Open standards are not sufficient to allow a government's experts to check software for backdoors and data leaks. This puts closed-source software in direct conflict with the needs of national security and sovereignty, even when it uses open standards.
As a very large customer, a government can ask to see the source code of the software they use for the purpose of a security audit. For commercial software, this would be under some kind of NDA (though it wouldn't be a very strict one; governments don't and shouldn't compete with software companies!) but it would be entirely enough to allow checking for risks. This could well be made a condition of awarding the contract, announced at the time that the process for bidding was started, so it would be just part of the reasonable rules of this particular game; no objection possible.
The data of government needs to be in open formats and to follow open standards, so that it can remain readable and usable for long periods of time. The particular software used to actually do the work at any time is much less important. The license on the software? That's just a means to an end. (Moreover, when someone proposes mandating a "Free" license, they're trying to exclude not just commercial software but also other types of open source licensed software too. Tricksy, but no.)
It's also why US embassies use radio frequencies for their communications that are allocated by the US, not the host country.
They'll be using frequencies from bands designated globally for embassy traffic so that they don't get the host country riled up enough for them to start broadcasting at high power from nearby, drowning the embassy out. Embassies generally try to avoid irritating their hosts directly, as there's all sorts of ways for the host to make things unpleasant even without physically intruding. I'm guessing that the FCC/State Department negotiate what frequencies to actually use for official communications with the host country's equivalents; who technically sets it isn't relevant since its always set by agreement.
If one uses Jitsi and one uses Skype, why should they settle on the insecure option?
They'll choose Skype because that's the one that the person who isn't a tech expert already has working. Unless you're really keen on doing more free tech support...
Because otherwise people won't talk to you. That's nice at first (very nice!) but after a while it leads to you not getting paid any more, which is very much not nice. The issue? People who communicate are better at making contacts and better at winning business. Over the longer term, this is a very important effect.
But at least there's one thing. If the FSB listen into my skype conversations, the joke will be on them. In particular, those meetings are so incredibly boring that they'll lose the will to live! (It's bad enough for me, and I'm supposed to be interested in what's going on in them.)
maybe the sysadmins liked them but as a developer i hated solaris boxen. the libraries were always years old, nothing modern would compile, the cli tools were slightly incompatible with linux scripts,...
Solaris was nice by comparison with some of the other commercial Unixes. I saved my hate for IRIX and Ultrix. IRIX's compiler was the nastiest I've ever encountered (and the toolchain was one of the very few that the fancier parts of the auto* toolchain choke on, at least in 64-bit mode) and Ultrix was one of the last bastions of mandatory static linking. Ugh.
By contrast, Solaris was pretty close to Linux; writing code to be cross compatible wasn't hard (provided you avoided a few commands and didn't write endian-sensitive C code).
[Button press fail] The hardware was gradually updated over that decade, as was the code of the application (dlclose() FTW!) but the application process genuinely ran without stopping for the whole of that time. The guy who wrote it is one of the most careful programmers I know; the design brief definitely was for a system (hw+sw) that could do that sort of uptime.
All of this would be OK except the author also used to get dragged in to support that code from time to time, sometimes really inconveniently...
Uptime is irrelevant for an individual server, anyway. If there's fail over (and there should be if uptime is important), take it down and update the kernel for security reasons, who cares?
Not all critical services are necessarily internet facing. I know of someone who had an application that ran continually for over 10 years, highly business-critical (master video stream controller for a TV network) and with very fancy hardware attached that it was tricky to replicate. The hardware was gradually updated over that decade, as was the code of the application (dlclose() FTW!)
Skype is also officially forbidden in high-level universities and official research organizations, essentially because it is closed source and thus theoretically prone to potential spying/security issues.
Actually, it's because those organizations tend to have extremely restrictive firewalls and Skype doesn't sit nicely with them. This makes collaborating with people in those organizations on joint research projects rather awkward (though the usual way of dealing with it is to ignore the French, the same as the English have done for centuries).
I've used it over SLIP over a 9k6 baud serial line connection. I was running a document preparation system (Framemaker). The application startup time was frustratingly long, but the overall speed after that was acceptable. (This was about 20 years ago, and yes, I would have loved a faster connection. I didn't have one at the time though.)
