If you connect to the Internet you are an equal peer on it - you can receive and send data. You have the right to set up services just like bbc.co.uk can. If your ISP cuts you connection without a court order (a court that has jurisdiction over you), then it is a violation of net neutrality.
No, but it might be a violation of contract and a court might have something to say about consequences. If the ISP gives as a reason that you were violating the terms of service, then it's quite possible that you'll have no comeback at them at all (other than a return of potentially some of what you have paid; details matter there).
Traffic shaping based on the destination (or source) of the traffic is also a violation of net neutrality, traffic shaping to prioritize some protocols over others is not (unless a phone company reduces the priority of all VoIP traffic to zero).
Traffic-shaping based on source or destination is indeed the issue (unless either the source or the destination requested it specifically; shaping on an opt-in basis is fine and is useful for things like VoIP and the equivalent for video). An ISP telling a customer to get lost is not; it is right and proper that a customer does not have the power to force the ISP to accept their business (just as it is also good that the ISP can't force the customer to do business with them, which I'm sure people here can appreciate).
You call that more details?! The first link tells me nothing much other than "OMG! XML is used in lots of places!" and the second is unclear about which libraries actually have the problem (e.g., is expat itself vulnerable or just the version that Python uses?) This is important because it determines who else has to worry about these things. If there are fundamental problems, it's important that they get fixed right back at the root and then the fixes pushed out. Otherwise you just have duplication of effort, warring developers, and people who are vulnerable and don't know it.
There is a problem: Google wants to show ads and encrypted data gives them no clues about what ads to show.
It's not a problem, because...
If there is really a market for it, then maybe they should develop a paid version with encryption that a business could trust.
A number of other cloud providers have been doing exactly that for a while now, so it wouldn't be at all surprising for Google to do it as well. Of course they'd have to charge for it, but to claim that doing otherwise is better is deeply disingenuous. To expect to get a high-quality service for nothing is... deeply optimistic.
Another possibility would be a Google Docs appliance to be put behind the company's VPN. (Or does that already exist?)
They don't appear to have done yet. But whether or not they do one is more likely to be a business decision and not a technical one; the technical and legal requirements most certainly can be satisfied. (Whether they can with their current infrastructure, no idea...)
I can agree with that, to a point, based on pure productivity/cost. But when you factor in legal implications, change control, training, and so forth, I don't think its sane for most businesses to use cloud apps in the vast majority of situations.
You're thinking like a techie, and probably a sysadmin there, and not like a businessman.
You're massively overweighting the relative value of legal implications for documents in development (finalized docs are something else, but they're best in another format, such as Dead Tree). So long as there is reasonable security and access control, the legal side should be covered.
A lot of businesses use no change control for anything. Moreover, Google Docs keep version history (or did the last time I checked, which admittedly is some time ago).
Training costs are pretty much a continual load. Really. Especially for larger businesses. How to type into a wordprocessor or spreadsheet is one of the more easily mastered things.
You're undervaluing opportunity costs. This is a classic mistake (along with getting involved in a land war in Asia) of sysadmins. They spend their time looking at the down-side, say "No way!" (a la Mordac), and either the business suffers or the users - and the management - ignore the sysadmin and do what they want anyway.
A lot of companies are not run in a sane way.
The only way to hold off cloud apps is to provide something better. For a lot of users, Word is not better and Excel is not better. They like doing things on the Web; it lets them be more productive. Fighting against that is a bit like being King Canute, telling the tide to stop coming in.
I find that Paste Special, Plain Text comes in very handy at times.
It's exceptionally useful. Why it has to be hidden away where only tinkerers would find it, I don't know. OTOH, it being hard to find makes it much easier to spot people who are stupid enough to plagiarize as those who are stupid enough to do that are also stupid enough to not change the formatting. (Yes, I really have caught people that way, though it also helped that they stole some of the paragraphs of text from things I'd written...)
Having a policy like loser pays legal bills of both sides would go a long way to making the court system fair. Right now its often richest guy wins because he can outlast the poor guy.
You still have the system in place to do that, you know. The judge could make a ruling in equity (I think that's the right term) that the loser should pay the winner's reasonable costs. Indeed, this is usually the case in UK courts and as I understand it there's enough similarity between legal systems for that to be potentially carriable-over. I've no idea why US courts don't seem to like to do it.
