It's funny, during the summer here in Texas if you leave your garden hose in the sun, especially a black hose, the water inside will get hotter than than your water heater. Yet we're paying to run an electric water heater. Simply putting the tank by the back porch, in a black box, would allow it to stay hot for free.
That's an interesting idea. Sometimes there is only one driver nearby and as a customer the uncertainty would be a turn off. I like to be able to plan on using Uber. I would think the bidding would also be less desirable for drivers, who prefer some predictability (they already don't know how many people will be wanting rides, if they'll get much business). So I think Uber makes it better for both drivers and passengers by setting some predictable, standard pricing. I wonder if there is a way to get "the best of both worlds", giving drivers more control, while maintaining some predictability.
Btw, I mentioned the IRS has extensive guidelines. Some people mistakenly think that if you CALL a worker an independent contractor you can reduce tax payments and hassle. This is a major item the IRS watches for. Calling someone an independent contractor when they are not in fact independent is tax evasion. Every year the IRS levies billions of dollars in civil penalties for employment tax evasion, and refers cases for criminal prosecution. Business owners and executives go to prison.
Want to save some hassle? Which option is more hassle?: a) Forwarding pay stubs to your accountant to do payroll taxes b) Serving 24 months in federal prison
Independence in investment in and choice of equipment etc. If the worker uses their own judgement to decide which equipment they want to use, and they buy their equipment, that may be an independent contractor. If the payer chooses and buys the equipment, it's likely an employee using it. In this cass, the employee chooses and buys their own car.
Permanence. Short-term gigs are often contracts. Projects that take more than a year to complete, where the worker is expected to be there long term, are likely employees. People doing Uber while between jobs, or to get some extra holiday cash, look like contractors.
Degree of control. Does the payer specify the outcome (fix my sink) or the exact process?
Financial risk. If the company guarantees exactly $x / hour, no more or less, that's probably an employee. If the worker can make more or less depending on how they choose to run their work, that's probably a contract.
Initiative and judgement. Is the worker following a script provided by the payer, or making their own plans and judgements? Can the Uber driver decide what area to work, based on which part of town they think will make the most money?
Ability to work for others, and actually working for others. Can Uber drivers also drive for Lyft? The plumber I hire to fix my sink also does similar work for other people, so he's a contractor. I have a limited non-compete clause with my employer, so I'm an employee.
I probably forgot one.
The IRS has extensive guidelines. The department of labor has similar ones, but not as extensive. The Supreme Court has enumerated broad considerations in certain cases.
Generally, the word "Independent" in "independent contractor" is important. Does the worker control how they do the work?
With Uber it seems to me people have two viewpoints on the whole thing. Uber advertises "make extra money in your free time". Many drivers see it as a full-time, long-term job.
It seems to me that while *some* people are able figure out the best hours and locations to work in order to do well with it long-term, for most people it's probably better as something you'd do while looking for another job, or only occasionally during surge pricing periods or whatever.
Speaking of doing lots of different things; wind power, geothermal, hydro, and passive solar are all more efficient than solar-electric, and in locations where they make sense, they are overall much better than solar-electric. Nuclear is an important carbon-free power source that can largely replace coal and other carbon-producing power.
Solar-electric gets the most press because those companies have the best political lobbying machinery and marketing, not because it's the best solution. Don't make the mistake of thinking "carbon-free" means "solar-electric".
Agreed. At work we deal with new vulnerabilities daily. Tuesday, Microsoft released patches for maybe 70 vulnerabilities, as they do each month. CVEs are fine.
Heart bleed we reference often enough that it's useful to have a memorable name, rather than trying to remember the CVE. Though even in such cases, it might be more useful to use the category names such as "padding oracle" instead of saying "similar to Logjam". That reminds us that Logjam is only a very specific case of a general problem. You can easily re-create something almost exactly like Logjam if you think Logjam was the problem, rather than padding oracles generally.
That's a good question. There are arguments both ways.
VirnetX WAS a research and development company that employed a lot of scientists and did good work. They z created* technology, they didn't mass produce and market it. Instead they did the research and licensed their patents to telecommunications companies and others.
Then somewhere along the line they realised they could *buy" parents cheaper than they could do the original research. They started licensing out patents that they bought, serving as a match-maker between researchers and companies that needed the technology. So far so good, in my opinion. We can see they got into the patent business, though.
