40% gives his job performance a thumbs up as opposed to a thumbs down. So most think poorly, 40% think more positive than negative of his job performance.
Personally, my rating for "liking" the guy is a lot lower than my rating for his performance on the job. CNN reports that 70% of Americans say (see) that the economy is doing well, and that probably factors very much into Trump's job approval rating. You can, as I do, dislike the man and also be literate in economics, seeing that things are going well.
For comparison, at the same point in his term, Bush Jr. had an 85% approval rating. So half as many people approve of Trump's performance Trump compared to Bush Jr.
So they aren't saying "he's great!" 40% say that what he is doing as president is slightly more positive than negative.
Aside from Democrats, Trump is in no way a traditional Republican candidate. Not exactly a "family values" guy, not someone who respects lessoned learned and is cautious about major changes. You could go down a little of what different Republicans tend to value and at least half of them, Trump is the opposite.
A LOT of Republicans don't care for Trump. Many disliked what Hillary would do to the country slightly more than they disliked Trump, so they held their nose and voted against Hillary, which meant marking "Trump".
The percentage of Millionaires who inherit any money at all is the same as the percentage of the general population. So inheritance has no measurable effect on becoming a millionaire. I don't know the stats on billionaires.
However, let's think through the idea that "90% of billionaires inherited all their money - nobody makes a billion dollars, only inherits it".
For that to be true, Dad would have had to make a billion dollars. But the claim is that nobody makes a billion dollars. Therefore that thesis contradicts itself and must be false.
Here are some statistics from Forbes. There are about 540 billionaires. They studied 400 of those, so most of them.
7% of billionaires inherited all of their money. 8% inherited nothing
The rest inherited *something* and then grew that to over a billion dollars.
Patent law in the US doesn't use the term "distribution". Copyright considers if it's commercial or non-commercial distribution as one element, but this is about patents.
Many sites publish all the recent patents, which describe the invention, so clearly it's legal to distribute a description of the invention. In fact that's one of the purposes of patents.
US patent law allows the patent holder to control, for a limited time, who "makes, uses, offers to sell, or sells" the invention. I would argue that mirroring CentOS is not "making, using, or selling" it. Therefore you would not violate a patent by distributing code which describes its implementation. No need to look for patents before distributing, only making, using, or selling.
>The pilots flew properly and under normal operation the MCAS trimmed out the elevator over and over until pulling the stick all the way back still left you pointing at the ground.
Yes, I explained it does that based on one sensor, and suggested that perhaps it shouldn't trim so far, especially with other instruments indicating it probably wasn't in a stall. So you disagree with the second half of my comment? You think it SHOULD nose dive?
That seems like a reasonable *rate* at which to bring the nose down.
If the system is adding 0.2 down elevator every second even though there is already 15 degrees down elevator and the pilot is pulling the stick back, and the AoA indicator isn't responding - it's staying at max AoA despite full down elevator, that's what I'm calling forcing the nose down hard. Forcing - overriding pilot input, hard - overriding all common sense based on the available dates.
For contrast, the system I designed set the elevator position near max AoA based on essentially this:
Max AoA - 2.5 + sqrt (stick back force)
So a pilot would have to have pull almost all the way back to exceed max AoA. The linkage was such that it had no effect until the elevator was up past neutral. Of course, this is on a plane that will naturally nose down in a stall if the elevator is neutral. That's a much more conservative approach than what Boeing did, based on what I've read.
I'm not a professional plane designer, just an amateur, and I haven't examined Boeing's design in detail. Reports indicate that it forced the nose down despite numerous indications that it was not appropriate to do so, based solely on the AoA sensor.
A major study of mega-rich people found that is the major common factor - a powerful drive to build large amounts of wealth, at the expense of pretty much everything else in life. The mega-rich in most cases gave up family, friends, hobbies, etc and focused 100% on business.
Not so for typical millionaires. What millionaires have in common is that they consistently put 10%-15% in their 401k and their employer matched part of that. The power of compound interest, investing a little from every paycheck over time, is 99% of rich people. The 0.001% are the those obsessed with building their empire.
I started to say "obsessed with money", but that's not accurate. One could found and build a very successful space rocket company because you're obsessed with commoditizing space travel. Large amounts of money would be a side-effect.
I designed a similar system for my RC planes. I haven't actually installed it, because it isn't necessary. It's okay to not have it.
This system is designed to detect when the pilot has seriously screwed up, pointing the nose way too high. Most planes don't have it. I thought about using one only because I'm a bad RC pilot. (I'm a bit better with a real plane).
So in this case, if you have two sensors which disagree, you can ignore the one that says you're nose high, and the plane will function like any other plane.
You could also cross-check other sensors and / or have a milder response. In a true high-speed stall in an airliner you'd expect to see significant deflection of the elevator or ailerons (turns can cause high-speed stalls). If you don't have a lot of elevator or aileron deflection, the stall warning could be a false positive.