Go ahead and TRY to use Firefox remotely over your ISP connection. It's just a pathetic joke and you will kill it out of frustration before even a single page loads.
The specific part that is slow when running remotely is any operation that requires the bulk transfer of a large buffer (in either direction). That's an operation that is frustratingly common with web pages (all those highly animated adverts!) and there are certain operations (video rendering) that should always be done locally to the display, but all other operations should not require that sort of thing. Some current implementations of operations (font rendering) may be done through buffer transfers as well, but that's really a quality-of-implementation issue: there's no actual requirement to perform them away from the display system.
Try the exact same thing with a VNC connection and it works just fine.
VNC's always felt sluggish to me, since we're doing dueling anecdotes.;-)
Wayland is being developed by the same people behind X.org.
That explains my number one complaint about Wayland: the documentation is terrible. Truly awful. I mean this in a very specific way: there is insufficient information there to tell me how I could get a surface on which I could render things, and there is insufficient information there to permit me to do an independent reimplementation of the client library. My only recourse would be to read the source code, but right now that doesn't seem to help either. (Sure, I could connect and probably get a surface, but I have no idea what I could do with that surface or how I would change the handle into something that some other library could draw on.) There's just too much information missing, and that's about par for the course with anything produced by the folks from X.org; they can code cleanly enough, but they can't document critical info.
I am a GUI toolkit maintainer. I'm not porting anything away from X11 for now because I just don't see enough of a platform to port to. (Some bits are probably there. Some definitely aren't. I have other things to do as well as filling out gaping holes in others' critical info.)
So they'll be fined 50% of profits and have to sign something saying they'll obey the law next time like all the other white collar fraud cases? "Justice", right.
You missed the "really annoyed a federal judge" part. Pissing off the judge with your shenanigans in the court room is a good way to ensure you get absolutely zip clemency in sentencing other than the minimum required by law (and, in this case, federal court procedure). If convicted, expect Prenda to get something rather stricter than a slap on the wrist.
The best part? They're representing themselves. They've got fools for clients and nitwits for lawyers.
Aren't driver error, speeding and drinking overlapping categories. And if you are drunk but make no driver error, isn't it nlikely that you will be in an accident?
Yeah, the categories will overlap. No surprise there. There's also the mobile phone as a major source of distraction. For whatever reason, phones seem to distract drivers a lot, much more so than passengers. (I guess the passengers tend to look out of the window and shut up when things look really dangerous.) Distraction and drunkenness tend to lead to inattention, and that often leads to speeding and errors, which in turn are where the accidents start (and get more serious too). I guess that driving while drunk, tired, texting and shaving (or putting on cosmetics) all at the same time, would be some sort of perfect storm of incompetence; I just hope that I'm never in a vehicle near anyone that inconsiderate.
The practical problem with drunkenness — or many other forms of intoxication for that matter — is exactly that it increases the likelihood of driver error and decreases the likelihood of a correct response to the errors by other drivers. Other things can cause the same effect. The exact degree of effect will vary between people, but it really isn't worth gambling with this sort of thing. (The only times I've really had problems with this sort of thing have been when I've flown intercontinental, found it hard to sleep en route, and then had to drive to my hotel from the airport. I didn't hit anything, thank god.)
I think you're misapplying the freedoms that professors are expected to have to deans.
Deans are professors. The senior ones with lots of management/budget responsibility. Dean is what you try for after you have tenure, assuming you're interested. Lots of professors aren't though, because it's a lot of work. (My old boss described it like this: it's assumed you put in 50% of your time doing teaching, 50% doing research, and 50% doing administration...)
You do when policy clearly states a degree of confidentiality and due process for breaching it, both which were not followed. This will likely become a big deal, with the administration coming down hard to Protect The Brand.
It's particularly a big deal when you do it to a substantial number of Deans. I'd assume that a number of people in the administration will be without jobs before too long, and maybe also a change of general counsel too. Not that anyone will say anything nasty; there will just be a general agreement that some people need to... well... move on; personality clashes, changing priorities, that sort of thing. And that perhaps it is time to ring the changes with who provides legal advice. No fault implied. No public link with this incident at all.