Patent trolls frequently use "submarine patents", surprising companies *after* they have developed a product. That's not the case here. Apple engineers knew they were violating patents as they developed Apple's products. I don't know if Apple discussed license terms with VirnetX.
On the other hand, it seems these patents may not be valid after all. Patent trolls do frequently use questionable patents.
$5 is the labor cost, for a small house. The wood, nails, brackets, etc cost money. As does the foundation, before you can even start building the framing. Then you have plumbing, electrical, drywall, painting, flooring, countertops, sinks, showers, toilets etc, air conditioning, hearing...
To give you a rough idea, flooring alone costs $1-$20/sq foot just for materials. Granite countertops cost much more.
In some areas, the land costs more than building the house also.
Office 365 (Office in the Cloud) is indeed what they've been pushing, and where they have increased their revenue. They gave away Windows 10 upgrades, didn't even try to sell it.
Windows *is* still important as an Active Directory client. The whole ecosystem around Active Directory, corporate networks with Microsoft everything, is still a money-maker for them. Windows on corporate desktops means they can make money around Exchange, Active Directory, etc, and by extension SQL Server and other things they sell to Windows-based organizations. Windows itself isn't the money-maker, that's just the (nearly free) client used to access their expensive server and networking products.
Any mail client can use standardized email protocols such as SMTP, pop3, and IMAP, to interface with any mail server that is based on standard protocols.
In Microsoft-based networks, Outlook speaks MAPI with Exchange. There is no SMTP, IMAP, or pop3. MAPI is based on COM, a too-clever-by-half programming model that Microsoft developed COM (aka Active X) as the next version of Object Linking and Embedding, before the whole concept was obsoleted by HTML. Basically what COM is designed for is to set up a rather complex binary interface to declare that a Word document should have a certain picture or sound embedded in it. Microsoft execs had a heart attack when their billion-dollar effort was replaced by "IMG src".
Anyway, back to MAPI, the protocol used by Outlook, Exchange, and other Microsoft products. MAPI is COM over RPC. RPC is another Microsoft invention-by-committee. Basically imagine Lennart Poettering got super drunk with Weird Al Yankovich and they re-invented SOAP together, with a bit of REST thrown in for metadata, but decided it should all be binary - no readable text allowed. That's Microsoft RPC.
Nobody else but Microsoft uses MAPI, which is, shall we say "not astonishing".
Microsoft provides a big network system, with Active Directory at the center. Active Directory is a database for storing user information, a configuration management system, a DNS server, an email server, and about 20 other things. It interacts with a bunch of other products using Microsoft proprietary protocols. If a company buys into the Microsoft network plan, where Active Directory is the central brain of everything, it can be a hassle to use any non-Microsoft products anywhere in the network.
If, on the other hand, you build your network using standard network protocols, you can easily have Windows, Mac, Linux, Cisco, and Android devices, all talking to each other.
The key only needs to be available while installing a new kernel (not all the time), and only on one system in your organization.
Without the protection: At any time, any system on your network can have kernel-level code changed, from userspace.
With the protection: Before you deploy a new kernel across your network, plug your USB stick with key into your build system in order to allow dkms to build and sign the module. Then unplug the stick so that your kernel can't be changed without you doing it.
It gives you control of when and where your kernel can be changed, by dkms or any other program.
First, kernel lockdown in no way restricts which drivers you might have running. If you want to *change* which drivers you have running without rebooting, you'll need to *sign* the new module. Absolutely nothing prevents you from signing an open-source module. The command is:
scripts/sign-file sha512 kernel-signkey.priv kernel-signkey.x509 module.ko (Or just set check the box to sign all modules in make menuconfig).
Sign-file signatures work for both secure boot and the kernel restriction. For the kernel, the first time you ever sign a module you enroll your public key with keyctl.
> Spending time & effort to find a way to run Linux distros inside Windows is like struggling to find a way to mount an Abrams tank on top of a Mini-Cooper. > What's the point outside of a few edge-cases where it may possibly be helpful/convenient?
