Only in as far as identities related to internet hosts. X.509 certificates are used for other things, such as authenticating users to servers and to each other (which is also used in things like code signing). Those certificates don't (have to) have the host name in anyway, so DNSSEC is irrelevant to their security, and any bad (or compromised) CA could impersonate anyone.
The biggest protection against this sort of problem is that user certificates are less likely to have as wide a set of trust roots. (For example, if you're dealing with signed drivers for Windows, it makes a heck of a lot of sense to have Microsoft holding the only trust root, whatever you think of their business policies.) If Verison's CA isn't one of the trust roots, Etisalat can't impersonate anyway. And one way of dealing with this is to have businesses (that need it at all) sign customer certificates at the start of a business relationship; after all, that's when they'd want to establish the identity of the customer anyway.
(And FWIW, I suspect that DNSSEC isn't going to be as great as some people think it will be. An incremental improvement, not a revolution.)
Exactly. I'm in the unfortunate position that one of my clients uses just that, spaces and tabs for newlines. To read each of her emails, I have to resize my mail app to the size hers was when she wrote it. *smacks forehead* Such is the life of a modern IT worker...
Your email client doesn't do auto-rewrapping of paragraphs if asked?
The only really graceful ways I can think of to solve this problem rely on some changes to the VM spec.
The only two relatively-clean ways to deal with this stuff is to either pass in the arguments in a test run, or to switch off some cheaply-available name. Of the two, switching on the name is much cheaper but also more fragile...
[J]ust change the HOV rules to require that a "carpool" automobile be a non-commercial vehicle not currently in commercial use containing at least 2 (or 3) LICENSED drivers who are not directly related (spouses, parent/child).
That's insanely difficult to enforce, whereas just about anyone who can drive can count people in a car to more than one. Any law on the books that is impossible to enforce is just a stupid waste of everyone's time.
But what is the point in logging encrypted (ie https) traffic? Do the policy makers even know such things exist?
Don't explain it to them or they'll simply require all e-commerce transactions to be carried out over plain, unencrypted HTTP. That would be even worse.
I'm not even sure why I used "foobar". The actual class name is "DocumentFactoryFactory".... not much better.
You could do some refactoring...It'd probably be a lot of work, so you could out source it to one of those places that specialize in that, a "refactoring factory". But all of that would require a proposal document...a DocumentFactoryFactory Refactoring Factory Document, if you will.
Why stop there? With only a little more abstraction you can have a DocumentFactoryFactoryRefactoringFactoryDocumentStrategyBuilderFactory. Next up, the Systems Hungarian annotation for that marvel of modern software engineering!
Which begs the question, why wasn't action done by the government sooner?
Because the oil-men in the oil industry regulator (hmmm!) didn't see the need to be more prepared. (The oil industry itself thought that hoping that nothing would go wrong was a more profitable option than preparation for disaster. After all, wouldn't want to reduce the profits announced to Wall Street for the quarter...)
How so? This was a competition to come up with a new symbol. There were 5 designs that were on the final list and this symbol was the one that was just chosen.
I don't know how you can plan ahead for something like that.
The competition was for the design of the glyph, not for the logical concept of the symbol. Getting the concept into Unicode is what could have been done beforehand, which would have made supporting the symbol fully just a matter of updating everyone's fonts...
No other country that is at the top of the broadband list has 100 million homes.
So what? Very crudely, the ability of a country to pay for its infrastructure depends on the number of people living there. You've got more people, you need more infrastructure and you've got more who can pay for it. For local-level stuff (which is most of what broadband access is about; the long-range links are mostly there already) it's nearly a linear scaling. There will be variation in service levels - most folks out in the boonies, wherever that is in the world, will get less unless they're lucky - but ultimately it's just a matter of the will to get it done. If the American people believed, truly believed, that it was important, it would get paid for (one way or another) and there would be broadband access of some form for all. But it seems what a majority really believe in is subsidizing poor service and cartels whose only duty is to enable megarich corporate bosses to build grander palaces and pay you even less attention. After all, that's what they vote for.
