Nah, the examples are correct. Most new ideas are dumb ideas and don't work. Some dumb ideas can be made to work, and very slowly we get some idea of what the right ideas really are. What it take to make a dumb idea work can easily be more important than the idea itself.
The critical difference is the required probability of success that is required to try out something different and probably dumb. Because it's so easy to fork, the main line gets the benefit without sustaining the risk.
IF YAFFS was a commercial product and if there was a way for the company to make money on NOR, they would have ported it to NOR. If there was a perceived way for the company to make money on NOR. Assuming EmbeddedJanitor knows what he's talking about, that would not be the perception. One way to quickly go out of business is to try out all sorts of wild ideas.
It just does not work generalizing OSS as better than proprietary when it comes to quality or security matters.
I disagree.
"There is horrid source code out there, with no commenting or documentation." There is horrid OSS source code out there. There is horrid proprietary source code out there. There is some very good OSS source code out there. There is some very good proprietary source out there. At least I assume there is.
There is OSS source code into which a lot of people have put a lot of time and effort. There is OSS source code into which nobody has put much of anything. There is proprietary source code into which a lot of people have put a lot of time and effort. There is proprietary source code into which nobody has put much of anything.
What is relevant is the quality and security matters for a given amount of time and effort expended. OSS seems to come out a clear winner.
And if you weren't aware, almost all manpages are entirely out of date. *Years* out of date, even. That would be news to the OpenBSD crowd. Even when the manpages are quite old, it's not like they keep changing stuff just to be changing stuff.
NO OS is secure if it is on a network and people can access it. ALL software and OS's are written by people, and they DO make mistakes. SO stop the FUD and face the truth,... like "Trusted Computing"? like "Always Trust Microsoft"?
The time to realize that no OS is secure is before the stuff hits the fan, not an excuse after. The truth is that nothing is really secure, there is a wide disparity in the levels of insecurity. Faced with any choice between gizmo-happy and security, Microsoft is still 100% behind pushing the gizmos. The truth is that the Microsoft bashing is coming from the Microsoft users. not the Linux advocates. Some of us are still addicted to eating.
Natural language processing and speech recognition are two entirely separate problem spaces
Counterexample. I can mumble and be perfecty understood by people who know me. It's a case of very high-level processing to determine which of a few low-level phrases I might have uttered.
mumble mumble nmmmm mumble 12345. What table has key field with value 12345? What primary column sounds something like nnmmm?
Keep a stack (vertical pile) of who asked what and some idea of relevance if you can get any feedback from users.
13758? then becomes a perfectly valid query.
"Pull up the name of employee number 12345" Since this is a query system, "SELECT foo FROM bar WHERE baz" can be taken for granted. The length of the query idicates this should be a "simple" query. "The" of "the name" is significant in that any meaningful query is expected to return only one answer. The hard part is translating employee to user.
You are very right that the context matters. The relevant context is pretty much everything known and everything that everybody has ever asked.
I like the ability to have anyone in the world to be able to send me a message even if I've never heard from them before but I don't like ads. The problem is that there is no way to tell the difference.
Further, anything that attempts to tell the difference will in reality favor the spammers.
"but I don't like ads" That's really the key. and savvy companies know it's always a bad idea to antagonize their (potential) customers. Spam isn't "unsolicited commercial email", it's unwanted junk, especially lots of unwanted junk.
I'm probably rustier than that, but seems like you can embed a lower dimensional object in a higher dimensional space without difficulty. The idea of n-dimensional sphere is to be valid for any n, but now that I start trying to think about it, I'm not at all sure exactly what a 2-dimensional sphere is. I do remember, as a side issue of something in algebraic topology, an arbitrary dimensional generalization of Greene's and Stoke's theorems expressed in a grand total of 4 characters.
MS Mathematics is a degree, not a point of view. MS is better than as BS, but far short of a PhD. It means that I'm not totally clueless, but falls far short of implying that I've got much of an idea what I'm talking about.
translate matheese-to-english and summarize in a way we can understand?
This was an attempt at translating. Translations are not originals. This was an attempt at making the "matheese" maybe a bit comprehendable to us mere mortals. Of course I'm trying to put down accurate definitions, from the best available source.
