of the time (and therefore money). This is something to keep in mind when you talk about "Somebody has to put a check on the insurance, medical, and drug industries". A lot of people have put a lot of checks on the companies. Guess who ends up paying the check?
> If you want a $10 flu shot, go to Walgreens, CVS, Kroger, shit even Wal-Mart's pharmacy will do one.
Which tells you the actual cost of the flu shot.
> A flu shot meant a $35 co-pay at the very least, even if the injection itself was "free" under the insurance policy.
"Free under the insurance (healthcare) policy" means "paperwork for the insurance company". The difference between the $10 shot and the $35 is paying for the insurance bureaucracy.
> Have you ever tried to use this major illness insurance you had then?
Yes, Blue Cross Blue Shield of Texas was a good company then, as it is now.
Medical INSURANCE is/was regulated by state law. "Health discount plans" not so much.
The really bad ones said "Health Care Discount Plan" or whatever at the top, at at the bottom said "this is not an insurance product". In most states the less-regulated plans couldn't use the word "insurance" in their marketing, other than a disclaimer stating that it's not insurance.
> Obamacare actually defined what "counts" as health insurance
Completely REDEFINED. You can't legally just buy actual insurance anymore. Now you have to buy a health care plan. The difference, as noted above, is that insurance insures you against unforeseen high costs. Home insurance is for if your home burns down, not a new toilet flapper ($12); car insurance covers a wreck that totals your car, not new spark plugs. Imagine if you and your mechanic had to deal with 100 pages of insurance and government paperwork for each oil change. An oil change wouldn't cost $35 anymore!
The state-regulated medical insurance had a range pf different plans at different prices, appropriate for different people. At least where I've lived, they all did okay on the catastrophic coverage, which was most important to me, what varied the most was the lower cost stuff, under $5,000. That made a big diference because $25 of administrative costs on a $25 service doubles the cost; $200 of administrative cost on a $2,500 procedure has less impact. It was important to understand that with the state regulated insurance you did get what you paid for - plan with a lower monthly premium probably had a higher deductible etc.
Rocket Long March 2 composing genuine , flight of satellite egg duck spacing air.
Ftfy. That's Alibaba.
Uber could easily buy $5 million in insurance, of course, but there's little reason to do. If you destroy your house, you need insurance because you can't afford to replace the house amd everything in it out of your own pocket. If Uber causes a crash, they just pay the damages directly - no point in putting an insurance company in the middle.*
Generally, you should insure for costs you can't readily pay directly. For something you can afford, paying the insurance company's overhead and profit is stupid.** Uber has a billion dollars in their "shit happens" fund, so they can easily pay for any crash they cause. $5 million in insurance wouldn't change that at all.
Further, to save even more money, when you're unsure whether to buy insurance on something, such as a mobile phone, here's what you can do instead. Suppose the insurance costs $10. Put the $10 in an envelope marked "small insurance" or "shit happens". Do that every time you think about buying a protection plan - for tickets that offer cancellation insurance, whatever. After two years you might have $200 in your "small insurance" envelope. Right about then maybe your phone breaks. So you go get the money out of your envelope. You've bought insurance from yourself, and you don't pay the insurance company's profit (or the retailer's 50% commission on protection plans). Over time, your "shit happens" fund will grow and you'll find you no longer need to buy insurance on a $1,000 purchase, and aren't completely screwed when you're car breaks down.
* Which is what frustrates me about Obamacare. I can easily afford a $10 flu shot; I don't need insurance company overhead making it cost $25. I can pay $45 for a checkup, but insurance company paperwork makes it cost $65. I preferred ten years ago, when I could insure against major illness and injury for 75% less than I pay now.
** Even though Uber can easily self-insure for car accidents, an insurance company *might* provide some value by providing an objective, independent view of their safety protocols. The insurance company might say "to get insurance from us, you must make it safer by _______".
Indeed I was thinking of the false discovery rate - what percentage of positive results are false. After doing some reading, I just learned that false discovery rate is most useful when testing a small number of samples for many conditions. False positive rate is most useful when testing a large number of samples for a small number of conditions.
That's interesting to me because I develop a testing system that tests for about 90,000 conditions and tests about 90,000 "patients". My patients are computers, and I test for 90,000 different security weaknesses.
Thanks. What I was thinking of, I have now learned, is called the "false discovery rate". FDR is "10% of the samples flagged positive were actually negative". If a test is cheap, a 10% FDR os okay, a 10% FPR is not, (unless perhaps a large percentage of samples actually are positive).
I just studied the two for a few minutes to get an idea of which rate is most useful to consider for the tests I create. It seems false DISCOVERY rate is often useful when there are many tests done on a relatively small number of samples. That somewhat describes my testing - I test for about 90,000 hypotheses (90,000 conditions) on approximately 90,000 samples. I normally think about "what percentage of our positives are false? (FDR)" and it seems that's appropriate for the testing we do.
