[quote]Nevertheless, the time it took them to make STIX almost ready looks hilarious to me. Does anybody know how long does it usually take to design such a font?[/quote]
Computer Modern was designed over about 12 years.
Of course, Knuth was working on other things (notably Metafont and TeX) in that period as well.
If the taking first and only paying when forced to do so is allowed to be equally cheap with paying first, then there would be no incentive to pay first whatsoever.
Uhh, there are criminal penalties on top of the civil ones (the criminal penalties may be fines or jail time).
But the civil penalties are generally limited to the value of the goods/services stolen (this is not always true--some cases allow punitive damages to be levied in addition to nominal damages).
E.g., if I steal a CD from a store, I have to give them the CD back (or pay for it if I no longer have it). That's the civil penalty. Its purpose is not to deter the crime but rather to make the victim whole again (restore them to their original condition).
There is also a criminal penalty, which may be a fine, jail time, community service, etc. That's the punitive portion of the law, and it's exacted by the government (not via a lawsuit by a private company). If it's a fine, it goes to the government and not to the record store.
Similarly, if I download a song from the RIAA, they should be able to recover only the cost of the stolen/misappropriated property from me. The government could also go after me for criminal copyright violation, possibly fining and/or imprisoning me.
My question is - why did they choose to use TCL? There are much more efficient interpreters (from an executable standpoint) - such as Python
Timing is part of it. IOS 12.1 introduced TCL in 2000, but it'd been in betas for a while before that and I'd guess was originally (internally) incorporated by 1998 at the latest. At that point Python was around version 1.4, which was really the first pretty stable, usable version. I doubt Cisco would commit to something that new (at the time).
I'd also be curious to know what the relative memory footprints are on the Cisco hardware.
[quote]This is of course a good way to reverse engineer a protocol but you have to at least be able to compare what is requested with what is received. If the requests aren't documented and the received isn't documented either then how do you even start?[/quote]
I don't really want to be any more explicit since all the info I have is from the public record, but...
Re-read the last sentence of my previous post and try to be a little clever with google to find message board postings from the person who was running the bk server in question..
Alan Cox never used Bitkeeper and yet he continued his role as one of the core maintainers/developers.
(I hate the BK free license and am not surprised it eventually caused a rift, but let's be factual--Linus was DEFINITELY against any system that locked anyone else into using non-open-source tools).
I really just don't see what he was hoping to accomplish here. You can already export the code out of any CVS system. Was he trying to get the commit information and versions out too?
Among other pieces of metadata. Most useful is the commit graph (cvs doesn't track multiple common ancestors).
We did get a verbal promise from OSDL that Tridge had discontinued his work and would not begin again as long as we were trying to work things out. We believed we had an uneasy truce, but it ends up Tridge was still working
I'd want to see exactly what happened, since this quote is pretty odd--OSDL has no right to speak for what Tridge does in his own time, with his own resources. If OSDL was acting as a mediator and Tridge told them he wouldn't work on it, that's kind of shitty. But it's really easy for things to get lost in translation, and this could easily mean that OSDL told Larry they wouldn't let Tridge do anything on it at work or something else.
At the very least he would have had to monitor client-server communications to learn how to talk with the server in the first place
If I'm developing an open-source project using a public BK repository, I may not care who sniffs my communications--I may even allow it (since it's all public code going out anyway). In which case Tridge has every right to do so. And clearly BK's license didn't require you to keep the wire traffic secret (using on the public Internet was encouraged).
Now, if the person running the server is actively colluding with Tridge to let him work on a replacement, they may be in violation of the BK license (since even without writing any code they're helping that development).
But the public record seems to indicate that they didn't know this was happening until months after the fact (although they did see him hitting their repo with a non-BK client).
Did the files magically appear for him to work on? I find a little difficult to think that a CVS-type program could magically drop files onto someone's computer...The thing is that you can't create those files without using a BitKeeper client.
Umm, he didn't start with any "files", the tool he wrote creates those files--that's the whole point of it.
To write that tool, he connected to a BK server without running the BK client. (The BK server he talked to,incidentally, was not the bkbits one that Larry runs.)
The access to the product in question was based on a license agreement that said (in essence) in exchange for getting this for free to use for specific types of work I won't reverse engineer it.
Such access to a product doesn't exist--Tridge neither used the free bk client nor the commercial client. Consequently, any license on their use doesn't apply to him.
The link from that license to Tridge is very tenuous.
Tridge works on a free bk clone at home, on his own time--not company related. Tridge also works for a company that employs Linus. Linus uses bk tools at work, but does not disclose internals to Tridge or otherwise support him.
Basically, there's no circumstance under which I can say Tridge acted unethically or illegally here.
For instance, due directly to Python's nature, Python will always be slow. Python HAS to do a lookup for variable names. This will always be slow.