In a commercial organization, I'd expect more recriminations in public for spying on the executive members of the board (damn close to what's happened here, in explicit contravention of their own policies). Universities tend to prefer to keep things a bit quieter. But no amount of union membership or past history of good relations is likely to save those responsible for authorizing this. A key rule of university politics is this: unless you have cast-iron evidence of wrong-doing, you DO NOT MESS WITH ANYONE WHO CAN TAKE YOUR BUDGET AWAY. Or who can replace the person with that power.
Pass the popcorn. I'm going to enjoy watching this from afar.
After they were pubically tarted and feathered (Harvard has old traditions)
Tarted and feathered? Is this some reference to an old punishment of dressing up academics like they were performers in the Moulin Rouge? That would be... well, rather eccentric and would make an absolutely wonderful punishment really. You'd only have to do it once and people would behave for the best part of a century (except for those who are secretly extreme exhibitionists and who want to do that sort of thing in public anyway; different strokes for different folks, and all that). Or were you talking about turning them into meat tarts? (I really think that sort of thing would be illegal. Gross too.) Or putting a custard pie in their face perhaps?
When you get right down to it, with an old tradition about you can never really tell.
Microsoft's MSDN website changes frequently, and is confusing to use (on some iterations of their website, on others it works better). Currently to find anything, you have to use the Bing search on their web page, and it doesn't always work well. I find myself using Google search to search for functions in MSDN, because I get better results.
I have always used Google (in site-search mode) to find things on MSDN; it usually gives me exactly the right hit as the top one (even when I use the "wrong" search terms) and I can't remember the last time when it wasn't on the first page of results. Bing search has never worked as well for me. I have no idea why; it's not like the information is impossible for MS to index or something.
However, Stack Overflow has some key advantages over a straight documentation search. You get worked examples, usually with community feedback as to which ones worked for them. You also get links to the right places to look in the docs. Finally, SO have a mechanism in place for handling dupes; Google like them a lot because they indicate clearly that a question asked one way is really the same question but asked in a different way. For a search engine that doesn't really understand very much at all, that's super-valuable info. (The downside of SO comes when there just isn't an expert around to answer questions on a particular topic; you can get a build up of unanswered questions that benefit nobody.)
If they are literally convicted of fraud, we can then get away with calling them frauds?
If they have a conviction for it, sure. You'd have the perfect defense: a judgement that you could point to immediately. Given their apparent fondness for litigiousness, it would be wise to stick to clear facts and reporting of matters that have already been proven in court. Failing that, if you have to make less supportable statements then say things that are clearly your opinion and cannot be mistaken for anything else.
With that, I must wish them good luck with that court case and hope they win. No, not Prenda Law! The prosecutors. Let's have a little love for our friendly prosecuting authorities! We give them some stick round here sometimes, and we should remember that they are not always the enemy.
in the UK at least I can claim loss of earnings from the litigant when I win the case
Is that true in general, or only in specific circumstances?
It's usually the case that the loser pays the winner's costs, on the basic principle that a the party who wasn't wronged shouldn't be too badly hurt by the proceedings themselves. However, this is tempered by the fact that this is an award made by the judge (or panel of magistrates) in equity. Equity is a funny legal concept, not used so much in US courts (where things are a bit more statute driven), but in the case of costs it is the case that where one side brings much more expensive legal representation in than the other side, they're unlikely to get the cost of doing so refunded: it's to everyone's greatest benefit to bring a closely matched level of representation to the other side. This greatly reduces the problems with toxic private litigation; the costs only go through the roof when you've got two rich people suing each other (which is why London law firms absolutely adore Russian oligarchs). Similar principles apply to crown cases, except that the Crown (via the CPS, the state prosecutors' office) are usually good at keeping costs down.
Loss of earnings is trickier. I suppose this would again be an award in equity and would only really apply in crown cases (because civil actions can't have imprisonment as a punishment in normal circumstances). Just having to appear in court would not normally let you claim for loss of earnings (and that's a good thing, as it stops a rich man using that as a way to dissuade a poor man from bringing a case). To be honest though, I don't know. It'd probably be easier to show a claimable loss if one was on an hourly wage rather than a monthly salary...