For the user, the point is that for 20 years Microsoft's strategy was to ensure vendor lock-in for corporate IT environments. A lot of companies therefore issue Windows desktops and won't provide Linux desktops. Microsoft did a pretty good job of making it difficult for large corporations to use anything but Windows because of all the inter-related proprietary stuff. An organization can easily run Windows or not run Windows, but if the company chose Windows it's been hard to add a few Linux desktops to the mix. Partially because everyone in corporate IT knows the Microsoft way of doing things, not cross-platform standards.
I can be FAR more productive using Linux than Windows. Now, I can continue to use Linux, on the Windows desktop issued by corporate headquarters.
Fyi MacOS (formerly known as OS X) is actually, officially Unix, and carries the Unix trademark. It's MORE Unix-like than Linux is, because Mac *is* UNIX. Linux is not Unix. (Linux stands for "LInus's Not UniX".
Microsoft sees that they are losing in the OS space. Yes, corporate desktops still run Windows, but the vast majority of CPUs sold in the last ten years aren't corporate desktops. Where MS is making their money is MS Office cloud subscriptions.
It would be interesting to do a study on the extent to which autocomplete is a teacher vs a crutch.
My guess is that the ideal would be a slow-response autocomplete, slow enough that it never appears while typing things you know, and it gives the learner a second to try to remember. If you stop typing mid-word for a few seconds (because you don't know) it prompts you with reminders.
It's language-dependent too. For example, JavaScript was written in a just a few days. Because of that, the order of arguments and such is inconsistent in places. Reminders are needed more than in a more consistent language such as C. C is also a much smaller language, and therefore should be easier to learn quickly.
If you know the language, a solid text editor is the best way to go. For professional programmers, if you take the time to really learn a great editor the code can flow effortlessly, almost as if your brain is wired directly to the output. Think "delete this block" and your fingers automatically do the keystroke to delete a block.
If you DON'T know the language, having autocomplete make suggestions can help as you guess your way through it.
I do turn on syntax highlighting mostly because it provides an obvious cue if I miss a quote or something - half the screen turns red, which looks obviously very different than how it should look after each statement is written. I don't pay any attention to the details of the syntax colors - there is just a difference in what the screen as a whole looks like when there is a syntax error.
That's a reasonable guess, but a single JSOW-C1 costs as much as 25-100 similar sized weapons with less precise guidance, in dollar cost. Basic guided bombs can be be had for $25,000, the joint munition is close to $700,000.
The AASM isn't a cheap weapon either, if you're counting costs in money.
You mentioned a lot of non-violent uses of technology that has been funded by the military, and military resources being used to deliver food, medical supplies, and other relief. That's all true and good. Versus violent uses, you say, which are bad.
ALSO there are countries who want to wipe us out. There are countries with the ability to kill millions of Americans. What has happened before will happen again - there will be a country who *wants* to attack us and *can*. The US response to Japanese surprise attack at Pearl Harbor was very much violent - as it needed to be. They were bombing us - by surprise, pretending to negotiate trade agreements with us while their ships were underway to attack us. Swift and violent action to protect ourselves was the right action, and the only option.
I most certainly don't agree with every use of the US military. I AM very glad for its primary use - being a massive deterrent to anyone who might think about attacking us. You may think "no military would ever attack the United States". That's true, at the moment. But why? Why wouldn't North Korea, or Iran, Russia, or China*, send bombers to the US? Because we would crush them, that's why. The REASON we don't have to fight off an attack today is precisely because of our military capability.
That's the main use of a superpower military - making an attack on us inconceivable by simply having the *capability* to win decisively and quickly if we were attacked. That's a good thing. I don't want our country to be defenseless, a tempting target. Our capacity for overwhelming violence is a large part of why other countries don't initiate violence against us or our friends.
* The situation with China specifically is a bit more complex at the moment. Trade is important to them, and they have some significant military power. They have also noticed that they can attack us via cyber warfare and we don't treat it as an attack, we let them get away with that.
Slashdot Mirror
It's funny, during the summer here in Texas if you leave your garden hose in the sun, especially a black hose, the water inside will get hotter than than your water heater. Yet we're paying to run an electric water heater. Simply putting the tank by the back porch, in a black box, would allow it to stay hot for free.