Sorry, shoulda quoted. Although it seems pretty obvious that the intelligent well written parts are NOT MINE. Just the stupid paraphrases are mine and those stupid paraphrases should not be blamed on the author of the linked article.
translate matheese-to-english and summarize in a way we can understand?
Disclaimer: MS Mathematics and I'm not about to claim I understand it, but this is Slashdot so here goes anyway. There are a couple of fundamental ways of viewing something like a circle or a sphere, that can be generalized to an arbritrary number of dimensions. These ways are now known to be equivalent except for one lone holdout. What makes 3 so special that it can hold off our best mathematical minds?
This conjecture was subsequently generalized to the conjecture that every compact n-manifold is homotopy-equivalent to the n-sphere if and only if it is homeomorphic to the n-sphere. The generalized statement is now known as the Poincaré conjecture, and it reduces to the original conjecture for n = 3.
The n = 1 case of the generalized conjecture is trivial, the n = 2 case is classical (and was known even to 19th century mathematicians), n = 3 has remained open up until now, n = 4 was proved by Freedman in 1982 (for which he was awarded the 1986 Fields Medal), n = 5 was proved by Zeeman in 1961, n = 6 was demonstrated by Stallings in 1962, and n >= 7 was established by Smale in 1961 (although Smale subsequently extended his proof to include all n >= 5).
manifold. a space that is locally Euclidean. compact. every open cover has a finite subcover. So a compact manifold is like a bounded chunk of Euclidean space. The surface of the earth as a sorta spheroid is a compact manifold. The surface of the "flat earth" is a compact manifold if there is an edge you would fall off of Just looking at you immediate surroundings, you cannot tell which you're on.
Two objects are homeomorphic if they can be deformed into each other by a continuous, invertible mapping. Like a donut and a coffee cup are homeomorphic. So there exists f:DONUT->COFFEE-CUP (and if there's one there's many more).
Not content to leave things well enough alone, mathematicians start playing with the functions. f:X->Y and g:X->Y A homotopy between two functions f and g from a space X to a space Y is a continuous map G from (X,[0,1]) -> Y such that G(x,0)=f(x) and G(x,1)=g(x). Two mathematical objects are said to be homotopic if one can be continuously deformed into the other.
Seems obvious and it should be easy to prove but intuition is not very reliable and should doesn't imply does.
f:UNIT-INTERVAL -> Euclidean-2-space. f is continuous. The image ought to be 1-dimensional. However, there are continuous functions which have 2-dimensional images.
Cantor's Perfect set. Uncountable number of points but has measure zero. Measure is a generalization of length. The measure of the rational points on a line is zero, but that's only countably infinite.
Triangle A B C. Bisectors of angles ABC and ACB are equal length. Prove the triangle is isocoles. It's provable but I've never managed it.
Four-color theorem. Finally proved with very many special cases solved by computer.
Euclid's fifth postulate. Despite a few people who thought they'd proved it, I think the current state of affairs is that if any of the geometries has a problem, then the other two geometries also have a problem. However all the geometries are "locally Euclidean".
One thing I've learned is that if I can stand to live with myself, if I like myself, nothing else really makes that much difference. "A musician must make music." I'd strike the "If...". It's essential, but probably has little to do with being at peace with oneself. In fact, the drive toward getting it right is very much not being at peace with oneself.
Regarding the "homeless" Paul Erdos, who wouldn't go to more than a little trouble to have him as a house guest? Seems like he'd have the advantages of the very rich with many homes and none of the disadvantages.
To add a smallish fly to your ointment, somebody had to use a couple of mod points to bring your post up to the same level of visibility as this one.
Isn't bits generally used for data transfer, rather than storage, which is generally bytes?
Not quite so simple. Bits is generally used for the raw basic capability. No provisions for framing, error detection or correction. Bytes are generally used for 8 bits of usable information. This is measured after the framing, error detection/correction etc.
Bandwidth caps are related to data transfer, but probably expressed in bytes instead of bits. Memory chip capacity probably expressed in bits. Memory stick capacity probably expressed in bytes, and usually be less than the corresponding number of bits in the chips. Disk capacity probably expressed in bytes, but there is a significant difference between raw unformatted capacity and the formatted capacity. The difference is furthered by reserving alternate sectors so the disk behaves as if it were error free.
It protects any changes made to the GPLed version, but those changes can't be released into the BSD licensed original either.