Radio, like any limited-spectrum broadcast medium, caters to the majority.
The problem comes if all radio stations insist on chasing the same small number of market segments, rather than finding a more distinctive voice that attracts and holds a particular group. This can be very profitable in advertising terms if that group is comparatively wealthy and inclined to spend, as advertisers love to target their money more effectively. But I suspect that the rot has persisted a bit too long in the US for this to be fixable there; the groups that have been driven away will no longer consider coming back to radio ("because it's all mainstream crap"). Just don't try to extrapolate from the situation in the US to other parts of the world; they're not all that badly fucked.
Exercise your rights. It's your paper. Remember, professors are people just like you. While they may believe you to be paranoid, they won't hold it against you if you voice your concerns with logic, passion, and conviction.
Also remember these things:
Your chances of making anything off any paper or code you write for a course (other than by using them to pass the course) are essentially nil. Almost all student work is really not very good by comparison with people doing it professionally; the additional experience shows. This doesn't apply to people in grad school, but they should be thinking for themselves anyway. It also doesn't apply to final year dissertations; they're sometimes interesting and worth taking further, if the student is willing to stick around.
You don't have the right to graduate. Your professors will definitely want you do so - we don't like people failing - but if you insist on being bone idle, utterly crap, or a cheat, why shouldn't you get found out and kicked out?
Yes, I do teach. No, most student work submitted for my course isn't reusable for anything, not even the really impressive stuff. Yes, I fail the lazy, the stupid and the cheats, and I do it without the slightest care in the world. And no, kicking up a fuss over this doesn't make me think more highly of you; it makes me more suspicious that you're trying to sneak work in twice. But if you're trying to learn, I'm on your side, even if you're having problems; an honest success (at whatever level is apt for your ability) is the best outcome possible.
(I also happen to work at a university that makes turning over copyright of submitted coursework a condition of acceptance as an undergraduate student. If you don't like it, there are other universities; piss off.)
Depending on how you wrote your first paper, you may be able to hand in the same paper again at some point during this course.
If you're submitting a paper twice, two years apart, then you're failing to apply what you've learned in between. That's just lazy, and misses the whole point of getting a proper education. Show off that you have been listening and thinking between times, at least a bit...
The only way to solve this (partially) with existing hardware would be to block access to hardware devices from applications running as non-root users, which is fundamentally contrary to the desire to get device drivers out of the kernel for stability.
Eh? You sound rather confused about the difference between the root user (still a normal user, though with unusually elevated privileges) and the OS kernel (can do anything at all). There's quite a lot of processes running on the average Unix system that have root privileges but which aren't in the kernel. Having (the majority of) each USB device driver be non-kernel is quite possible, and restricting the "upload new firmware" functionality to root is a very good idea, as is checking for a strong crypto signature of someone I trust on it first. (Who to trust is a separate issue, but with firmware you really want it to be Known Good or you run the risk of real trouble, of which malware is only one of the possible problems. Plain old corrupted files bricking the keyboard is another issue that you don't ever want to encounter...)
Normal users (and even root if it isn't doing the special look-behind-the-curtain) should just see keyboards as keyboards. There's no reason at all for normal users to be able to reflash their keyboard firmware.
Did you know that the FSF charges for GPL software if you buy a copy from them? (Yes, you can also get it for nothing. That's not the point.) So don't feel bad about charging. Yes, give the source away too; if someone else decides to put a version built from the same source in the App Store, they can (assuming they get it past Apple's asinine guardianship, of course).
Every student with a phone was calling their parents, and every parent was coming to the school to try and get their darling children out, despite the reality that a gunman with 2 automatics who had already killed a cop was anywhere around.
So... did the gunman get some of the parents or kids, or was that another lost opportunity for disinfecting the gene pool?
What on earth gave you that impression? Converting lithium to tritium leaves less lithium behind, and the energy would be coming from rearranging nucleons. No perpetual motion there at all.
I would hate to throw three bytes per string away on an carrier class router or switch for instance.
Routers often run (specially cut down) Unix. OK, with some fairly fancy hardware but also plenty of memory to hold routing tables (especially on the backbone routers).
That's funny because the E.U. website calls them "states". Ya know, like New York state, Maryland state, California state, Sweden state,..... (Just something to think about.)
They do use the word differently though, and it's a mistake to try to impose what you know about arrangements on one side of the atlantic to the other.
