Single question - Who does make up the losses for the USPS?
The customers who use it's services.
To quote: "the strategy lacks sufficient transparency and accountability, excludes stakeholder input, and lacks performance measures for results."
You talk as if the issue of what to do about the postal service is an easy one. That exact quote could be attributed to General Motors, Enron, or any number of non-governmental organizations who have failed miserably over the last decade. The USPS is specifically ordained by the U.S. Constitution and it's monopoly serves to provide reliable and affordable mail service to all citizens, regardless of their location. Whereas the USPS's monopoly on stamped mail used to be reliable income, it is now a liability due to the fact that the internet has replaced a large chunk of personal and even business correspondence. Congress is demanding that the USPS continue to honor their universal service obligation, while still maintaining solvency. Perhaps congressional expectations are a tad bit unrealistic considering the reality of communication today, and maybe drastic changes need to be made regarding the USPS.
Once again, when faced with facts such as from the article "The U.S. Postal Service is projecting a loss exceeding $6 billion for the fiscal year ending Sept. 30, which puts retiree health benefit contributions in jeopardy unless a bill is passed by the U.S. Congress." you fail to address my actual point.
You don't understand what you are reading nor do you understand why the postal service is really losing money. The bill that needs to be passed would be to allow them to take actions that their competitors can do, like stop delivering mail on Saturdays. Due to it's universal service obligation, the USPS is not allowed to do many of the things that it's private competitors like UPS are, like not serve unprofitable rural areas or not deliver on certain days. There is no money is delivering mail any more, yet the USPS is mandated to deliver it to everyone, everywhere, and for the same price. Without the USO, a large portion of our country would either have no mail service, or their mail service would be extremely expensive.
This is pretty standard tactics from progressives to shift the debate by dismissing facts with non-sequiturs.
And it's pretty standard tactic for Conservatives to make things up to fit the narrative in their mind.
To quote "The Postal Service, which delivers nearly half of the world's mail, has posted net losses since 2007."
The USPS almost always posts a net loss due to them not being allowed to make a profit, and it the past few years declining revenue due to the internet. As I said before, those losses are not made up by tax payer dollars.
The problem with government is that they do not cut costs and never make it up the next year.
In the case of the USPS, they do. Your denial over it is not my problem.
Thanks for playing our game, better luck (and facts) next time!
My facts are just fine. Unlike yours, they are based in reality.
Do you consider having the police state outlaw your competition self-sufficient?
The postal service and the powers related are is specifically authorized by the U.S. constitution. If it troubles you so much, maybe you should contact your local representative and ask them about amending it.
What about, essentially, ignoring Supreme Court rulings that would force them to stop deliving junk mail to unwilling recipients?
Like any business they carry it as debt and make it up the next year by raising prices and/or cutting costs. The USPS's annual revenue is in the area of $70 billion.
My wife was not a normal case. Her parents are total psychopathic fuckwads who don't give a shit about her, or anyone else for that matter. Part of the reason she left for college early was to get away from them. She was forced to lie on job applications to get a job as a waitress and worked 30 hours a week on top of a full course load. It's quite possible to deal with such a hectic schedule, but a certain level of maturity and adequate support is necessary. My wife had neither.
She ended up with a shitload of debt (it was a private university) and only a couple of course units to show for it, and ended up getting her BA from a cheaper public school after she met me. She actually finished her BA right on time and is almost done with her MA today.
I get what you're saying. My wife's experience is not reason to hold all kids back.
The USPS is self sufficient. It has not taken taxpayer dollars since the early 1980's. It's one of the only fiscally responsible things Ronald Ray-Gun ever did.
You are the ONLY linux user I've ever come across that hasn't either outright flamed me verbally, or rationalized it away what I said in my original post as something trivial.
I wouldn't bother filing a bug report with Ubuntu as the same bug report has been filed in the past. It will be closed and marked with something to the effect of "behavior by design". Don't bring it up in their forum either. Bringing up the default SUDO implementation will get your post deleted immediately.
Notice that my original post was modded, 'overrated', and both of your follow up posts were modded up.
I'd like to know why this post was modded 'overrated'. What there something technically incorrect in it, or is this a case of someone with modpoints who's upset because his god was pointed out to be fallible?