Based on data from one or two AoA sensors plus correlation with other sensors, you could GENTLY nudge the nose down appropriately. It seems Boeing forced the nose down hard, despite the pilot pulling back as hard as he could.
I starting designing a fully aerodynamic system (not electronic) which would add a few degrees of down offset to whatever the pilot ordered. Assume the max AoA is 12Â. Once the the sensor detects AoA is more than 10, it would basically gradually subtract 0-3Â from the pilot input. So the pilot could pull the stick hard enough that would otherwise cause a 15Â AoC before the plane would hit the critical 12Â. It was designed to aid the pilot, helping the pilot avoid going over. It seems Boeing's system completely overrode pilot input. My design was more like "the pilot would have to try really hard to crash".
For years, I did what I wanted to do, living for the now, and kept having incredibly bad luck. As I mentioned, I ended up homeless, living under a tarp on a vacant lot.
Then I switched to making it a habit to focus on five years down the road. Giving up what I wanted at the moment in exchange for what would most likely bring good things five years later. I keep having incredibly good luck since then.
In the past on Slashdot I've identified at least daily decisions we make, starting with getting out of bed or hitting the snooze button. We have thousands of decision points every year, and multiple years. I made really bad decisions for about ten years, got bad results, then started making much better decisions and getting much better results.
Life is a poker career, not a poker hand. Phil Helmuth has a successful poker career because he in in the habit of making good poker decisions. The luck of the draw determines whether it is this hand he wins, or the next or the one after. We all get thousands and thousands of cards, and make thousands and thousands of decisions. We all get some good cards, some bad cards, and some mediocre cards. Phil makes his living on poker every year by consistently making smart decisions, not on each hand by getting lucky.
I could describe my past, my circumstances, to you in a way that would make me sound like the unluckiest guy alive. I've needed dozens of surgeries for significant medical problems. I could also describe it in a way that makes me sound like the luckiest guy alive. There's good and bad, always.
Most people reading this are in the US or Western Europe, and mostly nerds, tech types. Therefore the vast majority of us are in the top 3% in terms of income. Some of us, though in the top 2%-3%, what about not being in the top 1% while we call in sick to play the new video game.
If this was about busting people for texting and driving, a cop could stand by the side of the road while his partner is two blocks up in the cruiser and they'd probably get somebody every five minutes. You and I see it constantly while we're driving around. Just watch people start at their phone, doing the thumb dance as they drive by. For bonus points, have a camera that shows what the cop saw.
Cop who sees rhe texting driver (and has it on video) radios his partner to light them up.
If you want to do it with less manpower, just have the cops keep an eye out for texting and driving while they do their usual patrol. I see drivers doing it, you see them. Cops can see them too.
This law clearly is not about enforcing texting and driving; there is something else going on here.
> you just need somebody else to contribute the code that violates your patent.
That's precisely the problem.
> I shouldn't have to verify that the patent-infringing code was actually ***contributed*** by company x.
Everyone is entitled to their opinion, I suppose. Some people claim, falsely, "it only applies to code the patent-holder contributes". At least you recognize that's false and you don't make that claim.
The conditions you list for invalidating a patent under GPLv3 are *almost* correct. In fact the patent-holder doesn't have to contribute at all in order to lose their patent bases on some third-party (competitor?) contributing infringing code. They need only either USE the v3 software in a customer-facing system, or provide a mirror. For example many universities provide mirrors of Linux distributions. By doing so, the terms of v3 say they lose all patent rights to anything they have patented, the moment somebody contributes infringing code to any distro that they mirror.
The problem is that's millions and millions of lines of code that nobody at the university has ever seen. They are just providing a CentOS mirror, not auditing CentOS for patent issues. By providing a mirror, they relinquish all patents to anything at all that anyone can sneak into the code.
You may be able to to run ping and traceroute without being root by typing "/usr/sbin/ping" or "/use/sbin/traceroute".
Use "which traceroute" to find out if it's in sbin, which won't be in the PATH for a normal user.
Ping and traceroute used to use raw sockets by default, which isn't allowed for normal users. Now it uses UDP by default so non-root users can use it (with the full path if needed).
Current traceroute has the"-I" option to use old-style icmp. It's often installed setuid, meaning normal users can run it even with -I and it behaves as though they were root. You can check with:
ll/usr/sbin/ping Which may return: -r-s--x--x 1 root bin 40960 Aug 24 1998/usr/sbin/ping
The "s" means it is set uid.
So you can: Use the full path and it will probably work (using UDP). Use -I to traceroute any host you can ping, if it's setuid or you are root.
Showpath does away with these choices and just does udp only, which often works fine.
GPLv3 does include a clause which appears to be an attempt to improve this situation.
Unfortunately, Richard Stallman also included a poison pill in GPLv3 which makes it risky for any organization to use GPLv3 if any part of their organization has a patent on anything. He wanted to use GPLv3 to kill patents, by making it so that anyone who has any patent can't safely use GPLv3 code. The result is that patents killed GPLv3 use.