Part of the reason for the etiquette is to arrange things so that if the changes are worthwhile they will be released into the BSD licensed original. Being easy to fork does not mean that it's desirable to fork. Whatever is desirable in a fork stands a much higher chance of survival if it is incorporated into the main line that if it orphans itself. If the main-line is BSD licensed, a GPL-only fork is unsupportable if the changes are minor.
Any technology that can install software and change your HKEY_CURRENT_USER settings just by visiting a web page is a security risk. I'd guess the root problem is that Windows has so many "Are you sure?" dialog boxes that users have been conditioned to "just click OK," "Are you sure?" Sure of what? It wants something but it won't tell me what. If I want to continue there's no real choice but to click OK. Sure I can stop something, but I've got no way to know what I'm stopping and what I'm letting through.
"In designing and building these IE security features we've spent a lot of time trying to find the right balance between allowing sites to do what they need (preserving site compatibility), and giving the users more control. This is a very fine line; anything we do to stop the "bad guys" also has the potential to break the "good guys" if they are doing something similar, but for legitimate reasons." Reasonable, yes. Secure, not a chance. Balance: sites (including malicious) need -to- giving the users more control. As a user I assume that control is my right not something that I get a few dregs of as a gift from Microsoft. OpenBSD takes an unreasonable approach to security, and judging by their "One Remote Hole in...", if one considers security to be important, their approach is necessary and almost sufficient. OpenBSD is uber secure. I'll grant them that. Secure? Probably not and I've seen nothing from them that would indicate that they think they are. However, finding where they are not secure is going to be extremely hard.
acknowledging when Microsoft adds something good or fixes one of their problems violates the party line
Some of us have seen these WOW, WOW, WOW.... fizzle too many times already.
Some improvements with XP and SP2, but overall the new stuff seems even more annoying and exasperating than the old stuff. Try to delete the MSN Gaming zone and it keeps coming back. Turn off the system restore (good way to make malware permanent) and it keeps coming back. Uninstall it and it finally goes away. MSN search still thinks it ought to be in charge of finding ip addresses that don't have an active web server on them, proudly announcing that it can't "find" such and such address. Butinskies are annoying, particularly when they don't have a clue. Still defaults to hiding file extensions to help deliver various malware. Security is tigtned up enough that that I need to make the users local administrators on XP instead of just users on NT4. Doesn't really matter since everything important is going toward Linux on the servers.
OK, Microsoft has made scripting safe. Again. Really this time.
As I'm typing this on an old 400MHz Gateway with NT4 workstation, unpatched for several years but with the gizmos that run the malware deleted, I'm wondering how long before this new safe technology is very unsafe and I'm sitting here with the old stuff laughing at it. (My "other" computer is a 2.4GHz Dell with a 21" monitor. It boots a lot faster (and more often) and actually is better at running some legacy DOS applications otherwise doesn't make much difference.
"Besides the overall cleanup (the old dialog was difficult for many people to understand), the most noticeable enhancement is the addition of the "Never install software from..." radio button which lets you (finally!) blacklist publishers you don't like." If I decide to "Never trust Microsoft", what happens on the next service pack? One reason not to upgrade or install updates is that whatever protection has been established tends to be removed. The user might miss something in the latest gizmos (aka worms).
This is a site that uses Linux. For those of us still using Microsoft, Slashdot is an essential resource for keeping up with the latest in malware. For many of us, bashing Microsoft is a way of releasing frustrations caused by using Microsoft.
Do we really need yet ANOTHER SP2-bashing article? I'd say most definitely. Dupes even.
There's a simple solution. No more Microsoft. No more Microsoft bashing. You don't really think the bashing is coming from Linux and BSD users do you?
I also run Debian on some servers and was a bit disappointed to see that they were marked as having some moderately critical vulnerabilities
The devil is in the details. You also have to read between the lines. Traceroute if suid bit set. Linux Kernel route cache flooding Denial of Service. Linux Kernel 2.4 "ioperm" Privilege Escalation Vulnerability. If these were of great concern, should be easily fixed, at some cost to stability. Me, I'd trust Debian's judgement, unless I had a very competent attacker who was after me personally, in which case my priorities are survival over stability.