It's not trivial for a hostile application to get executed on a Linux box in the first place (and it would mean that user's account is compromised already).
Given identical circumstances, it is no more trivial in Linux (or BSD) than it is on Windows.
Windows problems apply -- all files may be executed if they are in executable format, archives and installers are usually packaged as executables, sandboxing is nearly nonexistent, etc.
You call these "Windows problems". Most people call them, "how computers work". execute bits offer zero security in the context of a desktop usage and are nothing but an annoyance. The behavior of all newly created files non being able to be executed can be replicated in Windows quite easily using default ACLs, but it is only used in situations where it has a practical use, like servers that allow users to upload files. Sandboxing of processes (SELinux, AA, PolicyKit and yes, UAC) is the future of security - not execute bits and file formats.
That's because Microsoft imitated sudo and not PolicyKit, that places the choice into the hands of the system developer or a sysadmin, not user.
While something like PolicyKit is an ideal solution, I think you overestimate the competence of the average Windows sysadmin and developer. Even in Linux shops, most people run with default UNIX security security model because things like SELinux and PolicyKit are just too damn complicated. Expecting Mr. MCSE to deal with this type of stuff is unreasonable. Windows already has numerous methods of instituting fine grained control over objects and there exist many tools for system administrators to deploy these settings on a mass scale. UAC is far more than an re-implimentation of sudo. Windows has had it's version of sudo for a decade now. It's called "runas".
Setting aside the fact that keylogging in X can be done without root, yours is another example of how gksudo is inferior in terms of security to UAC. A process without admin rights in Windows cannot imitate a UAC prompt.
Though to be fair, given the average aptitude of Windows users, it could probably throw up a very fake looking UAC prompt and get a sizable portion of users to type in their password.
sudo uses time limit for credentials -- this may not be the best way to achieve high security, however in most of real-life use it's sufficient to prevent privilege escalation for all but the luckiest trojan horses that happen to activate right after the user started the installation of something.
The length of time the password is cached is irrelevant. One second is sufficient because a rogue process can quite easily sit in the background monitoring every process a user invokes. As soon as sudo is invoked, all the rogue process needs to do is execute sudo is the same tty. killing off a terminal window may be required, but a dumb user would just think xterm crashed and think nothing more of it. There is no luck involved. The only way to prevent this is to disable password caching completely.
Windows UAC solves the wrong problem -- it ask the user for something that he is not supposed to make a choice about. There are no things that user is supposed to "decide" if they should or should not be allowed to run as root/admin, and things that shouldn't. Nothing in the world, least of all the user, is supposed to ever move them from one category to the other.
From a standpoint of privilege escalation, UAC is pretty much functionally equivalent to gksudo. It allows processes to run with elevated rights. The mechanisms are different, and one is 100x more secure than the other, but the end result is the same. The alternative to UAC was to have legacy applications that don't run properly with limited rights fail, en masse. While breaking bad apps is the technically correct and ideal solution, it is not acceptable given the consumer demand for backwards compatibility. The typical computer user is not technically adept enough to decide beforehand that they need to launch an application with elevated privileges, so some sort of mechanism like UAC is necessary to hold their hand.
not by giving the user a "choice" between running a virus and rendering system unbootable by crashing an upgrade process.
What the hell are you talking about? Is this some personal experience you've had?
What I forgot to say is that the difference is that "Sudo's behavior on that spectrum is configurable, while UAC's isn't."
As it should not be. It would be idiotic for Microsoft to configure UAC to have that option because it would essentially introduce a permanent privilege escalation vulnerability. There's convenient and there's downright, stupid. Cached credentials done the way linux/BSD and SUDO does it, would be a security disaster on a mainstream desktop platform.
UAC forces you to the "ask every time end", which can be very annoying.
In Vista this is true, but UAC is quite configurable in Windows 7.
There are solutions like gksudo that work much like UAC, including a user-friendly GUI and caching of credentials.
They might work and look kind of like UAC, but they are not in the same league in terms of security. When you allow SUDO to cache credentials, any process running under your credentials can elevate itself to root the next time you use SUDO. This vulnerability does not exist with UAC.