Turn off Java in your browser and you'll be a happy camper.
It would be nice if we could have the JRE as a completely separate product from the plugin. I could happily live without the plugin (and do!) but the JRE itself is useful for other apps.
I agree but I'm a little confused if your agreeing or disagreeing with me. C gives you the power to do what you want, Java on the other hand assumes.
He's not exactly disagreeing or agreeing with you, as you're so thoroughly confused that you manage to say things that aren't cleanly true or false.
C has no security model. At all. This lets you write things that are totally unsafe. For example, you couldn't have browser exploits with either Flash or Java or any other plugin if it wasn't for the NPAPI, which is a C interface! O! M! G!
Java does have a security model; it tries to segregate untrusted code away from trusted code and ensure that the untrusted code can only do very limited operations. This is hard to get right. (Doubly hard when you've got the plugin glue code in the mix; that just makes everything much more complex.) For most applications, this actually doesn't matter very much as they don't load code from untrusted sources at all; Java is doing just great at powering web application servers, and there are some wonderful libraries to help with this. Browser plugins though are a different beast; their whole point is to load untrusted code and execute it, and any mistake is a problem.
Right now, I recommend disabling the Java plugin in all browsers that you use, or even better removing the plugin entirely. If you must have it enabled (for some horrible corporate web application) then only turn it on when strictly necessary. As a bonus, you won't have to suffer from nasty slow Java-implemented ads. (That was why I originally turned it off in my systems; being defended against hacking was a side benefit.) Also, Java tends to look like ass in a browser these days.
And of course when people think "drone" they think "armed Predator drone", which further mucks with the issue.
Except that the only people likely to be operating armed Predator drones are unlikely to be located in either Texas or New Hampshire, and so aren't going to care what the legislators of those states say.
Slashdot Mirror
It's hard to have a battle of wits with an unarmed man.
Open standards are not sufficient to allow a government's experts to check software for backdoors and data leaks. This puts closed-source software in direct conflict with the needs of national security and sovereignty, even when it uses open standards.
As a very large customer, a government can ask to see the source code of the software they use for the purpose of a security audit. For commercial software, this would be under some kind of NDA (though it wouldn't be a very strict one; governments don't and shouldn't compete with software companies!) but it would be entirely enough to allow checking for risks. This could well be made a condition of awarding the contract, announced at the time that the process for bidding was started, so it would be just part of the reasonable rules of this particular game; no objection possible.
The data of government needs to be in open formats and to follow open standards, so that it can remain readable and usable for long periods of time. The particular software used to actually do the work at any time is much less important. The license on the software? That's just a means to an end. (Moreover, when someone proposes mandating a "Free" license, they're trying to exclude not just commercial software but also other types of open source licensed software too. Tricksy, but no.)
It's also why US embassies use radio frequencies for their communications that are allocated by the US, not the host country.
They'll be using frequencies from bands designated globally for embassy traffic so that they don't get the host country riled up enough for them to start broadcasting at high power from nearby, drowning the embassy out. Embassies generally try to avoid irritating their hosts directly, as there's all sorts of ways for the host to make things unpleasant even without physically intruding. I'm guessing that the FCC/State Department negotiate what frequencies to actually use for official communications with the host country's equivalents; who technically sets it isn't relevant since its always set by agreement.
If one uses Jitsi and one uses Skype, why should they settle on the insecure option?
They'll choose Skype because that's the one that the person who isn't a tech expert already has working. Unless you're really keen on doing more free tech support...
Why the hell would I want a Skype account?
Because otherwise people won't talk to you. That's nice at first (very nice!) but after a while it leads to you not getting paid any more, which is very much not nice. The issue? People who communicate are better at making contacts and better at winning business. Over the longer term, this is a very important effect.
But at least there's one thing. If the FSB listen into my skype conversations, the joke will be on them. In particular, those meetings are so incredibly boring that they'll lose the will to live! (It's bad enough for me, and I'm supposed to be interested in what's going on in them.)
maybe the sysadmins liked them but as a developer i hated solaris boxen. the libraries were always years old, nothing modern would compile, the cli tools were slightly incompatible with linux scripts, ...