Some will say "no, it's intended to mean you can't patent something in the code; you can have other patents". But that's not what it says. During the draft process we asked that it be clarified if that was indeed the intent. Stallman refused to change the wording to limit it's applicability to only contributions made by the person or company who has the patent.
Because Stallman refused to adjust the wording before releasing the version of GPLv3, this is the current situation:
I worked for a major university. Some departments in that university do a lot of research and development. The R&D is funded in part by patenting the useful results and licensing the patents to companies which make use of the R&D. If any other part of the university were to distribute GPLv3 code anywhere, at any campus, it would put all of the universities patents at risk. Someone, perhaps a competitor or perhaps someone who doesn't know anything about the patent, could invalidate the patent by contributing a module which makes use of it.
That doesn't happen with GPLv2, so any organization which has any patent on anything is safer using GPLv2 code. GPLv2 doesn't have a patent poison clause.
If GPLv4 changes the clause to say it only applies to code authored / contributed by the organization that has the patent, that would mostly fix the problem. That's what proponents of v3 *say* that that *intend*, but they haven't allowed the license to say that.
Comparing "man showpath" with "man traceroute", we find that showpath can do a lot less than traceroute can - it has far fewer options.
One might also notice that unlike traceroute, showpath tries a bunch of ports and hopes - the results of showpath might be similar to reality, the results are often right, often not. Traceroute uses one and the results it provides are correct. (Or in case of error, traceroute indicates an error, as opposed to false results).
So by now I'm sure you see why traceroute had to be replaced by showpath - to make it dumber and less reliable.
Actually the best I can tell, those who wanted to replace traceroute never bothered to check the docs after they heard about a "problem" with tracert which doesn't actually exist. The excuse for getting rid of traceroute is that "you have to be root to run traceroute", but that simply isn't true. There are in fact TWO different ways that non-root users can run traceroute. Like ping, normally it's installed setuid, which allows any user to run a small program as if they were root. You wouldn't want large, complex programs to run setuid in case of security bugs in them, but for small, simple programs it's fine. If you don't want to set it setuid, any user can still run it and it'll do the same udp trick that showpath does. Showpath is literally a small subset of traceroute's functionality. It's not so much replacing one with another, but rather "take away all of the most commonly used options for traceroute and leave only showpath remaining". Genius.
That reminds me of when we were kids and my brother got in a huge argument with our cousins. My brother, from Denver, knew for certain the mountains are in the West. My cousins, from New Mexico, knew darn well the mountains are East.
There are a lot of lawyers doing quite well, and even more children of lawyers. Yet only ONE of them is Bill Gates, one built a trillion-dollar company.
So your theory that Gates' trillion dollar company is the result of having a successful parent doesn't quite work out, because 99.9999% of people who have successful parents do not build huge companies. Very clearly parents success didn't cause his, because that doesn't happen 99.9999% of the time. In fact, people who have over $10 million are slightly more likely to have parents who struggled financially. Perhaps financial struggle as a child tends to make people focus more on money.
My parents did well. I, like you, thought that having successful parents would make me automatically successful. That idea lead to me being homeless. Since being my dad's son didn't work to get me paid, I started thinking about what my dad had done to become successful. He grew up so poor the family house had a dirt floor. They ate meat on Sunday nights, or whenever he could catch a squirrel. How did he go from Bubba to country club? That involved scrubbing toilets to put himself through school. So I started scrubbing toilets. Today I have a pretty nice house. I pay for it with my good job; I didn't get a cent from my dad.
Having said that, it may well be that if Gates had grown up poor he'd have only $100 million today rather than $100 billion. He took what he had and multiplied it by 100 million. Had he started with only $100, he'd only have $1 billion today instead of $100 billion.
My city councilman lives two blocks away. I can stop by any time. Most evenings he'll be out in his shop working on a hot rod. I've had a fifteen minute conversation with him, and a 15 minute conversation with his opponent in the last election.
My Texas state Senator (state laws) does a call-in program on the local radio station every week. I've called and pointed out where I thought he was looking at things the wrong way, had a 5 minute conversation with him.
My Washington senator - don't know where they live, and I doubt I'll ever have a conversation with them.
When Californians want to support California orange growers, they each send $1.00 to Washington and ask Washington to send $0.60 back to California orange growers.
When Texans want to support pecan growers in Texas - well mostly they buy pecans and make a pecan pie, no government involved. But when they want to involve government, they have the state spend $1.00 each supporting pecan growers.
Californians then brag that until recently they sent a lot of money to Washington. This perplexes Texans because sending your money to Washington seems like a pretty stupid thing to do, in their opinion.
That sentence demonstrates without requiring much thought what the article demonstrates if you think about it - the author is an idiot.
Bill Gates isn't a successful programmer, he didn't write DOS. He's an incredibly successful business person, he bought and sold DOS and managed a company to turn it into billions.