What does not show up in these lists of vulnerabilities. How difficult it is to find the next vulnerability. The odds that a found vulnerability will be known publically or kept in a private cache. Seems like it's taking a lot of effort to find them in Linux while Microsoft seems to still have a lot of low-hanging fruit. Seems like people who find vulnerabilities in Linux are treated as heroes while Microsoft wishes that those who find vulnerabilities in Windows would shut up.
The Microsoft advisories are a bit too vague for my liking. Specific technically accurate advisories are much better. Even if I don't understand the technical details, somebody else does and can and will keep the vendor honest. Skimping on technical accuracy is a fairly good indicator of an attempted snow job. They are hiding something and they have something to hide.
If you want to take over a populace, condition them so that they react to "vulnerability" with an automatic "apply patch". If they weren't vulnerable before you can make them vulnerable by saying the magic words. If you have any real concerns for security, applying patches should never be "trusted".
Microsoft disclaims responsibility for OEM software and: "Dell does not validate any externally loaded software and can therefore make no representations as to their effectiveness, stability, appropriateness, or safety. Any problems encountered with this kind of software should be addressed to the respective manufacturer."
It appears that the actual support that can be relied on is maybe a hair less than what you get from Fedora Core release candidates.
Sorry, but what you've said is simply wrong. Radix sort works (like bucket sort too) in linear time (since k is the average key length, which is constant).
Nice try. k is average key length? Try maximum key length.
There is a finite k which is the constant key length for all possible sets of records? No Y2K problems? For a given k, a radix sort will be linear for sets of records that fit that size. For larger sets of records you need a bigger k, just like the logn factor.
A merge sort works in linear time for a constant log n. Log 10,000,000 is pretty much the same as log 1,000,000. A radix sort of 1,000,000,000 records will take more than 1,000,000 times as long as a radix sort of 1,000 records for any rational collections of such numbers of records.
(ever seen the KDE desktop on a suse when you logon as root, for example? scary red wallpaper with bombs, and almost no icons on it. ugly, scary, uncomfortable. especially compared to how the default USER desktop looks like.)
I haven't seen it, but it seems completely in character. Further, there's a bunch of neat stuff that doesn't like being run as root. You run as root because you need to run as root not because you want to run as root. That plus the general attitude of *nix that the users should be as informed as possible means that Linux will come off as being more secure even if it were intrinsically less secure. Microsoft would have to be substantially more secure than Linux to just break even.
Further, if (most likely when) Linux really takes off on the desktop, there are a few cheap shots that should be easily implemented. Let's say I run as tony. There are additional "users" tony-mail and tony-browser which are extremely curtailed in what they are capable of doing. Running as tony I can do anything I like to them and they are completely incapable of retaliating. Making IE a trusted part of the OS essentially dooms Microsoft to being forever insecure. If I want to be secure, the best way is not to secure the browser but to be in a position where I do not need to secure the browser. It's really a case of who is in control here.
What's going to happen in five years when KDE or Gnome developers decide to continue with their fledgling registries?
Hmmmm, you know there are some things that after I take a bit of a look at, I find no reason to be concerned. If it were just KDE or just Gnome I'd have a concern, but with both of them, they'll keep each other honest, the structure open and viable even (especially) for those who use neither. Now when you have people using KDE to set their Gnome preferences, you'll know they're onto something.
Re:What about quicksort?
on
Ballmer on Linux
·
· Score: 2, Insightful
[Radix Sort] You can sort large amounts of data in O(nk) time rather than O(nlogn) for Quicksort However, k is of the same order as logn.
Radix Sort, Merge Sort, Tree Sort. All order of n log n. Radix sort has the advantage of being totally predictable and doable with exteremely limited local processing ability, like on a card sorter which can only examine on column of one card at a time. Essentially a one byte working memory. A card sorter can sort alpha. Two passes per column, second pass on the zone punches.
You can do a merge sort by hand. Try it with a deck of cards. First few rounds look like you're going nowhere, but it comes together at the end.
Slashdot Mirror
Nah, the examples are correct.
Most new ideas are dumb ideas and don't work.
Some dumb ideas can be made to work, and very slowly we get some idea of what the right ideas really are. What it take to make a dumb idea work can easily be more important than the idea itself.
The critical difference is the required probability of success that is required to try out something different and probably dumb. Because it's so easy to fork, the main line gets the benefit without sustaining the risk.
IF YAFFS was a commercial product and if there was a way for the company to make money on NOR, they would have ported it to NOR.
