Indeed, apparently one last thing needed to be done to fix the CERT advisory bug:
Changes with Apache 1.3.26
*) Potential NULL referencing fixed in the CGI module. It had
been there for 5 years. [Justin Erenkrantz]
*) Ensure that we set the result value in ap_strtol before
we return it. [The whole gang again]
Changes with Apache 1.3.25
*) Code changes required to address and close the security
issues in CAN-2002-0392 (mitre.org) [CERT VU#944335].
To support this, we utilize the ANSI functionality of
strtol, and provide ap_strtol for completeness.
[The whole gang]
[many other 1.3.25 changes snipped]
Re:Especially true for Adobe products
on
Version Fatigue
·
· Score: 1
Major interface changes for Photoshop 5.5 to 6 include the text tool, which no longer pops open a separate box where the text can be laid out and formatted, before insertion into the document - the text is input "in line" like so many WYSIWYG text editors do. Apparently this is a severe detriment to the designer - she slams Illustrator for the same reason on this. Also, many tool options that used to be either a menu item or in a floating box are relegated to the top bar in 6, this also is a severe productivity loss for the designer, from what I've been told.
That's just a few of the things that have come up - which is why I've chosen Adobe for this example. I could have chosen Macromedia since their Dreamweaver product changes at times (most dramatically now w/ MX), but Adobe's dominance in the design market and the sensitivity of designers to always finding things in the same place is what brought about this particular post.
I try not to go out of my way to slam MS... and in truth, I rarely use MS products anymore, thankfully. MS Office on MacOS changed dramatically between the 2001 and the v.X versions, but mostly for the better, it appears. 2001 could be quite kludgy in many respects and v.X is quite a bit more refined (as is OS X in general:)).
I think I agree... copyright is an intrinsically difficult concept to wrap my brain around and particularly difficult to apply to new areas. However, I think I stand on solid footing when I say that in absolutely *no* case is *anyone* allowed to publicly display in *entirety* my copyrighted material without my prior authorization. Since this is the case in many respect with the web archive, then I think at least on this point, the concept is flawed.
Now - how 'bout sites that no longer exist? If the copyright holder (company or individual) still exists and can be reached then the copyright should be respected (as it would be if the issue were taken to court by said individual or company). However, if a company or individual has "sunk into the ether" then I could see archived material being released into the public domain, no sweat.
And that could be done on a try/fail basis - so if due diligence is practiced in attempting to ascertain if the holder of a copyright still exists and that fails then rehosting the content should be allowed - if later the copyright holder *does* turn up and ask that the material be removed or restricted then that should be respected at that time.
A practical way might be to determine if (a) a particular domain is still active. If so, chances are that its the same owner (I realize that this isn't always the case). An automated check could query whois and determine if the owner information for a particular domain has changed - if so, the archive could query the current owner and determine if they now hold the copyright to the archived material (this could be an automated process, for the most part).
If a domain is no longer active, that's a good sign that the company no longer exists, at least for a phase 1. Checks like this would go a long way towards assuaging the fears of current content providers, including myself.
Especially true for Adobe products
on
Version Fatigue
·
· Score: 5, Interesting
Working extensively with a designer/creative director/art director/etc. has definitely shown me that "version fatigue" is worth paying attention to. Particularly with applications like Adobe Photoshop. I try to stay on top of the new versions and the new features provided by said versions, but whenever I try to get a designer to upgrade, the resistance is magnificent. Changed command keys, different menu hierarchies, basically, different ways to do common things. I have a designer still using Photoshop 5.5 because its the last version she doesn't mind the interface for. Same goes for Illustrator - the "features" added between 8 and 9 (not to mention 10) kept this designer on 8 for over a year after 9 was released.
What I've learned is that when your work (and productivity) depends on a particular flow and interaction with your applications, even the smallest changes can significantly impact that and result in a very sour attitude towards new releases of software.
Now, what's the solution? I keep saying that there's no way for Adobe to add new features w/o incrementally changing the way you interact with the application... but maybe I'm wrong? I dunno.
