'Someone failed at the most basic level here and it wasn't Google. From RFC 2616 (HTTP) Section 9.1 Safe and Idempotent Methods - "In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe"."`, Matthieu Heimer
The Morris Worm was enabled by a default exit-to-the-shell password that the original developers accidentally left in sendmail. This was an open secret for a long time before Morris exploited it. You see when they compiled it, they accidentally left in the debug directive leaving the password in the released version.
"To understand unstable code, consider the pointer overflow check buf + len | buf shown in Figure 1.. While this check appears to work with a flat address space, it fails on a segmented architecture" ref
Do you think most-all exploits are down to the defective x86 segmented memory architecture.
What if the ECM were implimented as a finite state machine, wouldn't such programming defects be avioded or much easier to detect. Impliment all the low-level stuff as small fast functions and call them from a FSM implimented in software.
01: "two Arizona-based nonprofits, the Koch-linked Center to Protect Patients Rights and Americans for Responsible Leadership, admitted violating state election law"
02: "One potential donor courted by an ally of Russo's was Charles Koch, the chairman and CEO of Koch Industries"
03: "Hi Charles.. It would be great if you could support the final effort with several million.. I must tell you that Sean Noble from your group has been immensely helpfull in our efforts.. I look forward to seeing you on the golf-course"..
04: "AJS and its lawyers took precautions, choosing to funnel the money through the Center to Protect Patients Rights, which was run by Sean Noble, who was then the primary outside consultant and strategist to the Koch brothers' national donor network"
05: "Here, the money trail forks into two trails. In one direction, CPPR gave $7 million to a nonprofit called the American Future Fund, which in turn passed $4.08 million of that to a subsidiary in California. That subsidiary, the California Future Fund for Free Markets, finally spent the money on influencing Props. 30 and 32.
06: `In the second direction, CPPR directed $13 million to its Arizona neighbor, Americans for Responsible Leadership. ARL then passed $11 million of that money to the Small Business Action Committee in Sacramento, which spent the money influencing Props. 30 and 32.'
07: `Here's the bottom line: A California fundraiser raised a boatload of money. He shuffled it through a network of secretly funded nonprofit groups to hide the donors' identities. And when the money finally arrived in California in time to influence the 2012 elections, the fingerprints on the money had been thoroughly scrubbed off—and in the process, the operatives masterminding this scheme had broken the law. '
Visdom and the backend source code have been on Github for a while now: If Battelle was really convinced that Corey stole the code, you’d think they would just look there first. No need for subpoenas ref
"FTTdp pushes the network fiber closer to the user's premises than FTTC (Fiber to the Cabinet). In many cases this is less than 250m, a distance at which it's possible to get 1Gbps over the copper phone network using G.FAST, a new variation of VDSL broadband"
Throughput depends on the quality of the copper and the properties of the earth it's buried in. There's also cross-talk to consider which can lead to a reduction of 2/5ths in the worst case scenario.
"Linux has patent-inhibited memory management complications.. Is Linux better than the alternatives? Never, as long as its memory footprint is inhibited by patents"
What specific patents are you referring to here, please provide links to the citations..
"an examination by the Sunlight Foundation shows the administration turned the task of building its futuristic new health care technology planning and programming over to legacy contractors with deep political pockets.. Sunlight reviewed contract award information from USASpending.gov and FedBizOpps.gov, and found 47 organizations that won contracts from Health and Human Services or the Treasury Department to manage, support or service the implementation of the Affordable Care Act. Among them were top contractors like Northrop Grumman, Deloitte LLP, SAIC Inc. General Dynamics and Booz Allen Hamilton." link
"If you use open source software and are not a competent developer, you can't fix it. You can _pay_ someone to fix it, but at that point, there's a good chance your fix will cost more than a commercial alternative"
Have you tried contacting the original developer or posting a bug request on the developer forum?
"The NY Times has an interesting story about a pair of researchers who 'discovered that they could freeze, or crash, the software that monitors a [power] substation, thereby blinding control center operators from the power grid.'.. It's scary that our electrical grid is so vulnerable and there doesn't seem to be much urgency to get it fixed"
Then don't connect your electrical grid directly to the Internet !!
"The plain fact is that what has happened has damaged national security and in many ways the Guardian themselves admitted that when they agreed, when asked politely by my national security adviser and cabinet secretary to destroy the files they had, they went ahead and destroyed those files. So they know that what they're dealing with is dangerous for national security."
After an unannounced visit from GCHQ the Guardian destroyed some harddrives, but not the ones the data was on..
Slashdot Mirror
'Someone failed at the most basic level here and it wasn't Google. From RFC 2616 (HTTP) Section 9.1 Safe and Idempotent Methods - "In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe"."`, Matthieu Heimer
"So after reading the article, it was quite hard to tell whether the problem was information overload or a buggy display system" ..
What's the difference ?
"I don't believe that the pilots lost their sense of sight for more than a few seconds, if at all. This much hyperbole smacks of tabloidism."
Do you have any reliable citations for these believes?
The Morris Worm was enabled by a default exit-to-the-shell password that the original developers accidentally left in sendmail. This was an open secret for a long time before Morris exploited it. You see when they compiled it, they accidentally left in the debug directive leaving the password in the released version.
"To understand unstable code, consider the pointer overflow check buf + len | buf shown in Figure 1 .. While this check appears to work with a flat address space, it fails on a segmented architecture" ref
Do you think most-all exploits are down to the defective x86 segmented memory architecture.
What if the ECM were implimented as a finite state machine, wouldn't such programming defects be avioded or much easier to detect. Impliment all the low-level stuff as small fast functions and call them from a FSM implimented in software.