If there was a perceived way for the company to make money on NOR. Assuming EmbeddedJanitor knows what he's talking about, that would not be the perception. One way to quickly go out of business is to try out all sorts of wild ideas.
It just does not work generalizing OSS as better than proprietary when it comes to quality or security matters.
I disagree.
"There is horrid source code out there, with no commenting or documentation."
There is horrid OSS source code out there.
There is horrid proprietary source code out there.
There is some very good OSS source code out there.
There is some very good proprietary source out there. At least I assume there is.
There is OSS source code into which a lot of people have put a lot of time and effort.
There is OSS source code into which nobody has put much of anything.
There is proprietary source code into which a lot of people have put a lot of time and effort.
There is proprietary source code into which nobody has put much of anything.
What is relevant is the quality and security matters for a given amount of time and effort expended. OSS seems to come out a clear winner.
And if you weren't aware, almost all manpages are entirely out of date. *Years* out of date, even.
That would be news to the OpenBSD crowd. Even when the manpages are quite old, it's not like they keep changing stuff just to be changing stuff.
NO OS is secure if it is on a network and people can access it. ALL software and OS's are written by people, and they DO make mistakes. SO stop the FUD and face the truth, ...
like "Trusted Computing"?
like "Always Trust Microsoft"?
The time to realize that no OS is secure is before the stuff hits the fan, not an excuse after.
The truth is that nothing is really secure, there is a wide disparity in the levels of insecurity. Faced with any choice between gizmo-happy and security, Microsoft is still 100% behind pushing the gizmos.
The truth is that the Microsoft bashing is coming from the Microsoft users. not the Linux advocates. Some of us are still addicted to eating.
Natural language processing and speech recognition are two entirely separate problem spaces
Counterexample. I can mumble and be perfecty understood by people who know me. It's a case of very high-level processing to determine which of a few low-level phrases I might have uttered.
mumble mumble nmmmm mumble 12345.
What table has key field with value 12345?
What primary column sounds something like nnmmm?
Keep a stack (vertical pile) of who asked what and some idea of relevance if you can get any feedback from users.
13758? then becomes a perfectly valid query.
"Pull up the name of employee number 12345"
Since this is a query system, "SELECT foo FROM bar WHERE baz" can be taken for granted. The length of the query idicates this should be a "simple" query. "The" of "the name" is significant in that any meaningful query is expected to return only one answer. The hard part is translating employee to user.
You are very right that the context matters. The relevant context is pretty much everything known and everything that everybody has ever asked.
I like the ability to have anyone in the world to be able to send me a message even if I've never heard from them before but I don't like ads. The problem is that there is no way to tell the difference.
Further, anything that attempts to tell the difference will in reality favor the spammers.
"but I don't like ads"
That's really the key. and savvy companies know it's always a bad idea to antagonize their (potential) customers.
Spam isn't "unsolicited commercial email", it's unwanted junk, especially lots of unwanted junk.
I'm probably rustier than that, but seems like you can embed a lower dimensional object in a higher dimensional space without difficulty. The idea of n-dimensional sphere is to be valid for any n, but now that I start trying to think about it, I'm not at all sure exactly what a 2-dimensional sphere is. I do remember, as a side issue of something in algebraic topology, an arbitrary dimensional generalization of Greene's and Stoke's theorems expressed in a grand total of 4 characters.
MS Mathematics is a degree, not a point of view. MS is better than as BS, but far short of a PhD. It means that I'm not totally clueless, but falls far short of implying that I've got much of an idea what I'm talking about.
translate matheese-to-english and summarize in a way we can understand?
This was an attempt at translating. Translations are not originals.
This was an attempt at making the "matheese" maybe a bit comprehendable to us mere mortals. Of course I'm trying to put down accurate definitions, from the best available source.
Sorry, shoulda quoted.
Although it seems pretty obvious that the intelligent well written parts are NOT MINE. Just the stupid paraphrases are mine and those stupid paraphrases should not be blamed on the author of the linked article.
translate matheese-to-english and summarize in a way we can understand?
Disclaimer: MS Mathematics and I'm not about to claim I understand it, but this is Slashdot so here goes anyway.
There are a couple of fundamental ways of viewing something like a circle or a sphere, that can be generalized to an arbritrary number of dimensions. These ways are now known to be equivalent except for one lone holdout. What makes 3 so special that it can hold off our best mathematical minds?