That's BS. There are well-known methods for optimizing dynamic languages with late binding. Smalltalk has the same issues to deal with, yet there are extremely efficient smalltalk implementations.
That is the song that HAL sings, but he only sings "daisy, daisy give me your answer do, I'm half crazy all for the love of you" if I remember right.
This song was also the first one ever sung by a computer in the real world. Not only are the letters HAL each one letter behind the letters IBM, but HAL's last words were IBM's first words.
Arthur C Clarke claims this is all a coincidence, and it's even mentioned in 2010 with a response of "we've been trying to kill that rumor for years" or something.
Agreed. I don't think other database vendors understand the importance of speed to a Web Developer.
I don't think some web developers understand the importance of other databases to speed.
I've used both in the past, and will probably continue to do so. But mysql is NOT always faster than postgres. It is sometimes much faster, but it is sometimes much slower. It all depends on your usage patterns.
The IRS is a government-funded orginisation. Therefore, their funding comes from your tax dollars. Therefore, if their expenses go up then, all other things being equal, your taxes will go up. It's not that complicated, really.
It's not that simple, really. In practice, they don't up the taxes every year to cover costs. And they might cut other programs to maintain expenditures. Most likely, they simply increase the deficit, and that may or may not wind up costing me more tax money (depending on how long I live and what rates they get, etc).
Please excuse my ignorance, but how does a remote kernel exploit work?
That depends on the exact exploit. Often there is a buffer overflow of some sort, or a stack error is attacked, or incoming data isn't validated before being used, etc.
But you mention browser/email exploits, word processor viruses, etc. How does a browser exploit in OS X escalate into a rootkit? User visits a site, a properly crafted webpage causes the browser to download a rootkit... and then what?
There's a reason I said "Possibly combining 4 or 5 with local priviledge escalation attacks."
So how does a Mac with no services, daemons, or ports open get rooted in the first place?
1) The user turns on a service, starts a daemon, or opens a port. 2) The hacker socially engineers the Mac and gets the user to install the rootkit.
3) A remote kernel exploit 4) Exploiting programs that don't (or incorrectly) validate input (such input coming from the network or elsewhere). e.g. browser/email program exploits, word processor viruses, etc 5) Physical access, ranging from walking up when you left yourself logged in to more sophisticated password grabbing and exploit attacks.
Possibly combining 4 or 5 with local priviledge escalation attacks.
All the techniques I'm aware of are for creation of 2 different files with the same MD5 checksum. But you have no control over what the value of that md5sum is.
There are none that I know of that allow creation of a file with a checksum identical to that of an existing file (in any reasonable amount of time--there are obvious "hard" ways to do this). This is a very important distinction.
At any rate, using a (secret) keyed MD5/SHA-1 should eliminate that risk, and many (most?) security checksum tools do exactlythat.
But when the parents with kids are given tax BREAKS for the very kids that eat into the system, why the hell do they get tax deductions for each spawn instead of a tax increase ? Why do I get stuck paying more in taxes because my wife and I have chosen to be child free and thus don't have any additional deductions ?
Economically, it's because a growing population equals a growing worker base. It's an incentive to people to have more kids, who will in theory increase the productivity of the economy and the revenues of the government.
Socially, it's because it's the easiest way to provide financial assistance to children who are unable to support themselves. Whether or not the parents were irresponsible in having kids they couldn't afford, the argument goes, the kids themselves didn't make the poor choice.
Whether or not those arguments make sense is a seperate issue.
Umm, you pay income tax your whole life and build up capital to pass on and then that gets taxed YET AGAIN. It's a terrible form of double taxation. How can you argue that taxing again and again the same income is good unless you're the most dedicated of socialists?
What the hell does that mean? You don't have the right to turn your income into someone else's without it being taxed.
In a capitalist system, money gets re-taxed when it changes hands all the time. If I get paid at work (and pay income tax), then I take some of that money and go buy something (sales tax) and the company I bought it from gives it to the cashier in his next paycheck (income tax), do you seriously think the money should only be taxed once? I don't see any reason that the money shouldn't be taxed if it goes from father to son but should if it changes hands outside the family.
Also Michigan's "use" tax has already been ruled Unconstitutional, so I don't know how they think they'll be able to enforce this.
Reference please.
I'd like one as well. The only cases I know of have forbidden the state from collecting the tax from out-of-state businesses that fulfill the Quill standards (substantial presence in the state, etc).
But AFAIK they don't prevent the state from collecting the use tax from its citizens.
Slashdot Mirror
[quote]Nevertheless, the time it took them to make STIX almost ready looks hilarious to me. Does anybody know how long does it usually take to design such a font?[/quote]
Computer Modern was designed over about 12 years.
Of course, Knuth was working on other things (notably Metafont and TeX) in that period as well.
If the taking first and only paying when forced to do so is allowed to be equally cheap with paying first, then there would be no incentive to pay first whatsoever.