If you don't like this situation, it's in your hands and not mine. I'm not a US citizen and I don't live in North America. Just don't pretend that the problem is your sparseness (which isn't very remarkable) or your population level; it's your willingness to knuckle down and fix things in the face of vested interests that is lacking. (We came very close to being that way in the UK; it took a huge fight to get the incumbent telco to stop blocking things. Now we have a very competitive market, even if it's now starting to shake out due to the recession. The point still stands.)
Homeworks are another matter, but with group collaboration encouraged, cheating just has to be accepted and marginalized by minimalizing the impact of homework on the overall grade in favor of exams and projects. At worst, bad cheating on routine homework assignments is insulting to the grader and singles you out as a target. If you're too lazy to even cheat properly, you're just wasting everyone's time.
The case of cheating I encountered (a few years ago now) was with someone who definitely wasn't a high-quality student. Though he picked reasonable things to plagiarize from, he didn't even bother trying to make all the styles match up in his submitted DOC file; each paragraph had different indentation and fonts. He also copied my own papers, like I wouldn't spot that! Mind you, he was better off cheating than doing his own work; he managed to get a higher score on the sections he plagiarized (even with a heavy mark-down for cheating) than in the parts that were definitely his own work. We knew it was his own, because nobody even vaguely sane would use that as an example of what the question was about and the submitted code would not have worked for any purpose. Well, maybe it would have worked for crashing a compiler, but I couldn't be bothered to check. Quite the worst work I've ever seen, and the worst student too; the plagiarized essay parts marked the high point of this guy's career.
Teaching? Just pray you never come across anything quite so bad.
I'll go one further. Don't write your own textbook and make students buy it. When I was at university, this was a sure sign that the textbook was going to suck ass.
That beats having the teacher read their book out in class in a monotone with you having to write it all down as that crashing bore droned on. That's how it was in my day; damn, but that Software Engineering course was dull (and, lo and behold, the Waterfall Model sucks even more than I thought at the time...)
If Labour vote against it -- and I suspect they will -- then I think they'll be shooting themselves in the foot because it's been in their own manifesto for at least the last three elections.
All the indications are that Labour will be more keen on voting against the bill on the grounds that it reduces the number of MPs and changes all the constituency boundaries. Quite apart from the fact that this would be likely to affect them more than anyone else anyway, shaking up constituency boundaries is an open invitation to gerrymandering (whether or not you think that the current system is good that way) and it's just a good way to cause trouble.
Plus I suspect that both the Tories and Labour would love to see Clegg get a bloody nose from all this anyway, if for different reasons.
The current problem is that on an LCD display, the Red, Green, and Blue pixels are adjacent to each other, not co-located. Coming up with a scheme to make all 3 colors appear to emanate from the exact same point would be a useful development.
OTOH, subpixel rendering of text uses the fact that the individual elements are next to each other in a predictable pattern to enable (effectively) sub-pixel addressing, so that instead of RGB from one pixel being used, say G and B from one pixel are used and R from the next. (Massive simplification, but close to the truth.) It looks great, but only if properly configured.
Debit card processing systems require real-time access to the full network for every single transaction. PIN numbers cannot be cached locally, and must be validated before completing the transaction.
Actually they do not. As evidence for that, I cite the fact that I can purchase train tickets from the conductor while the train is in a tunnel where there is definitely no signal. In the absence of magic which lets radio waves penetrate a hundred metres or more of sandstone, what must be happening is that some sort of validation is occurring locally (though presumably it's formally unsafe) and then later on it is being reconciled with the bank. The train company takes the risk that the transaction will fail in order to get the (more highly valued to them) operational flexibility to issue tickets at any point.
Well it's not that easy, I think. Someone like Christopher Reuel Tolkien (age 85) is still publishing - at that age you are more likely to be interested in earning money for your family or descendents rather than yourself. That in turn might only be possible if you are able to sell or transfer the rights to the work in some way.