I don't think it is a 10% false positive rate, but if so that would be great. From the description, it sounds like the cost per test would be very low after economies of scale are realized. Therefore, the doctor could use this as a routine part of the annual checkup. If the machine says "Parkinson's is likely", then the doctor would know to investigate the possibility of Parkinson's. Many (most?) of the routine screening tests aren't definitive - they provide evidence that the doctor will then follow up on.
Have you ever had a throat culture? The doctor did a culture because there was some evidence of an infection that could be definitely diagnosed by a culture. First there's the screening which tells the doctor which more reliable (and expensive) tests should be run, THEN you run the more reliable test.
You do have a point. Also, a counterpoint:
> but I don't see how someone claiming to have a PhD in nuclear physics is somehow more credible just because
If you read here often, you start to recognize some of the names. Actually even if you DON'T read here often, you may recognize somw names, like Bruce Perens. Bruce doesn't "claim" to have a PhD, Bruce is a *recognized* expert. When Bruce writes about security and such, you can bet that he has good reason to say whatever he says, he knows what he's talking about. When I disagree with Bruce, I know that I should take a moment to really think about what he says - if it sounds dumb at first, I might be missing something.
I've read enough posts by TacoCowboy to know that he's insightful, and to know a bit of his life story. When he says something, a) I want to read it and b) I know where he's coming from, so I can understand his comment *in the context of who he is and where he's coming from*. Reading a paragraph, I can understand better if I know which story that paragraph is part of.
Some other commenters, I know where their coming from too, they are here to advance an agenda and don't mind making up completely fictional "facts" to try to advance their propaganda. I know that if I bother to read a post by MdSolar, and "facts" he claims likely came from his ass. Having his name in those posts is helpful.
A few people probably read hear enough that raymorris is a veteran IT security professional, writing security software and detection/export code. They've seen enough of raymorris's posts to realize that he knows this topic, so when he gives analysis or advice, they read it with that in mind. Other people may have noticed that raymorris also likes to troll the most Koolaid drinking the liberals here, the guys who blindly follow and parrot anything they hear about "evil corporations" and "investors", but don't know anything at all about the topics they flame about. So those who have noticed this don't take raymorris's posts seriously when they see him trolling the most clueless of liberals.
It's useful to have the names on the posts. You might see a ridiculous political post and if it's by raymorris you know he's parodying liberals, if the exact same words are posted by MdSolar you know he's being completely serious - he actually believes a parody of liberalism.
Besides, my former boss used to read and occasionally post here. When arguing with some idiot on the internet, it's good to know if that idiot happens to be your boss.:) He can certainly know when it's me replying to him!
A year ago I was at a garage sale when three boys came running up. They were SO excited about one of the items -a REAL bow & arrow! Not a compound bow, just a simple, cheap thing. But a REAL BOW AND ARROW! Oh how the boys wished they could buy it.
I remember being a boy, making a bow with a stick from the yard and a shoe string. Today I could so easily spend the $10 or $20 for that garage sale bow. I didn't, because there wasn't any excitement there for me.
Wouldn't it be great if we DID still get exuberant over a $10 garage sale item? We could give ourselves an awesome Christmas present every day!
> 20 something amateurs compete for lying ... It's just an old boys club
I'm confused. Is it kids or is it old boys? Or are the 20 year old amateurs old?
> A full-blown computer that can only run a browser, feh. Everybody who uses one will run into that limitation sooner or later and complain about it
My wife replaced her Linux desktop with a Chromebook, which I immediately istalled Ubuntu on. I also left ChromeOS as dual boot. By booting Ubuntu, it ran pretty much just like the desktop she had before. My wife loved that little computer. One great thing was the battery life - it would suspend amd resume very quickly and gracefully, so by just closing the lid whenever she wasn't using it, it only needed to be charged about once a week.
Here's what surprised me - she never booted Ubuntu. ChromeOS did exactly what she wanted. She never once ran asked me "how do I _____ on this computer?" Not once. When she wanted to check her email, she went to her email as she always had - in the browser. She used Pinterest, Groupon, maps, looked up TV listings - all the things she did on her desktop computer worked just the same on ChromeOS.
So while *I* would be unsatisfied with its limitations I found out that NOT "everybody who uses one will run into that limitation". For a lot of people, including my wife and my mom, it fits their needs perfectly. And actually since it has ssh and a browser, I used it when traveling and it fit my needs for a travel computer - mostly I use my local computer to ssh to various servers. My stuff isn't stored on any particular local terminal.
Slashdot - News for nerds. I take it Mr. Garbz isn't a computer nerd. What type of nerd are you, anyway?
Also it occurs to me that some of the hacking "cool" flavor that the OP mentions may now be found around the Raspberry Pi, Arduino, and other hobbyist platforms.