Archiving is one thing, rebroadcasting (or rehosting as is the case here) is another. By copyrighting my site, I reserve the sole right to host a server that distributes that content. Nobody else is given a right, expressly or implied, to 'mirror' my site, regardless of if its for archival purposes or not. That's the consideration that needs to be understood here. Archives are great - I often make use of Google's cache, but only if the *real* content I'm trying to reach is behind a slow connection or down entirely. Technically, Google cache should reserve copyright, too - a concept that would certainly kill off the practice. Is it worth it to lose the convenience? Possibly... think about the ramifications and think hard. If its permissible to archive and host a site's content, why wouldn't it be permissible to archive and broadcast the ST:TNG episodes you've so faithfully taped, w/o paying the royalties to whoever holds the rights to that? Seems like its pretty much the same thing to me, eh?
Now - if you yourself want to archive a site that you're interested in, or if you want to contact the maintainer of a site for something you're looking for that used to be on his/her site, that's perfectly legit and respectable. I personally have all the previous sites for my company archived - if someone wants something that's no longer on our current site, they can certainly ask and we'll try to fulfill their request.
I dunno... I'm up in the air on this, but I entirely understand the copyright ramifications of the situation.
Precisely. I'm not entirely sure where the "GPL means free" got started (probably RMS or thereabouts) - but just because a company makes a GPL product does not by any means mean they have to give it away. It means that if you purchase the product, you can get the source. When you get the source, you can use it or give it to someone else, provided you maintain all the GPL verbage. At no point in there does it mean that you can walk up to any company and demand their GPL product for free... or that a company cannot sell their GPL product.
This is a very sensible post. Doing things yourself is great, but realize that while you're managing the building of your house, you're probably not actively engaged in making money for yourself... the phrase "time is money" is applicable in this situation. As a co-owner of my own small company, I know that some people think that this leaves me with all sorts of time to do things DIY. Not really - even if I do things on the side while I'm doing business stuff, that means that my attention is split and each task generally suffers. If I take my evenings and weekends to be a project manager for my house, that means that for 6-9 months, I'll have no time for relaxation, an important factor, I've found, if I want to continue to do the work I love. Burn-out comes easy, ya know?
I'm not sure, since I don't closely follow CERT myself - but an acquaintance e-mailed me the CERT advisory today and I noticed that the 1.3.x version of apache it cites is not 1.3.26 - its 1.3.25:
Upgrade to the latest version
The Apache Software Foundation has released two new versions of Apache
that correct this vulnerability. System administrators can prevent the
vulnerability from being exploited by upgrading to Apache version
1.3.25 or 2.0.39.
I noticed that a 1.3.25 doesn't actually exist anywhere... was there a failed release?
I tried checking their site, but it appears down - a few mirrors I found online didn't show any sign of a 1.3.26 release and the ftp.modssl.org site didn't show any 1.3.26 tarball under 'source'... so, in short, not yet, I guess.
Too bad - I was going to update everything tonight, but I cannot without mod_ssl.
What makes you think that MS could be sued? They've caused over 8.75 billion dollars of damages to companies and have yet to be sued... you've read the EULA, right?
Agreed. And MSIE only has market share on the Mac because of it being bundled (there's that word again...) with OS X and OS 9 for the past few years. I'm quite hopeful that a different browser will debut on OS X v10.2, though I'm not entirely sure which that would be. Chimera is quite nice as an "in development" Cocoa native Gecko browser. Of course Moz is what I use 99.9% of the time... Of course, there's OmniWeb and quite a few others. I actually never use IE anymore... if a site sniffs the USER_AGENT string and won't let me in, fine - I won't try any harder.
As a web developer, I can say with authority that sites restricting to IE only (or for heaven's sake, NS4+IE) are doing so out of sheer laziness or lack of skill. With the company I work for, cross-browser/platform compatibility is not an option, the client pays for it and gets it regardless of the size of the project. We try very hard not to release pages of any kind that are not good 'Netizens.
Actually, I think they might have a criminal conviction... what was that bit about piracy in a French court? That would be a criminal conviction, right? Not necessarily in the US, but since MS is a global company, any i18l conviction might be reason to barr them.
Starting at $1,599, actually... and for what you're getting, nah... it isn't *really* overpriced. Doing a quick compare to a Dell 8200 based system w/o monitor w/ 2GHz P4, that sits around $1,277 after very minor adjustment to the G4 specs (hardrive/memory/etc.) I'm not sure about the quality difference between the sound cards, video cards, etc. - not really into those things. Sure, you can get a commodity PC for $600, but you can get a commodity iMac for that amount, too... look on eBay, or get a refurb from the Apple store for $699 or so...