Given Linux's obscurity (nobody cares) it's probably not something that's going to get exploited, but it's something the security obsessed Linux user, and corporate linux admins need to be aware of.
IMO, the anti-stylus sentiment out there is fueled exclusively by people who use phones that don't support styluses. I really think it comes down to a simple case of choice-supportive bias.
As a long time Windows Mobile user, you'll have to pry my stylus from my cold dead....fingers. Even though I rarely use my stylus, I'd hate to not have it, because there are times when it's the best tool for the job. The future of smart phones is capacitive touch screens with stylus support, like the GP suggests. Whether or not Apple jumps onto that bandwagon is up to them.
You are probably right, that after every other smartphone maker starts doing capacitive + stylus, Apple will jump on board and get credit for the "innovation".
HTC recently took out a patent for a stylus design that works on a capacitive screen, but with "resistive accuracy", so I'm sure that the future of (non iphone?) touchscreen phones is capacitive screens with stylus support. The proximity sensor idea is great. My touch Pro 2 already has one that can detect something as little as a finger.
I bought it from Amazon, used, about three years ago and only paid about $15 for it. It's not mint condition, but decent - looks like it has been read. You could probably still find it on ebay or amazon.
Don't let my sig fool you. I'm actually quite fond of UNIX. I wish I could use it at work more.:(
My wife comes from an Italian family where all of the men are extremely hairy, and thinks hairless guys are a huge turnoff because "they look like little boys". She descries the stereotype of all women desiring hairless men and says that many of her friends also like hairy guys too.
As for the geeky part, I think that goes back to Women's innate desire for a man that will be a "provider". Being geeky is evidence that the man is not a dumb ass, and therefore has earning potential.
Slashdot Mirror
Single question - Who does make up the losses for the USPS?
The customers who use it's services.
To quote: "the strategy lacks sufficient transparency and accountability, excludes stakeholder input, and lacks performance measures for results."
You talk as if the issue of what to do about the postal service is an easy one. That exact quote could be attributed to General Motors, Enron, or any number of non-governmental organizations who have failed miserably over the last decade. The USPS is specifically ordained by the U.S. Constitution and it's monopoly serves to provide reliable and affordable mail service to all citizens, regardless of their location. Whereas the USPS's monopoly on stamped mail used to be reliable income, it is now a liability due to the fact that the internet has replaced a large chunk of personal and even business correspondence. Congress is demanding that the USPS continue to honor their universal service obligation, while still maintaining solvency. Perhaps congressional expectations are a tad bit unrealistic considering the reality of communication today, and maybe drastic changes need to be made regarding the USPS.
Once again, when faced with facts such as from the article "The U.S. Postal Service is projecting a loss exceeding $6 billion for the fiscal year ending Sept. 30, which puts retiree health benefit contributions in jeopardy unless a bill is passed by the U.S. Congress." you fail to address my actual point.
You don't understand what you are reading nor do you understand why the postal service is really losing money. The bill that needs to be passed would be to allow them to take actions that their competitors can do, like stop delivering mail on Saturdays. Due to it's universal service obligation, the USPS is not allowed to do many of the things that it's private competitors like UPS are, like not serve unprofitable rural areas or not deliver on certain days. There is no money is delivering mail any more, yet the USPS is mandated to deliver it to everyone, everywhere, and for the same price. Without the USO, a large portion of our country would either have no mail service, or their mail service would be extremely expensive.
This is pretty standard tactics from progressives to shift the debate by dismissing facts with non-sequiturs.
And it's pretty standard tactic for Conservatives to make things up to fit the narrative in their mind.
To quote "The Postal Service, which delivers nearly half of the world's mail, has posted net losses since 2007."
The USPS almost always posts a net loss due to them not being allowed to make a profit, and it the past few years declining revenue due to the internet. As I said before, those losses are not made up by tax payer dollars.
The problem with government is that they do not cut costs and never make it up the next year.
In the case of the USPS, they do. Your denial over it is not my problem.
Thanks for playing our game, better luck (and facts) next time!
My facts are just fine. Unlike yours, they are based in reality.
Do you consider having the police state outlaw your competition self-sufficient?