Uhh, there are criminal penalties on top of the civil ones (the criminal penalties may be fines or jail time).
But the civil penalties are generally limited to the value of the goods/services stolen (this is not always true--some cases allow punitive damages to be levied in addition to nominal damages).
E.g., if I steal a CD from a store, I have to give them the CD back (or pay for it if I no longer have it). That's the civil penalty. Its purpose is not to deter the crime but rather to make the victim whole again (restore them to their original condition).
There is also a criminal penalty, which may be a fine, jail time, community service, etc. That's the punitive portion of the law, and it's exacted by the government (not via a lawsuit by a private company). If it's a fine, it goes to the government and not to the record store.
Similarly, if I download a song from the RIAA, they should be able to recover only the cost of the stolen/misappropriated property from me. The government could also go after me for criminal copyright violation, possibly fining and/or imprisoning me.
My question is - why did they choose to use TCL? There are much more efficient interpreters (from an executable standpoint) - such as Python
Timing is part of it. IOS 12.1 introduced TCL in 2000, but it'd been in betas for a while before that and I'd guess was originally (internally) incorporated by 1998 at the latest. At that point Python was around version 1.4, which was really the first pretty stable, usable version. I doubt Cisco would commit to something that new (at the time).
I'd also be curious to know what the relative memory footprints are on the Cisco hardware.
[quote]This is of course a good way to reverse engineer a protocol but you have to at least be able to compare what is requested with what is received. If the requests aren't documented and the received isn't documented either then how do you even start?[/quote]
I don't really want to be any more explicit since all the info I have is from the public record, but...
Re-read the last sentence of my previous post and try to be a little clever with google to find message board postings from the person who was running the bk server in question..
What about maintainers ? They do have to use bk
Just to back Cramer up here...
Alan Cox never used Bitkeeper and yet he continued his role as one of the core maintainers/developers.
(I hate the BK free license and am not surprised it eventually caused a rift, but let's be factual--Linus was DEFINITELY against any system that locked anyone else into using non-open-source tools).
Among other pieces of metadata. Most useful is the commit graph (cvs doesn't track multiple common ancestors).
I'd want to see exactly what happened, since this quote is pretty odd--OSDL has no right to speak for what Tridge does in his own time, with his own resources. If OSDL was acting as a mediator and Tridge told them he wouldn't work on it, that's kind of shitty. But it's really easy for things to get lost in translation, and this could easily mean that OSDL told Larry they wouldn't let Tridge do anything on it at work or something else.
At the very least he would have had to monitor client-server communications to learn how to talk with the server in the first place
If I'm developing an open-source project using a public BK repository, I may not care who sniffs my communications--I may even allow it (since it's all public code going out anyway). In which case Tridge has every right to do so. And clearly BK's license didn't require you to keep the wire traffic secret (using on the public Internet was encouraged).
Now, if the person running the server is actively colluding with Tridge to let him work on a replacement, they may be in violation of the BK license (since even without writing any code they're helping that development).
But the public record seems to indicate that they didn't know this was happening until months after the fact (although they did see him hitting their repo with a non-BK client).
Did the files magically appear for him to work on? I find a little difficult to think that a CVS-type program could magically drop files onto someone's computer...The thing is that you can't create those files without using a BitKeeper client.
Umm, he didn't start with any "files", the tool he wrote creates those files--that's the whole point of it.
To write that tool, he connected to a BK server without running the BK client. (The BK server he talked to,incidentally, was not the bkbits one that Larry runs.)
Such access to a product doesn't exist--Tridge neither used the free bk client nor the commercial client. Consequently, any license on their use doesn't apply to him.
The link from that license to Tridge is very tenuous.
Tridge works on a free bk clone at home, on his own time--not company related.
Tridge also works for a company that employs Linus.
Linus uses bk tools at work, but does not disclose internals to Tridge or otherwise support him.
Basically, there's no circumstance under which I can say Tridge acted unethically or illegally here.
For instance, due directly to Python's nature, Python will always be slow. Python HAS to do a lookup for variable names. This will always be slow.
That's BS. There are well-known methods for optimizing dynamic languages with late binding. Smalltalk has the same issues to deal with, yet there are extremely efficient smalltalk implementations.
Oh, and Miette -- http://www.miette.com -- has a pretty cool alternative folk version of it at:
http://www.miette.com/mp3/miette_studio/m_dd.mp3
True Love Wastes Away and Sunk on the same download page are pretty good too.
http://www.guntheranderson.com/v/data/daisybel.htm
That is the song that HAL sings, but he only sings "daisy, daisy give me your answer do, I'm half crazy all for the love of you" if I remember right.
This song was also the first one ever sung by a computer in the real world. Not only are the letters HAL each one letter behind the letters IBM, but HAL's last words were IBM's first words.