Solaris was nice by comparison with some of the other commercial Unixes. I saved my hate for IRIX and Ultrix. IRIX's compiler was the nastiest I've ever encountered (and the toolchain was one of the very few that the fancier parts of the auto* toolchain choke on, at least in 64-bit mode) and Ultrix was one of the last bastions of mandatory static linking. Ugh.
By contrast, Solaris was pretty close to Linux; writing code to be cross compatible wasn't hard (provided you avoided a few commands and didn't write endian-sensitive C code).
[Button press fail]
The hardware was gradually updated over that decade, as was the code of the application (dlclose() FTW!) but the application process genuinely ran without stopping for the whole of that time. The guy who wrote it is one of the most careful programmers I know; the design brief definitely was for a system (hw+sw) that could do that sort of uptime.
All of this would be OK except the author also used to get dragged in to support that code from time to time, sometimes really inconveniently...
[There go the mod points]
Uptime is irrelevant for an individual server, anyway. If there's fail over (and there should be if uptime is important), take it down and update the kernel for security reasons, who cares?
Not all critical services are necessarily internet facing. I know of someone who had an application that ran continually for over 10 years, highly business-critical (master video stream controller for a TV network) and with very fancy hardware attached that it was tricky to replicate. The hardware was gradually updated over that decade, as was the code of the application (dlclose() FTW!)
But then the MPG is terrible.
If you let a car sit and you lose X ml of gasoline to evaporation while traveling 0 miles your MPG is 0. Even a leadfoot can beat 0mpg.
Keep the tank completely empty and your MPG will go all the way up to NaN! Beat that!
Skype is also officially forbidden in high-level universities and official research organizations, essentially because it is closed source and thus theoretically prone to potential spying/security issues.
Actually, it's because those organizations tend to have extremely restrictive firewalls and Skype doesn't sit nicely with them. This makes collaborating with people in those organizations on joint research projects rather awkward (though the usual way of dealing with it is to ignore the French, the same as the English have done for centuries).
Have you ever tried to actually USE remote X?
I've used it over SLIP over a 9k6 baud serial line connection. I was running a document preparation system (Framemaker). The application startup time was frustratingly long, but the overall speed after that was acceptable. (This was about 20 years ago, and yes, I would have loved a faster connection. I didn't have one at the time though.)
Go ahead and TRY to use Firefox remotely over your ISP connection. It's just a pathetic joke and you will kill it out of frustration before even a single page loads.
The specific part that is slow when running remotely is any operation that requires the bulk transfer of a large buffer (in either direction). That's an operation that is frustratingly common with web pages (all those highly animated adverts!) and there are certain operations (video rendering) that should always be done locally to the display, but all other operations should not require that sort of thing. Some current implementations of operations (font rendering) may be done through buffer transfers as well, but that's really a quality-of-implementation issue: there's no actual requirement to perform them away from the display system.
Try the exact same thing with a VNC connection and it works just fine.
VNC's always felt sluggish to me, since we're doing dueling anecdotes. ;-)
Wayland is being developed by the same people behind X.org.
That explains my number one complaint about Wayland: the documentation is terrible. Truly awful. I mean this in a very specific way: there is insufficient information there to tell me how I could get a surface on which I could render things, and there is insufficient information there to permit me to do an independent reimplementation of the client library. My only recourse would be to read the source code, but right now that doesn't seem to help either. (Sure, I could connect and probably get a surface, but I have no idea what I could do with that surface or how I would change the handle into something that some other library could draw on.) There's just too much information missing, and that's about par for the course with anything produced by the folks from X.org; they can code cleanly enough, but they can't document critical info.
I am a GUI toolkit maintainer. I'm not porting anything away from X11 for now because I just don't see enough of a platform to port to. (Some bits are probably there. Some definitely aren't. I have other things to do as well as filling out gaping holes in others' critical info.)
So they'll be fined 50% of profits and have to sign something saying they'll obey the law next time like all the other white collar fraud cases? "Justice", right.
You missed the "really annoyed a federal judge" part. Pissing off the judge with your shenanigans in the court room is a good way to ensure you get absolutely zip clemency in sentencing other than the minimum required by law (and, in this case, federal court procedure). If convicted, expect Prenda to get something rather stricter than a slap on the wrist.