The postal service and the powers related are is specifically authorized by the U.S. constitution. If it troubles you so much, maybe you should contact your local representative and ask them about amending it.
What about, essentially, ignoring Supreme Court rulings that would force them to stop deliving junk mail to unwilling recipients?
What about it? Got any proof that they are?
I'm even for re-attachment surgery.
How generous of you.
Like any business they carry it as debt and make it up the next year by raising prices and/or cutting costs. The USPS's annual revenue is in the area of $70 billion.
Nice try though.
My wife was not a normal case. Her parents are total psychopathic fuckwads who don't give a shit about her, or anyone else for that matter. Part of the reason she left for college early was to get away from them. She was forced to lie on job applications to get a job as a waitress and worked 30 hours a week on top of a full course load. It's quite possible to deal with such a hectic schedule, but a certain level of maturity and adequate support is necessary. My wife had neither.
She ended up with a shitload of debt (it was a private university) and only a couple of course units to show for it, and ended up getting her BA from a cheaper public school after she met me. She actually finished her BA right on time and is almost done with her MA today.
I get what you're saying. My wife's experience is not reason to hold all kids back.
The USPS is self sufficient. It has not taken taxpayer dollars since the early 1980's. It's one of the only fiscally responsible things Ronald Ray-Gun ever did.
EvanED,
You are the ONLY linux user I've ever come across that hasn't either outright flamed me verbally, or rationalized it away what I said in my original post as something trivial.
I wouldn't bother filing a bug report with Ubuntu as the same bug report has been filed in the past. It will be closed and marked with something to the effect of "behavior by design". Don't bring it up in their forum either. Bringing up the default SUDO implementation will get your post deleted immediately.
Notice that my original post was modded, 'overrated', and both of your follow up posts were modded up.
Kudos
I'd like to know why this post was modded 'overrated'. What there something technically incorrect in it, or is this a case of someone with modpoints who's upset because his god was pointed out to be fallible?
It's not trivial for a hostile application to get executed on a Linux box in the first place (and it would mean that user's account is compromised already).
Given identical circumstances, it is no more trivial in Linux (or BSD) than it is on Windows.
Windows problems apply -- all files may be executed if they are in executable format, archives and installers are usually packaged as executables, sandboxing is nearly nonexistent, etc.
You call these "Windows problems". Most people call them, "how computers work". execute bits offer zero security in the context of a desktop usage and are nothing but an annoyance. The behavior of all newly created files non being able to be executed can be replicated in Windows quite easily using default ACLs, but it is only used in situations where it has a practical use, like servers that allow users to upload files. Sandboxing of processes (SELinux, AA, PolicyKit and yes, UAC) is the future of security - not execute bits and file formats.
That's because Microsoft imitated sudo and not PolicyKit, that places the choice into the hands of the system developer or a sysadmin, not user.
While something like PolicyKit is an ideal solution, I think you overestimate the competence of the average Windows sysadmin and developer. Even in Linux shops, most people run with default UNIX security security model because things like SELinux and PolicyKit are just too damn complicated. Expecting Mr. MCSE to deal with this type of stuff is unreasonable. Windows already has numerous methods of instituting fine grained control over objects and there exist many tools for system administrators to deploy these settings on a mass scale. UAC is far more than an re-implimentation of sudo. Windows has had it's version of sudo for a decade now. It's called "runas".
Setting aside the fact that keylogging in X can be done without root, yours is another example of how gksudo is inferior in terms of security to UAC. A process without admin rights in Windows cannot imitate a UAC prompt.
Though to be fair, given the average aptitude of Windows users, it could probably throw up a very fake looking UAC prompt and get a sizable portion of users to type in their password.
Ugggg. Hopefully, you can make out what I meant in the abortion of a sentence.
That makes sense. Racism can easily be confused for classism tend to go hand in hand and it's easy to confuse the two.
I just don't have enough of a sample to prove my point.
It would be a good area to study further.
sudo uses time limit for credentials -- this may not be the best way to achieve high security, however in most of real-life use it's sufficient to prevent privilege escalation for all but the luckiest trojan horses that happen to activate right after the user started the installation of something.