That's why the right needs to be transferrable, even though that leads to some abuses. Still, there's no need for the length of time to be very long; shortening it would encourage copyright holders that want to monetize their efforts to get on with it rather than sitting around gazing at their navels.
Still - 25 years after creation should be plenty of time to profit from the work and be a reasonable not to interfere with it becoming part of our culture and derivative works to be created.
Precisely.
Of course Men At Work would then no longer earn any royalties on the song either.
They can always record another version, which will have its own copyright. That's just got nothing to do with the copyright term on the original.
This leads to a frustrating experience -- whereas in a small company, these things tend to be handled quickly, because the support guy can escalate easily.
If it's a real small company, the support guy doesn't escalate. He just handles it because he's all the support. (And sales and development too; I know a few guys who run their own small companies doing this sort of thing.) He offers good support because that's his big edge over the big firms.
Oh, and those el-cheap-o Bluetooth modules you're suggesting are probably very out-dated, which is why they're so cheap. That $3 module probably cost more when it was less than a year old and they weren't trying to dump the inventory that they can't sell at a higher price...
But for keyboard simulation, you don't need a fancy high-speed module. You're talking a few bytes per second. A cheap module should be enough. Hardware that can do anything is more expensive than hardware which is more specialized to its task; flexibility costs.
Most presenting devices have at least rudimentary pairing between remote and dongle.
Yes, but a lot of projectors also have remote controls, and they're usually not paired. Switching things off mid-presentation is deeply annoying to the presenter.
(I say this because of a presentation I once saw a friend do where his remote would (IIRC) bring up the configuration menu every time he switched page. Funny, but it forced him to switch to manual control.)
But until Google says otherwise, we can't know that this wasn't already the case.
Fortunately, they already have all the data with potential exploits and are reasonably well known for their ability to search for things. Depending on how things are stored, it even might be as simple as doing a first-cut by looking for an unescaped < character.
If you were a real programmer you would have started barfing uncontrollably at the mention of XML:-)
There are worse things out there. There's some really horrible data formats lurking out there, some of which are still being actively promulgated. (Alas, I'm working with one at the moment where the best thing that could be said about the authors of the offending services/data is "You're Doing It Wrong." Beware of astronomers!)
The place I work at was at one point thinking of writing there own database system instead of using MySQL or PostgreSQL, which of course is madness, but would have been very educational for all involved.
Would that have been educational as in "don't do it, you dumbasses!"? (Get the database engine wrong and your data is toast, and often subtly so so you don't find out until far too late.)
Slashdot Mirror
great learning opportunities
That one goes in the euphemism file entry for "horrible disaster".
DNSSEC is going to be an improvement.
Only in as far as identities related to internet hosts. X.509 certificates are used for other things, such as authenticating users to servers and to each other (which is also used in things like code signing). Those certificates don't (have to) have the host name in anyway, so DNSSEC is irrelevant to their security, and any bad (or compromised) CA could impersonate anyone.
The biggest protection against this sort of problem is that user certificates are less likely to have as wide a set of trust roots. (For example, if you're dealing with signed drivers for Windows, it makes a heck of a lot of sense to have Microsoft holding the only trust root, whatever you think of their business policies.) If Verison's CA isn't one of the trust roots, Etisalat can't impersonate anyway. And one way of dealing with this is to have businesses (that need it at all) sign customer certificates at the start of a business relationship; after all, that's when they'd want to establish the identity of the customer anyway.
(And FWIW, I suspect that DNSSEC isn't going to be as great as some people think it will be. An incremental improvement, not a revolution.)
nobody blows off Google.
But lots of people blow off Bing.
Exactly. I'm in the unfortunate position that one of my clients uses just that, spaces and tabs for newlines. To read each of her emails, I have to resize my mail app to the size hers was when she wrote it. *smacks forehead* Such is the life of a modern IT worker...
Your email client doesn't do auto-rewrapping of paragraphs if asked?
The only really graceful ways I can think of to solve this problem rely on some changes to the VM spec.