That's an interesting idea. Sometimes there is only one driver nearby and as a customer the uncertainty would be a turn off. I like to be able to plan on using Uber. I would think the bidding would also be less desirable for drivers, who prefer some predictability (they already don't know how many people will be wanting rides, if they'll get much business). So I think Uber makes it better for both drivers and passengers by setting some predictable, standard pricing. I wonder if there is a way to get "the best of both worlds", giving drivers more control, while maintaining some predictability.
Btw, I mentioned the IRS has extensive guidelines. Some people mistakenly think that if you CALL a worker an independent contractor you can reduce tax payments and hassle. This is a major item the IRS watches for. Calling someone an independent contractor when they are not in fact independent is tax evasion. Every year the IRS levies billions of dollars in civil penalties for employment tax evasion, and refers cases for criminal prosecution. Business owners and executives go to prison.
Want to save some hassle? Which option is more hassle?:
a) Forwarding pay stubs to your accountant to do payroll taxes
b) Serving 24 months in federal prison
Thanks for that.
The law considers the following things:
Independence in investment in and choice of equipment etc. If the worker uses their own judgement to decide which equipment they want to use, and they buy their equipment, that may be an independent contractor. If the payer chooses and buys the equipment, it's likely an employee using it. In this cass, the employee chooses and buys their own car.
Permanence. Short-term gigs are often contracts. Projects that take more than a year to complete, where the worker is expected to be there long term, are likely employees. People doing Uber while between jobs, or to get some extra holiday cash, look like contractors.
Degree of control. Does the payer specify the outcome (fix my sink) or the exact process?
Financial risk. If the company guarantees exactly $x / hour, no more or less, that's probably an employee. If the worker can make more or less depending on how they choose to run their work, that's probably a contract.
Initiative and judgement. Is the worker following a script provided by the payer, or making their own plans and judgements? Can the Uber driver decide what area to work, based on which part of town they think will make the most money?
Ability to work for others, and actually working for others. Can Uber drivers also drive for Lyft? The plumber I hire to fix my sink also does similar work for other people, so he's a contractor. I have a limited non-compete clause with my employer, so I'm an employee.
I probably forgot one.
The IRS has extensive guidelines. The department of labor has similar ones, but not as extensive. The Supreme Court has enumerated broad considerations in certain cases.
Generally, the word "Independent" in "independent contractor" is important. Does the worker control how they do the work?
With Uber it seems to me people have two viewpoints on the whole thing. Uber advertises "make extra money in your free time". Many drivers see it as a full-time, long-term job.
It seems to me that while *some* people are able figure out the best hours and locations to work in order to do well with it long-term, for most people it's probably better as something you'd do while looking for another job, or only occasionally during surge pricing periods or whatever.
Speaking of doing lots of different things; wind power, geothermal, hydro, and passive solar are all more efficient than solar-electric, and in locations where they make sense, they are overall much better than solar-electric. Nuclear is an important carbon-free power source that can largely replace coal and other carbon-producing power.
Solar-electric gets the most press because those companies have the best political lobbying machinery and marketing, not because it's the best solution. Don't make the mistake of thinking "carbon-free" means "solar-electric".
Agreed. At work we deal with new vulnerabilities daily. Tuesday, Microsoft released patches for maybe 70 vulnerabilities, as they do each month. CVEs are fine.
Heart bleed we reference often enough that it's useful to have a memorable name, rather than trying to remember the CVE. Though even in such cases, it might be more useful to use the category names such as "padding oracle" instead of saying "similar to Logjam". That reminds us that Logjam is only a very specific case of a general problem. You can easily re-create something almost exactly like Logjam if you think Logjam was the problem, rather than padding oracles generally.
That's a good question. There are arguments both ways.
VirnetX WAS a research and development company that employed a lot of scientists and did good work. They z created* technology, they didn't mass produce and market it. Instead they did the research and licensed their patents to telecommunications companies and others.
Then somewhere along the line they realised they could *buy" parents cheaper than they could do the original research. They started licensing out patents that they bought, serving as a match-maker between researchers and companies that needed the technology. So far so good, in my opinion. We can see they got into the patent business, though.
Patent trolls frequently use "submarine patents", surprising companies *after* they have developed a product. That's not the case here. Apple engineers knew they were violating patents as they developed Apple's products. I don't know if Apple discussed license terms with VirnetX.