Here's a little story about luck. I recently got lucky and got a new high-paying job. Maybe my dream job. Lucky for me, the hiring managers were looking for someone to do the types of things I have been doing at work lately, such as teaching a CISSP course. My class consisted of about 50 employees ranging from our head of internal security to recently hired engineers. The reason I volunteered to do such a class was precisely to raise my profile as a security expert - to put self in front of these managers while I filled the role of security expert. If you want to eventually have options of good security jobs, it doesn't hurt to have the head of security see that you are an expert, I figured. Twice per month I attended a meetings of security groups like OWASP and ISC2. At those meetings I talked to dozens of people about the companies they worked for and which skill sets they were hitting for. I kept on eye on the open positions at three local companies I was interested in. I tried to learn more about the skills they were looking for. I kept my LinkedIn updated with accomplishments and fielded calls from recruiters several times per week - mostly pointless calls. I kept a copy my resume in my car and gave it to someone who might be able to hire me. I did a good job at my current role, asking my co-workers and my boss how I could improve. I struggled to actually be *nice* to co-workers, although my natural state is asshole.
Overall I did hundreds of things to increase my odds of landing a great job. Hundreds of things "didn't work" immediately, yet I kept doing them. Eventually I "got lucky" and two of the things I was doing aligned with what a company was looking for and I landed the great job. How lucky.
It's like wearing a seatbelt. 99.9% of the time, if you don't wear a seatbelt nothing bad will happen. But eventually there will be an accident, so if you don't wear a seatbelt 99.9% of the time, you're probably going to end up hurt.
A large percentage of people who found very successful businesses first started several businesses that were not successful. They learned from their failures and kept trying. Eventually they learned enough and try enough things to find one that worked well - they "got lucky" and did tell right things, by trying a lot of things that seemed likely to be right.
We all make a hundred decisions every day. Starting with whether to hit the anooze button and ending with going to bed in time. Do we stop to help the person on the aide of the road while we're on the way to work?
We have a hundred "luck" situations every day - the stranded motorist could be the president of our company, could be our future spouse, who knows. That's luck. When we cut someone off in traffic, or get cut off, the person we flipped the bird to might be in a rush to get to an interview on time - them interviewing us. In the elevator when we smile at someone oe don't, who that person is depends on luck. In any given year we have thousands of "luck" possibilities. Some will be great opportunities, some won't be.
Success and failure happens when our thousands of choices each year meet our thousands of lucky opportunities. Someone who is habitually rude will, by chance, end up being rude to the written person, eventually. Someone who is always helpful will, by chance, eventually be helpful to the right person.
Luck determines whether our fate happens on Wednesday or on Thursday. Our habits determine whether we'll be doing to right thing or the wrong thing when those opportunities come by.
> If you want to better understand how little they value security, just look at corporations because the same types of assholes are in charge of the budgets.
Fifteen years ago you would have had a good point. Next week I'm starting a new job, at a new company. Both my current company and the new one each spend over a million dollars per year on information security. So if I look at what these companies budget for security, it shows they value it very highly.
Companies are starting to realize not only the value of security as they used to define the term, but also this important insight: Security is Confidentiality, Integrity, and Availability. Starting with availability, that means basically resistant to craahing or becoming unavailable - even when under attack. A DOS attack is an attack against availability. Here's the thing - can a program that crashes unintentionally, when not even under attack, be secure? No, the availability leg of security is all about having reliable systems. If your systems are secure, it means they must be reliable - they won't have downtime at the wrong time. "Reliably up and working all the time" is a subset of "secure".
How about integrity? Integrity means an attacker can't mess up the data, and no other threat can. The data will be correct even if someone is trying to make it incorrect. Can a system which produces bad results be secure? Nope, correct results are a subset of security.
Lastly, the part of security most laypersons most often think of - keeping secrets secret. A secure system won't let your secrets get out.
So a secure system is one you can depend on, it's always up and running, doesn't crash, and it's operation and outputs are dependable - the results are right, all the time. Does that sound like what you want for the systems your business depends on? That's absolutely what corporate officers want. And that's a subset of security. Combined, "dependably up and running, and producing correct results every time" gets you about 90% of the way to "secure". So secure practices are really good idea even if you didn't care about data leaks.
My sample of corporations is a bit biased toward those who spend heavily on security, because I'm an expensive security professional. You don't call me unless you want to spend a good chunk of money on security.
My experience suggests that people get serious about security after they've been bitten. Nobody is more ready to buy quality locks and alarms than someone who just got burglarized. Most of the companies that have been negligent over the last 20 years have now been bitten and learned their lesson.
Slashdot Mirror
Whatever latency you have to the server, add another 100ms or so to compress and decompress the video stream.
Tic-tac-toe will work great.
40% gives his job performance a thumbs up as opposed to a thumbs down.
So most think poorly, 40% think more positive than negative of his job performance.
Personally, my rating for "liking" the guy is a lot lower than my rating for his performance on the job.