The best part? They're representing themselves. They've got fools for clients and nitwits for lawyers.
Aren't driver error, speeding and drinking overlapping categories. And if you are drunk but make no driver error, isn't it nlikely that you will be in an accident?
Yeah, the categories will overlap. No surprise there. There's also the mobile phone as a major source of distraction. For whatever reason, phones seem to distract drivers a lot, much more so than passengers. (I guess the passengers tend to look out of the window and shut up when things look really dangerous.) Distraction and drunkenness tend to lead to inattention, and that often leads to speeding and errors, which in turn are where the accidents start (and get more serious too). I guess that driving while drunk, tired, texting and shaving (or putting on cosmetics) all at the same time, would be some sort of perfect storm of incompetence; I just hope that I'm never in a vehicle near anyone that inconsiderate.
The practical problem with drunkenness — or many other forms of intoxication for that matter — is exactly that it increases the likelihood of driver error and decreases the likelihood of a correct response to the errors by other drivers. Other things can cause the same effect. The exact degree of effect will vary between people, but it really isn't worth gambling with this sort of thing. (The only times I've really had problems with this sort of thing have been when I've flown intercontinental, found it hard to sleep en route, and then had to drive to my hotel from the airport. I didn't hit anything, thank god.)
I think you're misapplying the freedoms that professors are expected to have to deans.
Deans are professors. The senior ones with lots of management/budget responsibility. Dean is what you try for after you have tenure, assuming you're interested. Lots of professors aren't though, because it's a lot of work. (My old boss described it like this: it's assumed you put in 50% of your time doing teaching, 50% doing research, and 50% doing administration...)
You do when policy clearly states a degree of confidentiality and due process for breaching it, both which were not followed. This will likely become a big deal, with the administration coming down hard to Protect The Brand.
It's particularly a big deal when you do it to a substantial number of Deans. I'd assume that a number of people in the administration will be without jobs before too long, and maybe also a change of general counsel too. Not that anyone will say anything nasty; there will just be a general agreement that some people need to... well... move on; personality clashes, changing priorities, that sort of thing. And that perhaps it is time to ring the changes with who provides legal advice. No fault implied. No public link with this incident at all.
In a commercial organization, I'd expect more recriminations in public for spying on the executive members of the board (damn close to what's happened here, in explicit contravention of their own policies). Universities tend to prefer to keep things a bit quieter. But no amount of union membership or past history of good relations is likely to save those responsible for authorizing this. A key rule of university politics is this: unless you have cast-iron evidence of wrong-doing, you DO NOT MESS WITH ANYONE WHO CAN TAKE YOUR BUDGET AWAY. Or who can replace the person with that power.
Pass the popcorn. I'm going to enjoy watching this from afar.
After they were pubically tarted and feathered (Harvard has old traditions)
Tarted and feathered? Is this some reference to an old punishment of dressing up academics like they were performers in the Moulin Rouge? That would be... well, rather eccentric and would make an absolutely wonderful punishment really. You'd only have to do it once and people would behave for the best part of a century (except for those who are secretly extreme exhibitionists and who want to do that sort of thing in public anyway; different strokes for different folks, and all that). Or were you talking about turning them into meat tarts? (I really think that sort of thing would be illegal. Gross too.) Or putting a custard pie in their face perhaps?
When you get right down to it, with an old tradition about you can never really tell.
Microsoft's MSDN website changes frequently, and is confusing to use (on some iterations of their website, on others it works better). Currently to find anything, you have to use the Bing search on their web page, and it doesn't always work well. I find myself using Google search to search for functions in MSDN, because I get better results.
I have always used Google (in site-search mode) to find things on MSDN; it usually gives me exactly the right hit as the top one (even when I use the "wrong" search terms) and I can't remember the last time when it wasn't on the first page of results. Bing search has never worked as well for me. I have no idea why; it's not like the information is impossible for MS to index or something.
However, Stack Overflow has some key advantages over a straight documentation search. You get worked examples, usually with community feedback as to which ones worked for them. You also get links to the right places to look in the docs. Finally, SO have a mechanism in place for handling dupes; Google like them a lot because they indicate clearly that a question asked one way is really the same question but asked in a different way. For a search engine that doesn't really understand very much at all, that's super-valuable info. (The downside of SO comes when there just isn't an expert around to answer questions on a particular topic; you can get a build up of unanswered questions that benefit nobody.)