On the other hand, it seems these patents may not be valid after all. Patent trolls do frequently use questionable patents.
$5 is the labor cost, for a small house. The wood, nails, brackets, etc cost money. As does the foundation, before you can even start building the framing. Then you have plumbing, electrical, drywall, painting, flooring, countertops, sinks, showers, toilets etc, air conditioning, hearing ...
To give you a rough idea, flooring alone costs $1-$20/sq foot just for materials. Granite countertops cost much more.
In some areas, the land costs more than building the house also.
Office 365 (Office in the Cloud) is indeed what they've been pushing, and where they have increased their revenue. They gave away Windows 10 upgrades, didn't even try to sell it.
Windows *is* still important as an Active Directory client. The whole ecosystem around Active Directory, corporate networks with Microsoft everything, is still a money-maker for them. Windows on corporate desktops means they can make money around Exchange, Active Directory, etc, and by extension SQL Server and other things they sell to Windows-based organizations. Windows itself isn't the money-maker, that's just the (nearly free) client used to access their expensive server and networking products.
Any mail client can use standardized email protocols such as SMTP, pop3, and IMAP, to interface with any mail server that is based on standard protocols.
In Microsoft-based networks, Outlook speaks MAPI with Exchange. There is no SMTP, IMAP, or pop3. MAPI is based on COM, a too-clever-by-half programming model that Microsoft developed COM (aka Active X) as the next version of Object Linking and Embedding, before the whole concept was obsoleted by HTML. Basically what COM is designed for is to set up a rather complex binary interface to declare that a Word document should have a certain picture or sound embedded in it. Microsoft execs had a heart attack when their billion-dollar effort was replaced by "IMG src".
Anyway, back to MAPI, the protocol used by Outlook, Exchange, and other Microsoft products. MAPI is COM over RPC. RPC is another Microsoft invention-by-committee. Basically imagine Lennart Poettering got super drunk with Weird Al Yankovich and they re-invented SOAP together, with a bit of REST thrown in for metadata, but decided it should all be binary - no readable text allowed. That's Microsoft RPC.
Nobody else but Microsoft uses MAPI, which is, shall we say "not astonishing".
Microsoft provides a big network system, with Active Directory at the center. Active Directory is a database for storing user information, a configuration management system, a DNS server, an email server, and about 20 other things. It interacts with a bunch of other products using Microsoft proprietary protocols. If a company buys into the Microsoft network plan, where Active Directory is the central brain of everything, it can be a hassle to use any non-Microsoft products anywhere in the network.
If, on the other hand, you build your network using standard network protocols, you can easily have Windows, Mac, Linux, Cisco, and Android devices, all talking to each other.
Actually /usr/bin/date +%s
Which returns the same thing as the Perl built-in time()
That sounds great. I have some co-workers that could use that!
Recently I fixed up some Perl where one of our most senior guys had forked a process to run /use/bin/time. Uhm, did you mean time()?
The key only needs to be available while installing a new kernel (not all the time), and only on one system in your organization.
Without the protection:
At any time, any system on your network can have kernel-level code changed, from userspace.
With the protection:
Before you deploy a new kernel across your network, plug your USB stick with key into your build system in order to allow dkms to build and sign the module. Then unplug the stick so that your kernel can't be changed without you doing it.
It gives you control of when and where your kernel can be changed, by dkms or any other program.
First, kernel lockdown in no way restricts which drivers you might have running. If you want to *change* which drivers you have running without rebooting, you'll need to *sign* the new module. Absolutely nothing prevents you from signing an open-source module. The command is:
scripts/sign-file sha512 kernel-signkey.priv kernel-signkey.x509 module.ko
(Or just set check the box to sign all modules in make menuconfig).
Sign-file signatures work for both secure boot and the kernel restriction. For the kernel, the first time you ever sign a module you enroll your public key with keyctl.
Here are some revenue numbers quoting directly from Microsoft's audited annual report:
--- ...
Office commercial products and cloud services revenue increased 10% (up 10% in constant currency) driven by Office 365 commercial revenue growth of 41% (up 41% in constant currency)
Windows commercial products and cloud services revenue decreased 4% (down 5% in constant currency)
---
Office 365 up 41%, Windows down 5â.... Those are the numbers.