CNN reports that 70% of Americans say (see) that the economy is doing well, and that probably factors very much into Trump's job approval rating. You can, as I do, dislike the man and also be literate in economics, seeing that things are going well.
For comparison, at the same point in his term, Bush Jr. had an 85% approval rating. So half as many people approve of Trump's performance Trump compared to Bush Jr.
So they aren't saying "he's great!" 40% say that what he is doing as president is slightly more positive than negative.
As just one example, one of the top stories on Foxnews.com right now is:
DOUG SCHOEN: The world needs American leadership -- it's not getting it from President Trump
Aside from Democrats, Trump is in no way a traditional Republican candidate. Not exactly a "family values" guy, not someone who respects lessoned learned and is cautious about major changes. You could go down a little of what different Republicans tend to value and at least half of them, Trump is the opposite.
A LOT of Republicans don't care for Trump. Many disliked what Hillary would do to the country slightly more than they disliked Trump, so they held their nose and voted against Hillary, which meant marking "Trump".
The percentage of Millionaires who inherit any money at all is the same as the percentage of the general population. So inheritance has no measurable effect on becoming a millionaire. I don't know the stats on billionaires.
However, let's think through the idea that "90% of billionaires inherited all their money - nobody makes a billion dollars, only inherits it".
For that to be true, Dad would have had to make a billion dollars. But the claim is that nobody makes a billion dollars. Therefore that thesis contradicts itself and must be false.
Here are some statistics from Forbes. There are about 540 billionaires. They studied 400 of those, so most of them.
7% of billionaires inherited all of their money.
8% inherited nothing
The rest inherited *something* and then grew that to over a billion dollars.
https://www.forbes.com/sites/a...
Patent law in the US doesn't use the term "distribution". Copyright considers if it's commercial or non-commercial distribution as one element, but this is about patents.
Many sites publish all the recent patents, which describe the invention, so clearly it's legal to distribute a description of the invention. In fact that's one of the purposes of patents.
US patent law allows the patent holder to control, for a limited time, who "makes, uses, offers to sell, or sells" the invention. I would argue that mirroring CentOS is not "making, using, or selling" it. Therefore you would not violate a patent by distributing code which describes its implementation. No need to look for patents before distributing, only making, using, or selling.
See 35 U.S. Code S 271
>The pilots flew properly and under normal operation the MCAS trimmed out the elevator over and over until pulling the stick all the way back still left you pointing at the ground.
Yes, I explained it does that based on one sensor, and suggested that perhaps it shouldn't trim so far, especially with other instruments indicating it probably wasn't in a stall. So you disagree with the second half of my comment? You think it SHOULD nose dive?
That seems like a reasonable *rate* at which to bring the nose down.
If the system is adding 0.2 down elevator every second even though there is already 15 degrees down elevator and the pilot is pulling the stick back, and the AoA indicator isn't responding - it's staying at max AoA despite full down elevator, that's what I'm calling forcing the nose down hard. Forcing - overriding pilot input, hard - overriding all common sense based on the available dates.
For contrast, the system I designed set the elevator position near max AoA based on essentially this:
Max AoA - 2.5 + sqrt (stick back force)
So a pilot would have to have pull almost all the way back to exceed max AoA. The linkage was such that it had no effect until the elevator was up past neutral. Of course, this is on a plane that will naturally nose down in a stall if the elevator is neutral. That's a much more conservative approach than what Boeing did, based on what I've read.
I'm not a professional plane designer, just an amateur, and I haven't examined Boeing's design in detail. Reports indicate that it forced the nose down despite numerous indications that it was not appropriate to do so, based solely on the AoA sensor.
A major study of mega-rich people found that is the major common factor - a powerful drive to build large amounts of wealth, at the expense of pretty much everything else in life. The mega-rich in most cases gave up family, friends, hobbies, etc and focused 100% on business.
Not so for typical millionaires. What millionaires have in common is that they consistently put 10%-15% in their 401k and their employer matched part of that. The power of compound interest, investing a little from every paycheck over time, is 99% of rich people. The 0.001% are the those obsessed with building their empire.
I started to say "obsessed with money", but that's not accurate. One could found and build a very successful space rocket company because you're obsessed with commoditizing space travel. Large amounts of money would be a side-effect.
I designed a similar system for my RC planes. I haven't actually installed it, because it isn't necessary. It's okay to not have it.
This system is designed to detect when the pilot has seriously screwed up, pointing the nose way too high. Most planes don't have it. I thought about using one only because I'm a bad RC pilot. (I'm a bit better with a real plane).
So in this case, if you have two sensors which disagree, you can ignore the one that says you're nose high, and the plane will function like any other plane.
You could also cross-check other sensors and / or have a milder response. In a true high-speed stall in an airliner you'd expect to see significant deflection of the elevator or ailerons (turns can cause high-speed stalls). If you don't have a lot of elevator or aileron deflection, the stall warning could be a false positive.