This conjecture was subsequently generalized to the conjecture that every compact n-manifold is homotopy-equivalent to the n-sphere if and only if it is homeomorphic to the n-sphere. The generalized statement is now known as the Poincaré conjecture, and it reduces to the original conjecture for n = 3.
The n = 1 case of the generalized conjecture is trivial, the n = 2 case is classical (and was known even to 19th century mathematicians), n = 3 has remained open up until now, n = 4 was proved by Freedman in 1982 (for which he was awarded the 1986 Fields Medal), n = 5 was proved by Zeeman in 1961, n = 6 was demonstrated by Stallings in 1962, and n >= 7 was established by Smale in 1961 (although Smale subsequently extended his proof to include all n >= 5).
manifold. a space that is locally Euclidean.
compact. every open cover has a finite subcover.
So a compact manifold is like a bounded chunk of Euclidean space.
The surface of the earth as a sorta spheroid is a compact manifold.
The surface of the "flat earth" is a compact manifold if there is an edge you would fall off of
Just looking at you immediate surroundings, you cannot tell which you're on.
Two objects are homeomorphic if they can be deformed into each other by a continuous, invertible mapping. Like a donut and a coffee cup are homeomorphic. So there exists f:DONUT->COFFEE-CUP (and if there's one there's many more).
Not content to leave things well enough alone, mathematicians start playing with the functions.
f:X->Y and g:X->Y
A homotopy between two functions f and g from a space X to a space Y is a continuous map G from (X,[0,1]) -> Y such that G(x,0)=f(x) and G(x,1)=g(x).
Two mathematical objects are said to be homotopic if one can be continuously deformed into the other.
Seems obvious and it should be easy to prove but intuition is not very reliable and should doesn't imply does.
f:UNIT-INTERVAL -> Euclidean-2-space. f is continuous. The image ought to be 1-dimensional. However, there are continuous functions which have 2-dimensional images.
Cantor's Perfect set. Uncountable number of points but has measure zero. Measure is a generalization of length. The measure of the rational points on a line is zero, but that's only countably infinite.
Triangle A B C. Bisectors of angles ABC and ACB are equal length. Prove the triangle is isocoles. It's provable but I've never managed it.
Four-color theorem. Finally proved with very many special cases solved by computer.
Euclid's fifth postulate. Despite a few people who thought they'd proved it, I think the current state of affairs is that if any of the geometries has a problem, then the other two geometries also have a problem. However all the geometries are "locally Euclidean".
One thing I've learned is that if I can stand to live with myself, if I like myself, nothing else really makes that much difference. ...". It's essential, but probably has little to do with being at peace with oneself. In fact, the drive toward getting it right is very much not being at peace with oneself.
"A musician must make music." I'd strike the "If
Regarding the "homeless" Paul Erdos, who wouldn't go to more than a little trouble to have him as a house guest? Seems like he'd have the advantages of the very rich with many homes and none of the disadvantages.
To add a smallish fly to your ointment, somebody had to use a couple of mod points to bring your post up to the same level of visibility as this one.
Isn't bits generally used for data transfer, rather than storage, which is generally bytes?
Not quite so simple.
Bits is generally used for the raw basic capability. No provisions for framing, error detection or correction.
Bytes are generally used for 8 bits of usable information. This is measured after the framing, error detection/correction etc.
Bandwidth caps are related to data transfer, but probably expressed in bytes instead of bits.
Memory chip capacity probably expressed in bits. Memory stick capacity probably expressed in bytes, and usually be less than the corresponding number of bits in the chips.
Disk capacity probably expressed in bytes, but there is a significant difference between raw unformatted capacity and the formatted capacity. The difference is furthered by reserving alternate sectors so the disk behaves as if it were error free.
It protects any changes made to the GPLed version, but those changes can't be released into the BSD licensed original either.
Part of the reason for the etiquette is to arrange things so that if the changes are worthwhile they will be released into the BSD licensed original. Being easy to fork does not mean that it's desirable to fork. Whatever is desirable in a fork stands a much higher chance of survival if it is incorporated into the main line that if it orphans itself. If the main-line is BSD licensed, a GPL-only fork is unsupportable if the changes are minor.