Those are good points. The poor support for X is annoying.
> Spending time & effort to find a way to run Linux distros inside Windows is like struggling to find a way to mount an Abrams tank on top of a Mini-Cooper.
> What's the point outside of a few edge-cases where it may possibly be helpful/convenient?
For the user, the point is that for 20 years Microsoft's strategy was to ensure vendor lock-in for corporate IT environments. A lot of companies therefore issue Windows desktops and won't provide Linux desktops. Microsoft did a pretty good job of making it difficult for large corporations to use anything but Windows because of all the inter-related proprietary stuff. An organization can easily run Windows or not run Windows, but if the company chose Windows it's been hard to add a few Linux desktops to the mix. Partially because everyone in corporate IT knows the Microsoft way of doing things, not cross-platform standards.
I can be FAR more productive using Linux than Windows. Now, I can continue to use Linux, on the Windows desktop issued by corporate headquarters.
Fyi MacOS (formerly known as OS X) is actually, officially Unix, and carries the Unix trademark. It's MORE Unix-like than Linux is, because Mac *is* UNIX. Linux is not Unix. (Linux stands for "LInus's Not UniX".
Microsoft sees that they are losing in the OS space.
Yes, corporate desktops still run Windows, but the vast majority of CPUs sold in the last ten years aren't corporate desktops. Where MS is making their money is MS Office cloud subscriptions.
It would be interesting to do a study on the extent to which autocomplete is a teacher vs a crutch.
My guess is that the ideal would be a slow-response autocomplete, slow enough that it never appears while typing things you know, and it gives the learner a second to try to remember. If you stop typing mid-word for a few seconds (because you don't know) it prompts you with reminders.
It's language-dependent too. For example, JavaScript was written in a just a few days. Because of that, the order of arguments and such is inconsistent in places. Reminders are needed more than in a more consistent language such as C. C is also a much smaller language, and therefore should be easier to learn quickly.
If you know the language, a solid text editor is the best way to go. For professional programmers, if you take the time to really learn a great editor the code can flow effortlessly, almost as if your brain is wired directly to the output. Think "delete this block" and your fingers automatically do the keystroke to delete a block.
If you DON'T know the language, having autocomplete make suggestions can help as you guess your way through it.
I do turn on syntax highlighting mostly because it provides an obvious cue if I miss a quote or something - half the screen turns red, which looks obviously very different than how it should look after each statement is written. I don't pay any attention to the details of the syntax colors - there is just a difference in what the screen as a whole looks like when there is a syntax error.
That's a reasonable guess, but a single JSOW-C1 costs as much as 25-100 similar sized weapons with less precise guidance, in dollar cost. Basic guided bombs can be be had for $25,000, the joint munition is close to $700,000.
The AASM isn't a cheap weapon either, if you're counting costs in money.
You mentioned a lot of non-violent uses of technology that has been funded by the military, and military resources being used to deliver food, medical supplies, and other relief. That's all true and good. Versus violent uses, you say, which are bad.
ALSO there are countries who want to wipe us out. There are countries with the ability to kill millions of Americans. What has happened before will happen again - there will be a country who *wants* to attack us and *can*. The US response to Japanese surprise attack at Pearl Harbor was very much violent - as it needed to be. They were bombing us - by surprise, pretending to negotiate trade agreements with us while their ships were underway to attack us. Swift and violent action to protect ourselves was the right action, and the only option.
I most certainly don't agree with every use of the US military. I AM very glad for its primary use - being a massive deterrent to anyone who might think about attacking us. You may think "no military would ever attack the United States". That's true, at the moment. But why? Why wouldn't North Korea, or Iran, Russia, or China*, send bombers to the US? Because we would crush them, that's why. The REASON we don't have to fight off an attack today is precisely because of our military capability.
That's the main use of a superpower military - making an attack on us inconceivable by simply having the *capability* to win decisively and quickly if we were attacked. That's a good thing. I don't want our country to be defenseless, a tempting target. Our capacity for overwhelming violence is a large part of why other countries don't initiate violence against us or our friends.
* The situation with China specifically is a bit more complex at the moment. Trade is important to them, and they have some significant military power. They have also noticed that they can attack us via cyber warfare and we don't treat it as an attack, we let them get away with that.