Based on data from one or two AoA sensors plus correlation with other sensors, you could GENTLY nudge the nose down appropriately. It seems Boeing forced the nose down hard, despite the pilot pulling back as hard as he could.
I starting designing a fully aerodynamic system (not electronic) which would add a few degrees of down offset to whatever the pilot ordered. Assume the max AoA is 12Â. Once the the sensor detects AoA is more than 10, it would basically gradually subtract 0-3Â from the pilot input. So the pilot could pull the stick hard enough that would otherwise cause a 15Â AoC before the plane would hit the critical 12Â. It was designed to aid the pilot, helping the pilot avoid going over. It seems Boeing's system completely overrode pilot input. My design was more like "the pilot would have to try really hard to crash".
I've been getting incredibly lucky too, lately.
For years, I did what I wanted to do, living for the now, and kept having incredibly bad luck. As I mentioned, I ended up homeless, living under a tarp on a vacant lot.
Then I switched to making it a habit to focus on five years down the road. Giving up what I wanted at the moment in exchange for what would most likely bring good things five years later. I keep having incredibly good luck since then.
In the past on Slashdot I've identified at least daily decisions we make, starting with getting out of bed or hitting the snooze button. We have thousands of decision points every year, and multiple years. I made really bad decisions for about ten years, got bad results, then started making much better decisions and getting much better results.
Life is a poker career, not a poker hand. Phil Helmuth has a successful poker career because he in in the habit of making good poker decisions. The luck of the draw determines whether it is this hand he wins, or the next or the one after. We all get thousands and thousands of cards, and make thousands and thousands of decisions. We all get some good cards, some bad cards, and some mediocre cards. Phil makes his living on poker every year by consistently making smart decisions, not on each hand by getting lucky.
I could describe my past, my circumstances, to you in a way that would make me sound like the unluckiest guy alive. I've needed dozens of surgeries for significant medical problems. I could also describe it in a way that makes me sound like the luckiest guy alive. There's good and bad, always.
Most people reading this are in the US or Western Europe, and mostly nerds, tech types. Therefore the vast majority of us are in the top 3% in terms of income. Some of us, though in the top 2%-3%, what about not being in the top 1% while we call in sick to play the new video game.
You're STILL responsible if you're selling something that violates a patent. It's not an alternative and GPLv3 in no way relieves you of that.
If this was about busting people for texting and driving, a cop could stand by the side of the road while his partner is two blocks up in the cruiser and they'd probably get somebody every five minutes. You and I see it constantly while we're driving around. Just watch people start at their phone, doing the thumb dance as they drive by. For bonus points, have a camera that shows what the cop saw.
Cop who sees rhe texting driver (and has it on video) radios his partner to light them up.
If you want to do it with less manpower, just have the cops keep an eye out for texting and driving while they do their usual patrol. I see drivers doing it, you see them. Cops can see them too.
This law clearly is not about enforcing texting and driving; there is something else going on here.
> you just need somebody else to contribute the code that violates your patent.
That's precisely the problem.
> I shouldn't have to verify that the patent-infringing code was actually ***contributed*** by company x.
Everyone is entitled to their opinion, I suppose. Some people claim, falsely, "it only applies to code the patent-holder contributes". At least you recognize that's false and you don't make that claim.
The conditions you list for invalidating a patent under GPLv3 are *almost* correct. In fact the patent-holder doesn't have to contribute at all in order to lose their patent bases on some third-party (competitor?) contributing infringing code. They need only either USE the v3 software in a customer-facing system, or provide a mirror. For example many universities provide mirrors of Linux distributions. By doing so, the terms of v3 say they lose all patent rights to anything they have patented, the moment somebody contributes infringing code to any distro that they mirror.
The problem is that's millions and millions of lines of code that nobody at the university has ever seen. They are just providing a CentOS mirror, not auditing CentOS for patent issues. By providing a mirror, they relinquish all patents to anything at all that anyone can sneak into the code.
You may be able to to run ping and traceroute without being root by typing "/usr/sbin/ping" or "/use/sbin/traceroute".
Use "which traceroute" to find out if it's in sbin, which won't be in the PATH for a normal user.
Ping and traceroute used to use raw sockets by default, which isn't allowed for normal users. Now it uses UDP by default so non-root users can use it (with the full path if needed).
Current traceroute has the"-I" option to use old-style icmp. It's often installed setuid, meaning normal users can run it even with -I and it behaves as though they were root. You can check with:
ll /usr/sbin/ping /usr/sbin/ping
Which may return:
-r-s--x--x 1 root bin 40960 Aug 24 1998
The "s" means it is set uid.
So you can:
Use the full path and it will probably work (using UDP).
Use -I to traceroute any host you can ping, if it's setuid or you are root.
Showpath does away with these choices and just does udp only, which often works fine.
GPLv3 does include a clause which appears to be an attempt to improve this situation.