01: "two Arizona-based nonprofits, the Koch-linked Center to Protect Patients Rights and Americans for Responsible Leadership, admitted violating state election law"
.. It would be great if you could support the final effort with several million .. I must tell you that Sean Noble from your group has been immensely helpfull in our efforts .. I look forward to seeing you on the golf-course" ..
02: "One potential donor courted by an ally of Russo's was Charles Koch, the chairman and CEO of Koch Industries"
03: "Hi Charles
04: "AJS and its lawyers took precautions, choosing to funnel the money through the Center to Protect Patients Rights, which was run by Sean Noble, who was then the primary outside consultant and strategist to the Koch brothers' national donor network"
05: "Here, the money trail forks into two trails. In one direction, CPPR gave $7 million to a nonprofit called the American Future Fund, which in turn passed $4.08 million of that to a subsidiary in California. That subsidiary, the California Future Fund for Free Markets, finally spent the money on influencing Props. 30 and 32.
06: `In the second direction, CPPR directed $13 million to its Arizona neighbor, Americans for Responsible Leadership. ARL then passed $11 million of that money to the Small Business Action Committee in Sacramento, which spent the money influencing Props. 30 and 32.'
07: `Here's the bottom line: A California fundraiser raised a boatload of money. He shuffled it through a network of secretly funded nonprofit groups to hide the donors' identities. And when the money finally arrived in California in time to influence the 2012 elections, the fingerprints on the money had been thoroughly scrubbed off—and in the process, the operatives masterminding this scheme had broken the law. '
"The site appears to have been compromised and had some of its javascript altered to exploit vulnerable systems visiting the website"
What Operating System do the clients need to run in order to be vulnerable?
"Chancellor Angela Merkel .. views such practices .. as completely unacceptable"
Then Chancellor Merkel shouldn't have voted in leglisation that compelled the phone manufacturers to build back-doors into the encryption modules.
'Michael Kevin Powell (born March 23, 1963) is .. current president of the National Cable & Telecommunications Association (NCTA).`
"if time is an emergent phenomenon based on entanglement, the phenomenon in which two quantum particles share the same existence "
What?
Of course Bruce Schneier can't be trusted his criticism of the NSA obviously means he's in cahoots with the albino shape-shifting lizard Ilumaniti ..
Visdom and the backend source code have been on Github for a while now: If Battelle was really convinced that Corey stole the code, you’d think they would just look there first. No need for subpoenas ref
a) we are able to make decisions for ourselves: NO
b) the outcomes are predetermined: NO
c) choice is merely an illusion: NO
d) None of the above: YES
If we build a replica of this theoretical physicist and download all his memories into same, would the replica be deemed to have free will.
Ten ways to make NSA spying popular with Americans
That's totally co-incidental, Microsoft would never hack their own browser to make looking at the other fellas stuff a jagged experience ..
"FTTdp pushes the network fiber closer to the user's premises than FTTC (Fiber to the Cabinet). In many cases this is less than 250m, a distance at which it's possible to get 1Gbps over the copper phone network using G.FAST, a new variation of VDSL broadband"
Throughput depends on the quality of the copper and the properties of the earth it's buried in. There's also cross-talk to consider which can lead to a reduction of 2/5ths in the worst case scenario.
Patent problem for a future Linux feature called KSM
This one from about 2008, not much progress in five years if someone were to claim IP violations.
Note: this mechanism is covered by some patents in U.S.A
That also from 2006, and currently still no mention of what patents exactly are violated by the use of this mechanism.
Torvalds worries about patents and slow storage
That from Feb 2008, seems to be a good enough time passed for any such patent issues to appear.
"Linux has patent-inhibited memory management complications .. Is Linux better than the alternatives? Never, as long as its memory footprint is inhibited by patents"
..
What specific patents are you referring to here, please provide links to the citations
"an examination by the Sunlight Foundation shows the administration turned the task of building its futuristic new health care technology planning and programming over to legacy contractors with deep political pockets .. Sunlight reviewed contract award information from USASpending.gov and FedBizOpps.gov, and found 47 organizations that won contracts from Health and Human Services or the Treasury Department to manage, support or service the implementation of the Affordable Care Act. Among them were top contractors like Northrop Grumman, Deloitte LLP, SAIC Inc. General Dynamics and Booz Allen Hamilton." link
"broad statements like "open source will fix healthcare.gov" don't add anything to the conversation
I'm not sure if we're reading the same article. Just how difficult can it be to create a web site for flogging health insurance ?
a) Healthcare.gov is a platform for building health-care marketplaces.
b) The roll-out of healthcare.gov has been a mess.
c) Open Source methodology has a prove track record.
d) The transparency intrinsic to Open Source prevents such disasters as healthcare.gov, what ever the version.
The Obamacare Website Didn't Have to Fail
"If you use open source software and are not a competent developer, you can't fix it. You can _pay_ someone to fix it, but at that point, there's a good chance your fix will cost more than a commercial alternative"
Have you tried contacting the original developer or posting a bug request on the developer forum?
"if the rumors are to be believed, an audit found open source code in there that had simply had its licence removed"
Where are these rumors, do you have a link to the source?
"The NY Times has an interesting story about a pair of researchers who 'discovered that they could freeze, or crash, the software that monitors a [power] substation, thereby blinding control center operators from the power grid.' .. It's scary that our electrical grid is so vulnerable and there doesn't seem to be much urgency to get it fixed"
Then don't connect your electrical grid directly to the Internet !!
"The plain fact is that what has happened has damaged national security and in many ways the Guardian themselves admitted that when they agreed, when asked politely by my national security adviser and cabinet secretary to destroy the files they had, they went ahead and destroyed those files. So they know that what they're dealing with is dangerous for national security."
..
After an unannounced visit from GCHQ the Guardian destroyed some harddrives, but not the ones the data was on