I'd back away from sweeping generalities like that... there are many Open Source products out there that do not have "better" commercial competition, simply because they *are* so good. I'm not going to name names and start a flame war, I'm merely saying that generalities like this are easy to disprove, so keep the comments succinct and to a particular point:)
The 'newest' 6.x release of Netscape is quite old, actually - Netscape has already released a 7.x preview. Mozilla 1.0 was only released a few days ago (last Friday, I think) - so 6.x is certainly *not* Mozilla 1.0
Correct - the article talks about uses such as communication, not levitation, so you're absolutely right. Apparently gravitational waves have some seriously neat aspects, outside of 'anti-grav'.
I doubt it... where would you fit it? The case is larger than the original iMac, but that's because of the larger monitor size, nothing else. That doesn't leave any more room for expansion cards. If you want expandability, as usual, buy a G4 tower.
Re:Slashdot: News for thieves. Like ethics matter.
on
What Free Cable?
·
· Score: 1
Amen, mod this up. Someday (soon, probably), there will be 'sniffer trucks' for people illegally sharing files using P2P... the ones that'll get nailed will be the candles burning most brightly (e.g. you're nabbing 100's of megs of MP3s a night). Finally, the people actually *stealing* the files will get dragged to court and held responsible, instead of shackling the hands of developers trying to push the envelope of technology (not that I entirely agree with the purported "legitimate uses" of any of the current P2P systems..)
This problem (while common) is really not that difficult to solve, in your situation. Here's what you have:
e-comm server with 'Net access
need to store sensitive info
need to encrypt sensitive info
Break the problem down, especially the flow of information, sensitive and otherwise, because this is key:
sensitive information flows from customers to your e-comm server via the 'Net
sensitive information does NOT need to be seen by customers (e.g. CC#s, last 4 digits suffice)
employees need access to sensitive information
employees accessing data are 'trusted' (both in a personal sense and an access method sense, either an internal network or an encrypted VPN connection)
So, after sketching this down, here's what I've come up with:
You'll want three servers:
'Net accessible web server, contained in a firewall's DMZ (demilitarized zone)
sensitive data DB server (restricted access from DMZ, unrestricted access from 'trusted' source)
'trusted' web server (for employees)
sensitive information flows to DB server via well-defined interface, but not back (see above posts regarding serial cables, restricted ports, etc.)
auth info (success/failure) and de-sensitized information (last 4 digits, etc.) flows back to the 'Net accessible web server (to support e-comm apps)
Open communication to trusted server (secure to your hearts content, see posts on policy & social problems above, key point: trusted server should mean trusted server)
Employees access sensitive information via trusted server either from private internal net or VPN connections.
Make it impossible for anyone to access your sensitive DB server from the DMZ (this should be easy to). Once you've accomplished this, your information is secure, regardless of what you do on the actual DB server... sure, you can still encrypt the data in your database (you should) and all that, a few different methods are described above, but in essence, by restricting the flow of information and then segregating the information repositories based on that flow, you've taken care of your problem.
This type of system allows for updating of information in the DB as well, if you want to allow this, you'll want to design some kind of authentication mechanism between the requestor of the update (the user's password would work) and the sensitive DB server. Otherwise, a cracker could, potentially, corrupt your sensitive data (not really a big deal since backups are being kept). If this is the worst that can happen, you're sittin' pretty.
Note: while this 'scheme' requires three servers, they don't necessarily need to be distinct (the one in the DMZ needs to be distinct, of course). The others, though - that's up to you, depends on your resources. Check out user-mode-linux if you want to logically distinguish servers on the same hardware. Encrypting the data files used for each user-mode-linux session should suffice to secure each session from the other, should the host become compromised (again, shouldn't be a consideration, this would only be done on a 'trusted' machine).
If anyone's more interested in what I've written down here, feel free to contact me via the contact info associated w/ my Slashdot acct.
Brice
--
WebProjkt
VP, Director of Internet Technology
How long is it going to take for an "underground" to form that taps into these fiber networks that are being abandoned by telecoms? Is there a precedent for this? Abandoned phone networks, abandoned power distribution grids? I understand that many of these backbones need very, very expensive equipment to "light 'em up," but it would seem that it would only be a matter of time before a sort of "private" 'Net was started using these abandoned fiber runs (both in Europe and in the US... only 3% or so of American fiber is being used, right?)