Arthur C Clarke claims this is all a coincidence, and it's even mentioned in 2010 with a response of "we've been trying to kill that rumor for years" or something.
And is also far faster than mysql for my current application (which doesn't happen to be a message board, blog, or the equivalent).
Agreed. I don't think other database vendors understand the importance of speed to a Web Developer.
I don't think some web developers understand the importance of other databases to speed.
I've used both in the past, and will probably continue to do so. But mysql is NOT always faster than postgres. It is sometimes much faster, but it is sometimes much slower. It all depends on your usage patterns.
[quote]You don't have to be the fastest member of the crowd, just faster than the slowest member[/quote]
Also phrased as:
If you and a friend are being chased by a bear, you don't have to outrun the bear--you just have to outrun your friend.
The IRS is a government-funded orginisation. Therefore, their funding comes from your tax dollars. Therefore, if their expenses go up then, all other things being equal, your taxes will go up. It's not that complicated, really.
It's not that simple, really. In practice, they don't up the taxes every year to cover costs. And they might cut other programs to maintain expenditures. Most likely, they simply increase the deficit, and that may or may not wind up costing me more tax money (depending on how long I live and what rates they get, etc).
However human history has shown that most people are better off in particiapatory systems than authoritative systems
;-)
Right, but I don't care about _everyone_--am I better off in a participatory system or as the authority in an authoritative system?
Rico Suave came and went
YM "Gerardo". HTH. HAND.
Really, you shouldn't, because if everyone could control how their $ were spent, that $4.2 million would have been cut long ago.
He said he wished _he_ had the option of controlling where his taxes went. He didn't say he wished that everyone had that option......
Please excuse my ignorance, but how does a remote kernel exploit work?
That depends on the exact exploit. Often there is a buffer overflow of some sort, or a stack error is attacked, or incoming data isn't validated before being used, etc.
But you mention browser/email exploits, word processor viruses, etc. How does a browser exploit in OS X escalate into a rootkit? User visits a site, a properly crafted webpage causes the browser to download a rootkit... and then what?
There's a reason I said "Possibly combining 4 or 5 with local priviledge escalation attacks."
So how does a Mac with no services, daemons, or ports open get rooted in the first place?
1) The user turns on a service, starts a daemon, or opens a port.
2) The hacker socially engineers the Mac and gets the user to install the rootkit.
3) A remote kernel exploit
4) Exploiting programs that don't (or incorrectly) validate input (such input coming from the network or elsewhere). e.g. browser/email program exploits, word processor viruses, etc
5) Physical access, ranging from walking up when you left yourself logged in to more sophisticated password grabbing and exploit attacks.
Possibly combining 4 or 5 with local priviledge escalation attacks.
Link, please?
All the techniques I'm aware of are for creation of 2 different files with the same MD5 checksum. But you have no control over what the value of that md5sum is.
There are none that I know of that allow creation of a file with a checksum identical to that of an existing file (in any reasonable amount of time--there are obvious "hard" ways to do this). This is a very important distinction.
At any rate, using a (secret) keyed MD5/SHA-1 should eliminate that risk, and many (most?) security checksum tools do exactlythat.
But when the parents with kids are given tax BREAKS for the very kids that eat into the system, why the hell do they get tax deductions for each spawn instead of a tax increase ? Why do I get stuck paying more in taxes because my wife and I have chosen to be child free and thus don't have any additional deductions ?
Economically, it's because a growing population equals a growing worker base. It's an incentive to people to have more kids, who will in theory increase the productivity of the economy and the revenues of the government.
Socially, it's because it's the easiest way to provide financial assistance to children who are unable to support themselves. Whether or not the parents were irresponsible in having kids they couldn't afford, the argument goes, the kids themselves didn't make the poor choice.
Whether or not those arguments make sense is a seperate issue.
Umm, you pay income tax your whole life and build up capital to pass on and then that gets taxed YET AGAIN. It's a terrible form of double taxation. How can you argue that taxing again and again the same income is good unless you're the most dedicated of socialists?
What the hell does that mean? You don't have the right to turn your income into someone else's without it being taxed.
In a capitalist system, money gets re-taxed when it changes hands all the time. If I get paid at work (and pay income tax), then I take some of that money and go buy something (sales tax) and the company I bought it from gives it to the cashier in his next paycheck (income tax), do you seriously think the money should only be taxed once? I don't see any reason that the money shouldn't be taxed if it goes from father to son but should if it changes hands outside the family.
True, although both the Senate and House have passed bills affirming their commitment to act in accord with Puerto Rico's wishes on the matter.
Reference please.
I'd like one as well. The only cases I know of have forbidden the state from collecting the tax from out-of-state businesses that fulfill the Quill standards (substantial presence in the state, etc).
But AFAIK they don't prevent the state from collecting the use tax from its citizens.