Any technology that can install software and change your HKEY_CURRENT_USER settings just by visiting a web page is a security risk. I'd guess the root problem is that Windows has so many "Are you sure?" dialog boxes that users have been conditioned to "just click OK,"
...", if one considers security to be important, their approach is necessary and almost sufficient. OpenBSD is uber secure. I'll grant them that. Secure? Probably not and I've seen nothing from them that would indicate that they think they are. However, finding where they are not secure is going to be extremely hard.
"Are you sure?" Sure of what? It wants something but it won't tell me what. If I want to continue there's no real choice but to click OK. Sure I can stop something, but I've got no way to know what I'm stopping and what I'm letting through.
"In designing and building these IE security features we've spent a lot of time trying to find the right balance between allowing sites to do what they need (preserving site compatibility), and giving the users more control. This is a very fine line; anything we do to stop the "bad guys" also has the potential to break the "good guys" if they are doing something similar, but for legitimate reasons."
Reasonable, yes. Secure, not a chance.
Balance: sites (including malicious) need -to- giving the users more control. As a user I assume that control is my right not something that I get a few dregs of as a gift from Microsoft.
OpenBSD takes an unreasonable approach to security, and judging by their "One Remote Hole in
acknowledging when Microsoft adds something good or fixes one of their problems violates the party line
.... fizzle too many times already.
Some of us have seen these WOW, WOW, WOW
Some improvements with XP and SP2, but overall the new stuff seems even more annoying and exasperating than the old stuff. Try to delete the MSN Gaming zone and it keeps coming back. Turn off the system restore (good way to make malware permanent) and it keeps coming back. Uninstall it and it finally goes away.
MSN search still thinks it ought to be in charge of finding ip addresses that don't have an active web server on them, proudly announcing that it can't "find" such and such address. Butinskies are annoying, particularly when they don't have a clue.
Still defaults to hiding file extensions to help deliver various malware.
Security is tigtned up enough that that I need to make the users local administrators on XP instead of just users on NT4. Doesn't really matter since everything important is going toward Linux on the servers.
OK, Microsoft has made scripting safe. Again. Really this time.
As I'm typing this on an old 400MHz Gateway with NT4 workstation, unpatched for several years but with the gizmos that run the malware deleted, I'm wondering how long before this new safe technology is very unsafe and I'm sitting here with the old stuff laughing at it. (My "other" computer is a 2.4GHz Dell with a 21" monitor. It boots a lot faster (and more often) and actually is better at running some legacy DOS applications otherwise doesn't make much difference.
"Besides the overall cleanup (the old dialog was difficult for many people to understand), the most noticeable enhancement is the addition of the "Never install software from..." radio button which lets you (finally!) blacklist publishers you don't like."
If I decide to "Never trust Microsoft", what happens on the next service pack?
One reason not to upgrade or install updates is that whatever protection has been established tends to be removed. The user might miss something in the latest gizmos (aka worms).
This is supposed to be a LINUX site, remember?
This is a site that uses Linux.
For those of us still using Microsoft, Slashdot is an essential resource for keeping up with the latest in malware.
For many of us, bashing Microsoft is a way of releasing frustrations caused by using Microsoft.
Do we really need yet ANOTHER SP2-bashing article?
I'd say most definitely. Dupes even.
There's a simple solution. No more Microsoft. No more Microsoft bashing.
You don't really think the bashing is coming from Linux and BSD users do you?
I also run Debian on some servers and was a bit disappointed to see that they were marked as having some moderately critical vulnerabilities
The devil is in the details. You also have to read between the lines.
Traceroute if suid bit set.
Linux Kernel route cache flooding Denial of Service.
Linux Kernel 2.4 "ioperm" Privilege Escalation Vulnerability.
If these were of great concern, should be easily fixed, at some cost to stability. Me, I'd trust Debian's judgement, unless I had a very competent attacker who was after me personally, in which case my priorities are survival over stability.
What does not show up in these lists of vulnerabilities.
How difficult it is to find the next vulnerability.
The odds that a found vulnerability will be known publically or kept in a private cache.
Seems like it's taking a lot of effort to find them in Linux while Microsoft seems to still have a lot of low-hanging fruit.
Seems like people who find vulnerabilities in Linux are treated as heroes while Microsoft wishes that those who find vulnerabilities in Windows would shut up.