I've been to the US quite a few times now, and I'll happily admit that the various states of the US are more different from each other than they appear to be from here. But the EU states are much more different from each other than any two US states; there's a number of totally different legal systems in place, and it's often true that languages differ too (so far less shared media and culture). In particular, the Netherlands and Sweden have pretty strongly different legal systems (both use civil law, but from differing major branches) and different languages.
Do you think that Steven Metalitz would agree to deposit the master keys to the DRM used to secure the work with the Library of Congress? Like that, when the legally-determined finite length of time that the work is protected ends, the work can proceed properly into the public domain as the law requires. I suggest the LoC because I find it hard to believe that anyone would be able to suggest that they'd be an untrustworthy custodian.
Not that this would make me more inclined to like DRM, but it would allow the fundamental legal, business and technical requirements of both it and copyright law to be met. Other alternatives would be to require people who apply DRM to place the keys in escrow elsewhere (together with appropriate monies in a suitable funding instrument) so as to ensure that the constitutional requirement for protections to be time-limited be enacted. Of course, if they did it this way then if there was another Mickey Mouse extension, all the media companies would suddenly have to deposit a substantial amount of extra cash into those funds to ensure that they continue to be solvent. I think I rather like the idea of corporate shenanigans hitting them on the bottom line immediately, especially as it would actually encourage shortening the period of protection (so as to release money back to the media companies). Hmmm...
One byte? "256 characters is all anyone will ever need!"
Original Pascal strings were indeed lame that way, but don't diss the idea of counted strings; they're actually faster (more efficient copies) and safer (easier buffer management). You do need to use a size_t for the length though.
If you ask me, networks of trust such as PGP are far more difficult to compromise than a central authority.
In practice yes, but only because they're only used by the security conscious. But they're a group who will get almost any even marginally practical solution working anyway. Now, tell me how you plan to scale out a web of trust to millions of website admins without someone blundering (or being bribed) and introducing bad trust in the system...
No, it's properly a forest (i.e., multi-rooted tree). All the trust flows one way, from the CA roots. That works better because smaller numbers of people need to know what they're doing. Normal people, even normal website admins, don't need to know the details. By contrast, a web of trust will only work between people who understand the security implications of getting it wrong and who are therefore appropriately cautious. So small groups of techies are ideal, the general public... less so.
Slashdot Mirror
That is not net neutrality.
If you connect to the Internet you are an equal peer on it - you can receive and send data. You have the right to set up services just like bbc.co.uk can. If your ISP cuts you connection without a court order (a court that has jurisdiction over you), then it is a violation of net neutrality.
No, but it might be a violation of contract and a court might have something to say about consequences. If the ISP gives as a reason that you were violating the terms of service, then it's quite possible that you'll have no comeback at them at all (other than a return of potentially some of what you have paid; details matter there).
Traffic shaping based on the destination (or source) of the traffic is also a violation of net neutrality, traffic shaping to prioritize some protocols over others is not (unless a phone company reduces the priority of all VoIP traffic to zero).
Traffic-shaping based on source or destination is indeed the issue (unless either the source or the destination requested it specifically; shaping on an opt-in basis is fine and is useful for things like VoIP and the equivalent for video). An ISP telling a customer to get lost is not; it is right and proper that a customer does not have the power to force the ISP to accept their business (just as it is also good that the ISP can't force the customer to do business with them, which I'm sure people here can appreciate).
More details are now available:
http://www.codenomicon.com/labs/xml/
Also the CERT advisory is finally out:
https://www.cert.fi/en/reports/2009/vulnerability2009085.html
You call that more details?! The first link tells me nothing much other than "OMG! XML is used in lots of places!" and the second is unclear about which libraries actually have the problem (e.g., is expat itself vulnerable or just the version that Python uses?) This is important because it determines who else has to worry about these things. If there are fundamental problems, it's important that they get fixed right back at the root and then the fixes pushed out. Otherwise you just have duplication of effort, warring developers, and people who are vulnerable and don't know it.
Where is that?
Next to "Iram".
There is a problem: Google wants to show ads and encrypted data gives them no clues about what ads to show.
It's not a problem, because...
If there is really a market for it, then maybe they should develop a paid version with encryption that a business could trust.