I suppose "most" or not very much depends how how big your system is and what you use it for. In a small CLI-based system, most of what the user interacts with is gnu tools. On a Gnome desktop - not so much. Perhaps I should instead say:
Most of the OS we call "Linux" is governed by the freedom-focused licensing created by GNU.
> I ran Linux in a corporate environment for 10 years. It certainly worked, and I found ways to get what I needed done.
It does work, my corporation ran Linux exclusively for 15 years. It was a network security company, so for most of those years Windows was not allowed on the corporate network.
> I think Linux is fine for the home, fine web browsing, but it becomes a major problem for people in corporations, simply because they're addicted to Windows
Working in a Windows-centric company, there is a compromise I've been using for four years. OS X is certified Unix. When you want to, you can ignore the shiny Mac GUI and run all your favorite GPL software that you've used on Linux. Also when you want to, you can run Adobe Photoshop, Adobe Acrobat, Microsoft Office 2016, 2016, etc. It integrates pretty well with a Windows-based company. Of course there are small issues here and there, but there are also small issues here and there when using Windows.
> many "basic freedoms" of the old-school computer nerd are increasingly disappearing
There is an organization devoted to computer freedom called the Free Software Foundation, closely allied with GNU. GNU makes most of the operating system we call Linux.
> Software is available to rent only now (e.g. Photoshop)
There are several alternatives to Photoshop which use free licenses, meaning licensees that respect freedom. None of them do everything Photoshop does in the exact same way Photoshop does it, but for any *particular* Photoshop user, there's probably a free software package that fits their particular needs well.
> Windows 10's spyware aspects made him give up on his beloved PC platform and that he will use Linux
Linux is certainly one way to avoid Windows built-in spyware.
> viruses, ransomware, hacking, crapware
That's 99% Windows too, Linux desktop users see viruses and malware very, very rarely - maybe once every 15 years.
Linux isn't perfect. It does however address most of the concerns mentioned.
> Plenty of veteran programmers understand basic concepts such as making sure code can handle invalid parameters properly.
And I *know* basic Spanish. I *think* in English. Most programmers have heard something about programming defensively, a few do so as a matter of course. Most of us, most of the time, think about how things are supposed to work (not how they can fail). For decades we've said things like "garbage in, garbage out." We may know, intellectually, that "garbage in, garbage out" is no longer valid since attackers will submit garbage daily, yet we continue to write functions that fail quite ungracefully when fed garbage input.
Some of this may be SQA 101, but I'd posit that 90% of programmers don't know what SQA stands for, much less have SQA as their native tongue. Evidence of this is the hundreds of CVEs issued every month. Half of the people who created the flaws behind those CVEs can probably look at the flawed code and tell you where they went wrong, how they should have written it. The safe way isn't what came naturally, though.
I think I misunderstood what you were trying to say. You're under the impression that learning software engineering is nothing more than learning the vocabulary of a particular language. A programmer couldn't learn anything that applies to programming in PHP until after learning the PHP vocabulary, you think.
Not really so, IMHO. Most of software engineering, and systems architecture in general, is quite independent of any particular programming language. Heck I've written software that's valid in three or four languages, and when someone releases a new language my old code might run as that language too. Do you remember in your high school textbooks for each chapter there would be four or five vocabulary words at the beginning or end of each 50 page chapter? Those four or five vocabulary words are the language of each chapter. The other 99% is the stuff you should know. Programming is the same - the language is about 1% of what a competent programmer should know.
You don't need sudo to update your files, including your PHP files. They can be owned by your regular user, and updated via ftp/sftp or ssh. The scripts should *run* as user "nobody", so they don't have the same access that you do. Even better, the scripts can run as your own personal nobody, a user created for the purpose such as "execthis_scripts". Using the standard system "nobody" is far more common, though.
If your scripts are running as you, with the same permissions you have when logged in via ssh, that means any of your scripts can change any of your files. Any security hole in any script allows an attacker to put malware in all of your files. That happens when your web host is incredibly stupid and runs PHP using something called "suexec". Here's what the developers of suexec have to say in the Apache manual:
--
if suEXEC is improperly configured, it can cause any number of problems and possibly create new holes in your computer's security. If you aren't familiar with managing setuid root programs and the security issues they present, we highly recommend that you not consider using suEXEC.
--
They aren't kidding. At least half of the badly hacked web sites I've been called in to recover were hacked due to suexec. Every file is potentially affected, so we charge $1000 and up for remediation.
> then looked for the file and it does not exist anywhere on the server.
If it's a shared server, you shouldn't be able to see most of the filesystem easily. Can you see /usr/lib and /var/log? If so, your web host might be an idiot. If not, you may well have used the exploit to create a file in a part of the filesystem that you can't easily see.
Might want to double-check your facts there. I remember when PHP was a CMS written in a mix of Perl and C. That was about 1994 or so. I had already written something similar myself. The first web sites were 1989.