Unfortunately, Richard Stallman also included a poison pill in GPLv3 which makes it risky for any organization to use GPLv3 if any part of their organization has a patent on anything. He wanted to use GPLv3 to kill patents, by making it so that anyone who has any patent can't safely use GPLv3 code. The result is that patents killed GPLv3 use.
Some will say "no, it's intended to mean you can't patent something in the code; you can have other patents". But that's not what it says. During the draft process we asked that it be clarified if that was indeed the intent. Stallman refused to change the wording to limit it's applicability to only contributions made by the person or company who has the patent.
Because Stallman refused to adjust the wording before releasing the version of GPLv3, this is the current situation:
I worked for a major university. Some departments in that university do a lot of research and development. The R&D is funded in part by patenting the useful results and licensing the patents to companies which make use of the R&D. If any other part of the university were to distribute GPLv3 code anywhere, at any campus, it would put all of the universities patents at risk. Someone, perhaps a competitor or perhaps someone who doesn't know anything about the patent, could invalidate the patent by contributing a module which makes use of it.
That doesn't happen with GPLv2, so any organization which has any patent on anything is safer using GPLv2 code. GPLv2 doesn't have a patent poison clause.
If GPLv4 changes the clause to say it only applies to code authored / contributed by the organization that has the patent, that would mostly fix the problem. That's what proponents of v3 *say* that that *intend*, but they haven't allowed the license to say that.
Comparing "man showpath" with "man traceroute", we find that showpath can do a lot less than traceroute can - it has far fewer options.
One might also notice that unlike traceroute, showpath tries a bunch of ports and hopes - the results of showpath might be similar to reality, the results are often right, often not. Traceroute uses one and the results it provides are correct. (Or in case of error, traceroute indicates an error, as opposed to false results).
So by now I'm sure you see why traceroute had to be replaced by showpath - to make it dumber and less reliable.
Actually the best I can tell, those who wanted to replace traceroute never bothered to check the docs after they heard about a "problem" with tracert which doesn't actually exist. The excuse for getting rid of traceroute is that "you have to be root to run traceroute", but that simply isn't true. There are in fact TWO different ways that non-root users can run traceroute. Like ping, normally it's installed setuid, which allows any user to run a small program as if they were root. You wouldn't want large, complex programs to run setuid in case of security bugs in them, but for small, simple programs it's fine. If you don't want to set it setuid, any user can still run it and it'll do the same udp trick that showpath does. Showpath is literally a small subset of traceroute's functionality. It's not so much replacing one with another, but rather "take away all of the most commonly used options for traceroute and leave only showpath remaining". Genius.
That reminds me of when we were kids and my brother got in a huge argument with our cousins. My brother, from Denver, knew for certain the mountains are in the West. My cousins, from New Mexico, knew darn well the mountains are East.
> There are only 1.1 million lawyers in the US.
And how many trillion dollar companies? Hint - you probably won't need both hands to could them.
Roughly 2 million children of lawyers. One of which built a trillion-dollar company.
There are a lot of lawyers doing quite well, and even more children of lawyers. Yet only ONE of them is Bill Gates, one built a trillion-dollar company.
So your theory that Gates' trillion dollar company is the result of having a successful parent doesn't quite work out, because 99.9999% of people who have successful parents do not build huge companies. Very clearly parents success didn't cause his, because that doesn't happen 99.9999% of the time. In fact, people who have over $10 million are slightly more likely to have parents who struggled financially. Perhaps financial struggle as a child tends to make people focus more on money.
My parents did well. I, like you, thought that having successful parents would make me automatically successful. That idea lead to me being homeless. Since being my dad's son didn't work to get me paid, I started thinking about what my dad had done to become successful. He grew up so poor the family house had a dirt floor. They ate meat on Sunday nights, or whenever he could catch a squirrel. How did he go from Bubba to country club? That involved scrubbing toilets to put himself through school. So I started scrubbing toilets. Today I have a pretty nice house. I pay for it with my good job; I didn't get a cent from my dad.
Having said that, it may well be that if Gates had grown up poor he'd have only $100 million today rather than $100 billion. He took what he had and multiplied it by 100 million. Had he started with only $100, he'd only have $1 billion today instead of $100 billion.
My city councilman lives two blocks away. I can stop by any time. Most evenings he'll be out in his shop working on a hot rod. I've had a fifteen minute conversation with him, and a 15 minute conversation with his opponent in the last election.
My Texas state Senator (state laws) does a call-in program on the local radio station every week. I've called and pointed out where I thought he was looking at things the wrong way, had a 5 minute conversation with him.
My Washington senator - don't know where they live, and I doubt I'll ever have a conversation with them.
When Californians want to support California orange growers, they each send $1.00 to Washington and ask Washington to send $0.60 back to California orange growers.
When Texans want to support pecan growers in Texas - well mostly they buy pecans and make a pecan pie, no government involved. But when they want to involve government, they have the state spend $1.00 each supporting pecan growers.