A number of other cloud providers have been doing exactly that for a while now, so it wouldn't be at all surprising for Google to do it as well. Of course they'd have to charge for it, but to claim that doing otherwise is better is deeply disingenuous. To expect to get a high-quality service for nothing is... deeply optimistic.
Another possibility would be a Google Docs appliance to be put behind the company's VPN. (Or does that already exist?)
They don't appear to have done yet. But whether or not they do one is more likely to be a business decision and not a technical one; the technical and legal requirements most certainly can be satisfied. (Whether they can with their current infrastructure, no idea...)
I can agree with that, to a point, based on pure productivity/cost. But when you factor in legal implications, change control, training, and so forth, I don't think its sane for most businesses to use cloud apps in the vast majority of situations.
You're thinking like a techie, and probably a sysadmin there, and not like a businessman.
The only way to hold off cloud apps is to provide something better. For a lot of users, Word is not better and Excel is not better. They like doing things on the Web; it lets them be more productive. Fighting against that is a bit like being King Canute, telling the tide to stop coming in.
... a real scientist only needs one (1) crowbar.
You were jacked
Given the economy recently, sounds like that's about what a 401(k) would have been able to acquire.
Ohh, but which Steve?
I don't know, but if I were you, I'd watch out for chairs.
I find that Paste Special, Plain Text comes in very handy at times.
It's exceptionally useful. Why it has to be hidden away where only tinkerers would find it, I don't know. OTOH, it being hard to find makes it much easier to spot people who are stupid enough to plagiarize as those who are stupid enough to do that are also stupid enough to not change the formatting. (Yes, I really have caught people that way, though it also helped that they stole some of the paragraphs of text from things I'd written...)
Put the same text into Word and into a LaTeX template and print out both on a good printer, and even a novice can instantly spot the difference.
Not if you've persuaded Word to use Computer Modern fonts, they can't! (Most people really are that oblivious.)
Having a policy like loser pays legal bills of both sides would go a long way to making the court system fair. Right now its often richest guy wins because he can outlast the poor guy.
You still have the system in place to do that, you know. The judge could make a ruling in equity (I think that's the right term) that the loser should pay the winner's reasonable costs. Indeed, this is usually the case in UK courts and as I understand it there's enough similarity between legal systems for that to be potentially carriable-over. I've no idea why US courts don't seem to like to do it.
Radio, like any limited-spectrum broadcast medium, caters to the majority.
The problem comes if all radio stations insist on chasing the same small number of market segments, rather than finding a more distinctive voice that attracts and holds a particular group. This can be very profitable in advertising terms if that group is comparatively wealthy and inclined to spend, as advertisers love to target their money more effectively. But I suspect that the rot has persisted a bit too long in the US for this to be fixable there; the groups that have been driven away will no longer consider coming back to radio ("because it's all mainstream crap"). Just don't try to extrapolate from the situation in the US to other parts of the world; they're not all that badly fucked.
Exercise your rights. It's your paper. Remember, professors are people just like you. While they may believe you to be paranoid, they won't hold it against you if you voice your concerns with logic, passion, and conviction.
Also remember these things:
Yes, I do teach. No, most student work submitted for my course isn't reusable for anything, not even the really impressive stuff. Yes, I fail the lazy, the stupid and the cheats, and I do it without the slightest care in the world. And no, kicking up a fuss over this doesn't make me think more highly of you; it makes me more suspicious that you're trying to sneak work in twice. But if you're trying to learn, I'm on your side, even if you're having problems; an honest success (at whatever level is apt for your ability) is the best outcome possible.
(I also happen to work at a university that makes turning over copyright of submitted coursework a condition of acceptance as an undergraduate student. If you don't like it, there are other universities; piss off.)
Depending on how you wrote your first paper, you may be able to hand in the same paper again at some point during this course.
If you're submitting a paper twice, two years apart, then you're failing to apply what you've learned in between. That's just lazy, and misses the whole point of getting a proper education. Show off that you have been listening and thinking between times, at least a bit...
The only way to solve this (partially) with existing hardware would be to block access to hardware devices from applications running as non-root users, which is fundamentally contrary to the desire to get device drivers out of the kernel for stability.