I could be wrong, but I think this would require that the code-morphing software be aware at a "higher level" - i.e., the OS currently manages context switches, so the code-morphing software doesn't have any sense of there even being multiple threads... for it to pack instructions from different threads into a single VLIW, it would need to be more integrated with the OS' scheduling algorithm that handles context switches. Unlikely, I suppose.
Slashdot Mirror
I think this can be attributed to the fact that transient sites v. permanent sites will be less-favored by Google's ranking. Does that make sense?
Indeed, apparently one last thing needed to be done to fix the CERT advisory bug:
Changes with Apache 1.3.26
*) Potential NULL referencing fixed in the CGI module. It had
been there for 5 years. [Justin Erenkrantz]
*) Ensure that we set the result value in ap_strtol before
we return it. [The whole gang again]
Changes with Apache 1.3.25
*) Code changes required to address and close the security
issues in CAN-2002-0392 (mitre.org) [CERT VU#944335].
To support this, we utilize the ANSI functionality of
strtol, and provide ap_strtol for completeness.
[The whole gang]
[many other 1.3.25 changes snipped]
Major interface changes for Photoshop 5.5 to 6 include the text tool, which no longer pops open a separate box where the text can be laid out and formatted, before insertion into the document - the text is input "in line" like so many WYSIWYG text editors do. Apparently this is a severe detriment to the designer - she slams Illustrator for the same reason on this. Also, many tool options that used to be either a menu item or in a floating box are relegated to the top bar in 6, this also is a severe productivity loss for the designer, from what I've been told.
... and in truth, I rarely use MS products anymore, thankfully. MS Office on MacOS changed dramatically between the 2001 and the v.X versions, but mostly for the better, it appears. 2001 could be quite kludgy in many respects and v.X is quite a bit more refined (as is OS X in general :)).
That's just a few of the things that have come up - which is why I've chosen Adobe for this example. I could have chosen Macromedia since their Dreamweaver product changes at times (most dramatically now w/ MX), but Adobe's dominance in the design market and the sensitivity of designers to always finding things in the same place is what brought about this particular post.
I try not to go out of my way to slam MS
I think I agree ... copyright is an intrinsically difficult concept to wrap my brain around and particularly difficult to apply to new areas. However, I think I stand on solid footing when I say that in absolutely *no* case is *anyone* allowed to publicly display in *entirety* my copyrighted material without my prior authorization. Since this is the case in many respect with the web archive, then I think at least on this point, the concept is flawed.
Now - how 'bout sites that no longer exist? If the copyright holder (company or individual) still exists and can be reached then the copyright should be respected (as it would be if the issue were taken to court by said individual or company). However, if a company or individual has "sunk into the ether" then I could see archived material being released into the public domain, no sweat.
And that could be done on a try/fail basis - so if due diligence is practiced in attempting to ascertain if the holder of a copyright still exists and that fails then rehosting the content should be allowed - if later the copyright holder *does* turn up and ask that the material be removed or restricted then that should be respected at that time.
A practical way might be to determine if (a) a particular domain is still active. If so, chances are that its the same owner (I realize that this isn't always the case). An automated check could query whois and determine if the owner information for a particular domain has changed - if so, the archive could query the current owner and determine if they now hold the copyright to the archived material (this could be an automated process, for the most part).
If a domain is no longer active, that's a good sign that the company no longer exists, at least for a phase 1. Checks like this would go a long way towards assuaging the fears of current content providers, including myself.
Working extensively with a designer/creative director/art director/etc. has definitely shown me that "version fatigue" is worth paying attention to. Particularly with applications like Adobe Photoshop. I try to stay on top of the new versions and the new features provided by said versions, but whenever I try to get a designer to upgrade, the resistance is magnificent. Changed command keys, different menu hierarchies, basically, different ways to do common things. I have a designer still using Photoshop 5.5 because its the last version she doesn't mind the interface for. Same goes for Illustrator - the "features" added between 8 and 9 (not to mention 10) kept this designer on 8 for over a year after 9 was released.
... but maybe I'm wrong? I dunno.
What I've learned is that when your work (and productivity) depends on a particular flow and interaction with your applications, even the smallest changes can significantly impact that and result in a very sour attitude towards new releases of software.