The Microsoft advisories are a bit too vague for my liking. Specific technically accurate advisories are much better. Even if I don't understand the technical details, somebody else does and can and will keep the vendor honest. Skimping on technical accuracy is a fairly good indicator of an attempted snow job. They are hiding something and they have something to hide.
If you want to take over a populace, condition them so that they react to "vulnerability" with an automatic "apply patch". If they weren't vulnerable before you can make them vulnerable by saying the magic words. If you have any real concerns for security, applying patches should never be "trusted".
5 years from now windows will still be easier to use than linux from finding to installing to using, not to mention troubleshooting.
For the malware writers, yes.
"Microsoft is the guiding force in security."
To paraphrase the Lousiana sherrif out of a Bond movie.
"In which direction?"
Well, just wait 'til Longhorn.
Meanwhile, back in the Short term.
Microsoft disclaims responsibility for OEM software and:
"Dell does not validate any externally loaded software and can therefore make no representations as to their effectiveness, stability, appropriateness, or safety. Any problems encountered with this kind of software should be addressed to the respective manufacturer."
It appears that the actual support that can be relied on is maybe a hair less than what you get from Fedora Core release candidates.
Alpha, Beta, Gamma.
A, B, C.
Alpha to Omega.
A to Z.
Actually, Alpha would be full-featured. Beta is a second level that comes after alpha. Beta is also the stage that comes before gamma.
Calling it "beta" sounds like typical Microsoft.
Suppose you sort 1024 32 bit integers (n=1024, k=23)
Radix sort: 1024*8 8192 operations (log base 16 naturally)
Merge sort: 1024*10 10240 operations (log base 2 naturally)
If we were being precise, we'd bore everybody to death, especially ourselves;)
Sorry, but what you've said is simply wrong. Radix sort works (like bucket sort too) in linear time (since k is the average key length, which is constant).
Nice try.
k is average key length? Try maximum key length.
There is a finite k which is the constant key length for all possible sets of records? No Y2K problems? For a given k, a radix sort will be linear for sets of records that fit that size. For larger sets of records you need a bigger k, just like the logn factor.
A merge sort works in linear time for a constant log n. Log 10,000,000 is pretty much the same as log 1,000,000.
A radix sort of 1,000,000,000 records will take more than 1,000,000 times as long as a radix sort of 1,000 records for any rational collections of such numbers of records.
(ever seen the KDE desktop on a suse when you logon as root, for example? scary red wallpaper with bombs, and almost no icons on it. ugly, scary, uncomfortable. especially compared to how the default USER desktop looks like.)
I haven't seen it, but it seems completely in character. Further, there's a bunch of neat stuff that doesn't like being run as root. You run as root because you need to run as root not because you want to run as root. That plus the general attitude of *nix that the users should be as informed as possible means that Linux will come off as being more secure even if it were intrinsically less secure. Microsoft would have to be substantially more secure than Linux to just break even.
Further, if (most likely when) Linux really takes off on the desktop, there are a few cheap shots that should be easily implemented. Let's say I run as tony. There are additional "users" tony-mail and tony-browser which are extremely curtailed in what they are capable of doing. Running as tony I can do anything I like to them and they are completely incapable of retaliating. Making IE a trusted part of the OS essentially dooms Microsoft to being forever insecure. If I want to be secure, the best way is not to secure the browser but to be in a position where I do not need to secure the browser. It's really a case of who is in control here.
What's going to happen in five years when KDE or Gnome developers decide to continue with their fledgling registries?
Hmmmm, you know there are some things that after I take a bit of a look at, I find no reason to be concerned. If it were just KDE or just Gnome I'd have a concern, but with both of them, they'll keep each other honest, the structure open and viable even (especially) for those who use neither. Now when you have people using KDE to set their Gnome preferences, you'll know they're onto something.
[Radix Sort] You can sort large amounts of data in O(nk) time rather than O(nlogn) for Quicksort
However, k is of the same order as logn.
Radix Sort, Merge Sort, Tree Sort. All order of n log n.
Radix sort has the advantage of being totally predictable and doable with exteremely limited local processing ability, like on a card sorter which can only examine on column of one card at a time. Essentially a one byte working memory. A card sorter can sort alpha. Two passes per column, second pass on the zone punches.
You can do a merge sort by hand. Try it with a deck of cards. First few rounds look like you're going nowhere, but it comes together at the end.