So yeah, run them out of business and they can find a new career parking cars.
And there I was hoping they could find a nice... secure job doing laundry. Maybe with an option in the production of gravel.
If they are literally convicted of fraud, we can then get away with calling them frauds?
If they have a conviction for it, sure. You'd have the perfect defense: a judgement that you could point to immediately. Given their apparent fondness for litigiousness, it would be wise to stick to clear facts and reporting of matters that have already been proven in court. Failing that, if you have to make less supportable statements then say things that are clearly your opinion and cannot be mistaken for anything else.
With that, I must wish them good luck with that court case and hope they win. No, not Prenda Law! The prosecutors. Let's have a little love for our friendly prosecuting authorities! We give them some stick round here sometimes, and we should remember that they are not always the enemy.
in the UK at least I can claim loss of earnings from the litigant when I win the case
Is that true in general, or only in specific circumstances?
It's usually the case that the loser pays the winner's costs, on the basic principle that a the party who wasn't wronged shouldn't be too badly hurt by the proceedings themselves. However, this is tempered by the fact that this is an award made by the judge (or panel of magistrates) in equity. Equity is a funny legal concept, not used so much in US courts (where things are a bit more statute driven), but in the case of costs it is the case that where one side brings much more expensive legal representation in than the other side, they're unlikely to get the cost of doing so refunded: it's to everyone's greatest benefit to bring a closely matched level of representation to the other side. This greatly reduces the problems with toxic private litigation; the costs only go through the roof when you've got two rich people suing each other (which is why London law firms absolutely adore Russian oligarchs). Similar principles apply to crown cases, except that the Crown (via the CPS, the state prosecutors' office) are usually good at keeping costs down.
Loss of earnings is trickier. I suppose this would again be an award in equity and would only really apply in crown cases (because civil actions can't have imprisonment as a punishment in normal circumstances). Just having to appear in court would not normally let you claim for loss of earnings (and that's a good thing, as it stops a rich man using that as a way to dissuade a poor man from bringing a case). To be honest though, I don't know. It'd probably be easier to show a claimable loss if one was on an hourly wage rather than a monthly salary...
Turn off Java in your browser and you'll be a happy camper.
It would be nice if we could have the JRE as a completely separate product from the plugin. I could happily live without the plugin (and do!) but the JRE itself is useful for other apps.
I agree but I'm a little confused if your agreeing or disagreeing with me. C gives you the power to do what you want, Java on the other hand assumes.
He's not exactly disagreeing or agreeing with you, as you're so thoroughly confused that you manage to say things that aren't cleanly true or false.
C has no security model. At all. This lets you write things that are totally unsafe. For example, you couldn't have browser exploits with either Flash or Java or any other plugin if it wasn't for the NPAPI, which is a C interface! O! M! G!
Java does have a security model; it tries to segregate untrusted code away from trusted code and ensure that the untrusted code can only do very limited operations. This is hard to get right. (Doubly hard when you've got the plugin glue code in the mix; that just makes everything much more complex.) For most applications, this actually doesn't matter very much as they don't load code from untrusted sources at all; Java is doing just great at powering web application servers, and there are some wonderful libraries to help with this. Browser plugins though are a different beast; their whole point is to load untrusted code and execute it, and any mistake is a problem.
Right now, I recommend disabling the Java plugin in all browsers that you use, or even better removing the plugin entirely. If you must have it enabled (for some horrible corporate web application) then only turn it on when strictly necessary. As a bonus, you won't have to suffer from nasty slow Java-implemented ads. (That was why I originally turned it off in my systems; being defended against hacking was a side benefit.) Also, Java tends to look like ass in a browser these days.
Yes, C is secure. You can however use C to write buggy software, for example a java virtual machine.
The JVM is actually written in C++. Just sayin'
And of course when people think "drone" they think "armed Predator drone", which further mucks with the issue.
Except that the only people likely to be operating armed Predator drones are unlikely to be located in either Texas or New Hampshire, and so aren't going to care what the legislators of those states say.