Now, what's the solution? I keep saying that there's no way for Adobe to add new features w/o incrementally changing the way you interact with the application
Archiving is one thing, rebroadcasting (or rehosting as is the case here) is another. By copyrighting my site, I reserve the sole right to host a server that distributes that content. Nobody else is given a right, expressly or implied, to 'mirror' my site, regardless of if its for archival purposes or not. That's the consideration that needs to be understood here. Archives are great - I often make use of Google's cache, but only if the *real* content I'm trying to reach is behind a slow connection or down entirely. Technically, Google cache should reserve copyright, too - a concept that would certainly kill off the practice. Is it worth it to lose the convenience? Possibly ... think about the ramifications and think hard. If its permissible to archive and host a site's content, why wouldn't it be permissible to archive and broadcast the ST:TNG episodes you've so faithfully taped, w/o paying the royalties to whoever holds the rights to that? Seems like its pretty much the same thing to me, eh?
... I'm up in the air on this, but I entirely understand the copyright ramifications of the situation.
Now - if you yourself want to archive a site that you're interested in, or if you want to contact the maintainer of a site for something you're looking for that used to be on his/her site, that's perfectly legit and respectable. I personally have all the previous sites for my company archived - if someone wants something that's no longer on our current site, they can certainly ask and we'll try to fulfill their request.
I dunno
Precisely. I'm not entirely sure where the "GPL means free" got started (probably RMS or thereabouts) - but just because a company makes a GPL product does not by any means mean they have to give it away. It means that if you purchase the product, you can get the source. When you get the source, you can use it or give it to someone else, provided you maintain all the GPL verbage. At no point in there does it mean that you can walk up to any company and demand their GPL product for free ... or that a company cannot sell their GPL product.
This is a very sensible post. Doing things yourself is great, but realize that while you're managing the building of your house, you're probably not actively engaged in making money for yourself ... the phrase "time is money" is applicable in this situation. As a co-owner of my own small company, I know that some people think that this leaves me with all sorts of time to do things DIY. Not really - even if I do things on the side while I'm doing business stuff, that means that my attention is split and each task generally suffers. If I take my evenings and weekends to be a project manager for my house, that means that for 6-9 months, I'll have no time for relaxation, an important factor, I've found, if I want to continue to do the work I love. Burn-out comes easy, ya know?
I'm not sure, since I don't closely follow CERT myself - but an acquaintance e-mailed me the CERT advisory today and I noticed that the 1.3.x version of apache it cites is not 1.3.26 - its 1.3.25:
I noticed that a 1.3.25 doesn't actually exist anywhere ... was there a failed release?
I tried checking their site, but it appears down - a few mirrors I found online didn't show any sign of a 1.3.26 release and the ftp.modssl.org site didn't show any 1.3.26 tarball under 'source' ... so, in short, not yet, I guess.
Too bad - I was going to update everything tonight, but I cannot without mod_ssl.
What makes you think that MS could be sued? They've caused over 8.75 billion dollars of damages to companies and have yet to be sued ... you've read the EULA, right?
$0.02
Agreed. And MSIE only has market share on the Mac because of it being bundled (there's that word again ...) with OS X and OS 9 for the past few years. I'm quite hopeful that a different browser will debut on OS X v10.2, though I'm not entirely sure which that would be. Chimera is quite nice as an "in development" Cocoa native Gecko browser. Of course Moz is what I use 99.9% of the time ... Of course, there's OmniWeb and quite a few others. I actually never use IE anymore ... if a site sniffs the USER_AGENT string and won't let me in, fine - I won't try any harder.
... my rant's over :) Back to work!
As a web developer, I can say with authority that sites restricting to IE only (or for heaven's sake, NS4+IE) are doing so out of sheer laziness or lack of skill. With the company I work for, cross-browser/platform compatibility is not an option, the client pays for it and gets it regardless of the size of the project. We try very hard not to release pages of any kind that are not good 'Netizens.
Ah, well
Actually, I think they might have a criminal conviction ... what was that bit about piracy in a French court? That would be a criminal conviction, right? Not necessarily in the US, but since MS is a global company, any i18l conviction might be reason to barr them.
Starting at $1,599, actually ... and for what you're getting, nah ... it isn't *really* overpriced. Doing a quick compare to a Dell 8200 based system w/o monitor w/ 2GHz P4, that sits around $1,277 after very minor adjustment to the G4 specs (hardrive/memory/etc.) I'm not sure about the quality difference between the sound cards, video cards, etc. - not really into those things. Sure, you can get a commodity PC for $600, but you can get a commodity iMac for that amount, too ... look on eBay, or get a refurb from the Apple store for $699 or so ...