Eh? You sound rather confused about the difference between the root user (still a normal user, though with unusually elevated privileges) and the OS kernel (can do anything at all). There's quite a lot of processes running on the average Unix system that have root privileges but which aren't in the kernel. Having (the majority of) each USB device driver be non-kernel is quite possible, and restricting the "upload new firmware" functionality to root is a very good idea, as is checking for a strong crypto signature of someone I trust on it first. (Who to trust is a separate issue, but with firmware you really want it to be Known Good or you run the risk of real trouble, of which malware is only one of the possible problems. Plain old corrupted files bricking the keyboard is another issue that you don't ever want to encounter...)
Normal users (and even root if it isn't doing the special look-behind-the-curtain) should just see keyboards as keyboards. There's no reason at all for normal users to be able to reflash their keyboard firmware.
Did you know that the FSF charges for GPL software if you buy a copy from them? (Yes, you can also get it for nothing. That's not the point.) So don't feel bad about charging. Yes, give the source away too; if someone else decides to put a version built from the same source in the App Store, they can (assuming they get it past Apple's asinine guardianship, of course).
Every student with a phone was calling their parents, and every parent was coming to the school to try and get their darling children out, despite the reality that a gunman with 2 automatics who had already killed a cop was anywhere around.
So... did the gunman get some of the parents or kids, or was that another lost opportunity for disinfecting the gene pool?
So it's a perpetual motion machine?
What on earth gave you that impression? Converting lithium to tritium leaves less lithium behind, and the energy would be coming from rearranging nucleons. No perpetual motion there at all.
I think it must get the prize for an Open Source project hiding the most light under a bushel.
If so, it's winning that prize against stiff competition.
I would hate to throw three bytes per string away on an carrier class router or switch for instance.
Routers often run (specially cut down) Unix. OK, with some fairly fancy hardware but also plenty of memory to hold routing tables (especially on the backbone routers).
Oh, you and your wild anachronisms. Next you'll be telling us they played D&D in ancient Rome!
No, but they did have dungeons and live-action runs of Gladiators.
That's funny because the E.U. website calls them "states". Ya know, like New York state, Maryland state, California state, Sweden state, ..... (Just something to think about.)
They do use the word differently though, and it's a mistake to try to impose what you know about arrangements on one side of the atlantic to the other.
I've been to the US quite a few times now, and I'll happily admit that the various states of the US are more different from each other than they appear to be from here. But the EU states are much more different from each other than any two US states; there's a number of totally different legal systems in place, and it's often true that languages differ too (so far less shared media and culture). In particular, the Netherlands and Sweden have pretty strongly different legal systems (both use civil law, but from differing major branches) and different languages.
Do you think that Steven Metalitz would agree to deposit the master keys to the DRM used to secure the work with the Library of Congress? Like that, when the legally-determined finite length of time that the work is protected ends, the work can proceed properly into the public domain as the law requires. I suggest the LoC because I find it hard to believe that anyone would be able to suggest that they'd be an untrustworthy custodian.
Not that this would make me more inclined to like DRM, but it would allow the fundamental legal, business and technical requirements of both it and copyright law to be met. Other alternatives would be to require people who apply DRM to place the keys in escrow elsewhere (together with appropriate monies in a suitable funding instrument) so as to ensure that the constitutional requirement for protections to be time-limited be enacted. Of course, if they did it this way then if there was another Mickey Mouse extension, all the media companies would suddenly have to deposit a substantial amount of extra cash into those funds to ensure that they continue to be solvent. I think I rather like the idea of corporate shenanigans hitting them on the bottom line immediately, especially as it would actually encourage shortening the period of protection (so as to release money back to the media companies). Hmmm...
One byte? "256 characters is all anyone will ever need!"
Original Pascal strings were indeed lame that way, but don't diss the idea of counted strings; they're actually faster (more efficient copies) and safer (easier buffer management). You do need to use a size_t for the length though.
If you ask me, networks of trust such as PGP are far more difficult to compromise than a central authority.
In practice yes, but only because they're only used by the security conscious. But they're a group who will get almost any even marginally practical solution working anyway. Now, tell me how you plan to scale out a web of trust to millions of website admins without someone blundering (or being bribed) and introducing bad trust in the system...
The modern CA hierarchy IS a web of trust.
No, it's properly a forest (i.e., multi-rooted tree). All the trust flows one way, from the CA roots. That works better because smaller numbers of people need to know what they're doing. Normal people, even normal website admins, don't need to know the details. By contrast, a web of trust will only work between people who understand the security implications of getting it wrong and who are therefore appropriately cautious. So small groups of techies are ideal, the general public... less so.