Californians then brag that until recently they sent a lot of money to Washington. This perplexes Texans because sending your money to Washington seems like a pretty stupid thing to do, in their opinion.
That sentence demonstrates without requiring much thought what the article demonstrates if you think about it -
the author is an idiot.
Bill Gates isn't a successful programmer, he didn't write DOS. He's an incredibly successful business person, he bought and sold DOS and managed a company to turn it into billions.
Here's a little story about luck. I recently got lucky and got a new high-paying job. Maybe my dream job. Lucky for me, the hiring managers were looking for someone to do the types of things I have been doing at work lately, such as teaching a CISSP course. My class consisted of about 50 employees ranging from our head of internal security to recently hired engineers. The reason I volunteered to do such a class was precisely to raise my profile as a security expert - to put self in front of these managers while I filled the role of security expert. If you want to eventually have options of good security jobs, it doesn't hurt to have the head of security see that you are an expert, I figured. Twice per month I attended a meetings of security groups like OWASP and ISC2. At those meetings I talked to dozens of people about the companies they worked for and which skill sets they were hitting for. I kept on eye on the open positions at three local companies I was interested in. I tried to learn more about the skills they were looking for. I kept my LinkedIn updated with accomplishments and fielded calls from recruiters several times per week - mostly pointless calls. I kept a copy my resume in my car and gave it to someone who might be able to hire me. I did a good job at my current role, asking my co-workers and my boss how I could improve. I struggled to actually be *nice* to co-workers, although my natural state is asshole.
Overall I did hundreds of things to increase my odds of landing a great job. Hundreds of things "didn't work" immediately, yet I kept doing them. Eventually I "got lucky" and two of the things I was doing aligned with what a company was looking for and I landed the great job. How lucky.
It's like wearing a seatbelt. 99.9% of the time, if you don't wear a seatbelt nothing bad will happen. But eventually there will be an accident, so if you don't wear a seatbelt 99.9% of the time, you're probably going to end up hurt.
A large percentage of people who found very successful businesses first started several businesses that were not successful. They learned from their failures and kept trying. Eventually they learned enough and try enough things to find one that worked well - they "got lucky" and did tell right things, by trying a lot of things that seemed likely to be right.
We all make a hundred decisions every day. Starting with whether to hit the anooze button and ending with going to bed in time. Do we stop to help the person on the aide of the road while we're on the way to work?
We have a hundred "luck" situations every day - the stranded motorist could be the president of our company, could be our future spouse, who knows. That's luck. When we cut someone off in traffic, or get cut off, the person we flipped the bird to might be in a rush to get to an interview on time - them interviewing us. In the elevator when we smile at someone oe don't, who that person is depends on luck. In any given year we have thousands of "luck" possibilities. Some will be great opportunities, some won't be.
Success and failure happens when our thousands of choices each year meet our thousands of lucky opportunities. Someone who is habitually rude will, by chance, end up being rude to the written person, eventually. Someone who is always helpful will, by chance, eventually be helpful to the right person.
Luck determines whether our fate happens on Wednesday or on Thursday. Our habits determine whether we'll be doing to right thing or the wrong thing when those opportunities come by.
> If you want to better understand how little they value security, just look at corporations because the same types of assholes are in charge of the budgets.
Fifteen years ago you would have had a good point.
Next week I'm starting a new job, at a new company. Both my current company and the new one each spend over a million dollars per year on information security. So if I look at what these companies budget for security, it shows they value it very highly.
Companies are starting to realize not only the value of security as they used to define the term, but also this important insight:
Security is Confidentiality, Integrity, and Availability.
Starting with availability, that means basically resistant to craahing or becoming unavailable - even when under attack. A DOS attack is an attack against availability. Here's the thing - can a program that crashes unintentionally, when not even under attack, be secure? No, the availability leg of security is all about having reliable systems. If your systems are secure, it means they must be reliable - they won't have downtime at the wrong time. "Reliably up and working all the time" is a subset of "secure".
How about integrity? Integrity means an attacker can't mess up the data, and no other threat can. The data will be correct even if someone is trying to make it incorrect. Can a system which produces bad results be secure? Nope, correct results are a subset of security.
Lastly, the part of security most laypersons most often think of - keeping secrets secret. A secure system won't let your secrets get out.
So a secure system is one you can depend on, it's always up and running, doesn't crash, and it's operation and outputs are dependable - the results are right, all the time. Does that sound like what you want for the systems your business depends on? That's absolutely what corporate officers want. And that's a subset of security. Combined, "dependably up and running, and producing correct results every time" gets you about 90% of the way to "secure". So secure practices are really good idea even if you didn't care about data leaks.
My sample of corporations is a bit biased toward those who spend heavily on security, because I'm an expensive security professional. You don't call me unless you want to spend a good chunk of money on security.
My experience suggests that people get serious about security after they've been bitten. Nobody is more ready to buy quality locks and alarms than someone who just got burglarized. Most of the companies that have been negligent over the last 20 years have now been bitten and learned their lesson.