I'd back away from sweeping generalities like that ... there are many Open Source products out there that do not have "better" commercial competition, simply because they *are* so good. I'm not going to name names and start a flame war, I'm merely saying that generalities like this are easy to disprove, so keep the comments succinct and to a particular point :)
The 'newest' 6.x release of Netscape is quite old, actually - Netscape has already released a 7.x preview. Mozilla 1.0 was only released a few days ago (last Friday, I think) - so 6.x is certainly *not* Mozilla 1.0
Correct - the article talks about uses such as communication, not levitation, so you're absolutely right. Apparently gravitational waves have some seriously neat aspects, outside of 'anti-grav'.
I believe the poster was being sarcastic .. which is why the "idiot crack-whore mods" marked it as "Funny"
I doubt it ... where would you fit it? The case is larger than the original iMac, but that's because of the larger monitor size, nothing else. That doesn't leave any more room for expansion cards. If you want expandability, as usual, buy a G4 tower.
Amen, mod this up. Someday (soon, probably), there will be 'sniffer trucks' for people illegally sharing files using P2P ... the ones that'll get nailed will be the candles burning most brightly (e.g. you're nabbing 100's of megs of MP3s a night). Finally, the people actually *stealing* the files will get dragged to court and held responsible, instead of shackling the hands of developers trying to push the envelope of technology (not that I entirely agree with the purported "legitimate uses" of any of the current P2P systems ..)
This problem (while common) is really not that difficult to solve, in your situation. Here's what you have:
Break the problem down, especially the flow of information, sensitive and otherwise, because this is key:
So, after sketching this down, here's what I've come up with:
- You'll want three servers:
- 'Net accessible web server, contained in a firewall's DMZ (demilitarized zone)
- sensitive data DB server (restricted access from DMZ, unrestricted access from 'trusted' source)
- 'trusted' web server (for employees)
- sensitive information flows to DB server via well-defined interface, but not back (see above posts regarding serial cables, restricted ports, etc.)
- auth info (success/failure) and de-sensitized information (last 4 digits, etc.) flows back to the 'Net accessible web server (to support e-comm apps)
- Open communication to trusted server (secure to your hearts content, see posts on policy & social problems above, key point: trusted server should mean trusted server)
- Employees access sensitive information via trusted server either from private internal net or VPN connections.
- Make it impossible for anyone to access your sensitive DB server from the DMZ (this should be easy to). Once you've accomplished this, your information is secure, regardless of what you do on the actual DB server
... sure, you can still encrypt the data in your database (you should) and all that, a few different methods are described above, but in essence, by restricting the flow of information and then segregating the information repositories based on that flow, you've taken care of your problem.
This type of system allows for updating of information in the DB as well, if you want to allow this, you'll want to design some kind of authentication mechanism between the requestor of the update (the user's password would work) and the sensitive DB server. Otherwise, a cracker could, potentially, corrupt your sensitive data (not really a big deal since backups are being kept). If this is the worst that can happen, you're sittin' pretty.Note: while this 'scheme' requires three servers, they don't necessarily need to be distinct (the one in the DMZ needs to be distinct, of course). The others, though - that's up to you, depends on your resources. Check out user-mode-linux if you want to logically distinguish servers on the same hardware. Encrypting the data files used for each user-mode-linux session should suffice to secure each session from the other, should the host become compromised (again, shouldn't be a consideration, this would only be done on a 'trusted' machine).
If anyone's more interested in what I've written down here, feel free to contact me via the contact info associated w/ my Slashdot acct.
Brice
--
WebProjkt
VP, Director of Internet Technology
How long is it going to take for an "underground" to form that taps into these fiber networks that are being abandoned by telecoms? Is there a precedent for this? Abandoned phone networks, abandoned power distribution grids? I understand that many of these backbones need very, very expensive equipment to "light 'em up," but it would seem that it would only be a matter of time before a sort of "private" 'Net was started using these abandoned fiber runs (both in Europe and in the US ... only 3% or so of American fiber is being used, right?)
And this posted to a Slashdot forum ... yikes.
Very true, it will be a while ... but, eventually ... :)
I could be wrong, but I think this would require that the code-morphing software be aware at a "higher level" - i.e., the OS currently manages context switches, so the code-morphing software doesn't have any sense of there even being multiple threads ... for it to pack instructions from different threads into a single VLIW, it would need to be more integrated with the OS' scheduling algorithm that handles context switches. Unlikely, I suppose.