The length of time the password is cached is irrelevant. One second is sufficient because a rogue process can quite easily sit in the background monitoring every process a user invokes. As soon as sudo is invoked, all the rogue process needs to do is execute sudo is the same tty. killing off a terminal window may be required, but a dumb user would just think xterm crashed and think nothing more of it. There is no luck involved. The only way to prevent this is to disable password caching completely.
Windows UAC solves the wrong problem -- it ask the user for something that he is not supposed to make a choice about. There are no things that user is supposed to "decide" if they should or should not be allowed to run as root/admin, and things that shouldn't. Nothing in the world, least of all the user, is supposed to ever move them from one category to the other.
From a standpoint of privilege escalation, UAC is pretty much functionally equivalent to gksudo. It allows processes to run with elevated rights. The mechanisms are different, and one is 100x more secure than the other, but the end result is the same. The alternative to UAC was to have legacy applications that don't run properly with limited rights fail, en masse. While breaking bad apps is the technically correct and ideal solution, it is not acceptable given the consumer demand for backwards compatibility. The typical computer user is not technically adept enough to decide beforehand that they need to launch an application with elevated privileges, so some sort of mechanism like UAC is necessary to hold their hand.
not by giving the user a "choice" between running a virus and rendering system unbootable by crashing an upgrade process.
What the hell are you talking about? Is this some personal experience you've had?
What I forgot to say is that the difference is that "Sudo's behavior on that spectrum is configurable, while UAC's isn't."
As it should not be. It would be idiotic for Microsoft to configure UAC to have that option because it would essentially introduce a permanent privilege escalation vulnerability. There's convenient and there's downright, stupid. Cached credentials done the way linux/BSD and SUDO does it, would be a security disaster on a mainstream desktop platform.
UAC forces you to the "ask every time end", which can be very annoying.
In Vista this is true, but UAC is quite configurable in Windows 7.
There are solutions like gksudo that work much like UAC, including a user-friendly GUI and caching of credentials.
They might work and look kind of like UAC, but they are not in the same league in terms of security. When you allow SUDO to cache credentials, any process running under your credentials can elevate itself to root the next time you use SUDO. This vulnerability does not exist with UAC.
Given Linux's obscurity (nobody cares) it's probably not something that's going to get exploited, but it's something the security obsessed Linux user, and corporate linux admins need to be aware of.
Example: white folks getting life and blacks getting the needle in murder trials during the days of racism.
Sadly, race still has much to do with who gets the death penalty today. (Source)
IMO, the anti-stylus sentiment out there is fueled exclusively by people who use phones that don't support styluses. I really think it comes down to a simple case of choice-supportive bias.
As a long time Windows Mobile user, you'll have to pry my stylus from my cold dead....fingers. Even though I rarely use my stylus, I'd hate to not have it, because there are times when it's the best tool for the job. The future of smart phones is capacitive touch screens with stylus support, like the GP suggests. Whether or not Apple jumps onto that bandwagon is up to them.
You are probably right, that after every other smartphone maker starts doing capacitive + stylus, Apple will jump on board and get credit for the "innovation".
HTC recently took out a patent for a stylus design that works on a capacitive screen, but with "resistive accuracy", so I'm sure that the future of (non iphone?) touchscreen phones is capacitive screens with stylus support. The proximity sensor idea is great. My touch Pro 2 already has one that can detect something as little as a finger.
I bought it from Amazon, used, about three years ago and only paid about $15 for it. It's not mint condition, but decent - looks like it has been read. You could probably still find it on ebay or amazon.
Don't let my sig fool you. I'm actually quite fond of UNIX. I wish I could use it at work more. :(
I own a print copy with the original barf bag still attached. :)
Cutler personally hated UNIX. NT was his anti-UNIX.
Good reading here.
What? I'd mod you funny for that one.
Our kids have no chance. They are going to be Sasquatches when they grow up.
My wife comes from an Italian family where all of the men are extremely hairy, and thinks hairless guys are a huge turnoff because "they look like little boys". She descries the stereotype of all women desiring hairless men and says that many of her friends also like hairy guys too.
As for the geeky part, I think that goes back to Women's innate desire for a man that will be a "provider". Being geeky is evidence that the man is not a dumb ass, and therefore has earning potential.
While my original points stand, I agree with everything you've just said.