The only two relatively-clean ways to deal with this stuff is to either pass in the arguments in a test run, or to switch off some cheaply-available name. Of the two, switching on the name is much cheaper but also more fragile...
[J]ust change the HOV rules to require that a "carpool" automobile be a non-commercial vehicle not currently in commercial use containing at least 2 (or 3) LICENSED drivers who are not directly related (spouses, parent/child).
That's insanely difficult to enforce, whereas just about anyone who can drive can count people in a car to more than one. Any law on the books that is impossible to enforce is just a stupid waste of everyone's time.
Does Slashdot display any Unicode characters correctly, apart from English letters and punctuation?
Only if you use HTML entities, and even then only if they're named; being this poor must be © slashcode...
But what is the point in logging encrypted (ie https) traffic? Do the policy makers even know such things exist?
Don't explain it to them or they'll simply require all e-commerce transactions to be carried out over plain, unencrypted HTTP. That would be even worse.
I'm not even sure why I used "foobar". The actual class name is "DocumentFactoryFactory". ... not much better.
You could do some refactoring...It'd probably be a lot of work, so you could out source it to one of those places that specialize in that, a "refactoring factory". But all of that would require a proposal document...a DocumentFactoryFactory Refactoring Factory Document, if you will.
Why stop there? With only a little more abstraction you can have a DocumentFactoryFactoryRefactoringFactoryDocumentStrategyBuilderFactory. Next up, the Systems Hungarian annotation for that marvel of modern software engineering!
Which begs the question, why wasn't action done by the government sooner?
Because the oil-men in the oil industry regulator (hmmm!) didn't see the need to be more prepared. (The oil industry itself thought that hoping that nothing would go wrong was a more profitable option than preparation for disaster. After all, wouldn't want to reduce the profits announced to Wall Street for the quarter...)
How so? This was a competition to come up with a new symbol. There were 5 designs that were on the final list and this symbol was the one that was just chosen.
I don't know how you can plan ahead for something like that.
The competition was for the design of the glyph, not for the logical concept of the symbol. Getting the concept into Unicode is what could have been done beforehand, which would have made supporting the symbol fully just a matter of updating everyone's fonts...
How do magnets work?
HTH. HAND.
BS! It's the leprechauns, dancing on the spot, spinning around and joining hands! It's leprechauns, I tell you!
No other country that is at the top of the broadband list has 100 million homes.
So what? Very crudely, the ability of a country to pay for its infrastructure depends on the number of people living there. You've got more people, you need more infrastructure and you've got more who can pay for it. For local-level stuff (which is most of what broadband access is about; the long-range links are mostly there already) it's nearly a linear scaling. There will be variation in service levels - most folks out in the boonies, wherever that is in the world, will get less unless they're lucky - but ultimately it's just a matter of the will to get it done. If the American people believed, truly believed, that it was important, it would get paid for (one way or another) and there would be broadband access of some form for all. But it seems what a majority really believe in is subsidizing poor service and cartels whose only duty is to enable megarich corporate bosses to build grander palaces and pay you even less attention. After all, that's what they vote for.
If you don't like this situation, it's in your hands and not mine. I'm not a US citizen and I don't live in North America. Just don't pretend that the problem is your sparseness (which isn't very remarkable) or your population level; it's your willingness to knuckle down and fix things in the face of vested interests that is lacking. (We came very close to being that way in the UK; it took a huge fight to get the incumbent telco to stop blocking things. Now we have a very competitive market, even if it's now starting to shake out due to the recession. The point still stands.)
Homeworks are another matter, but with group collaboration encouraged, cheating just has to be accepted and marginalized by minimalizing the impact of homework on the overall grade in favor of exams and projects. At worst, bad cheating on routine homework assignments is insulting to the grader and singles you out as a target. If you're too lazy to even cheat properly, you're just wasting everyone's time.
The case of cheating I encountered (a few years ago now) was with someone who definitely wasn't a high-quality student. Though he picked reasonable things to plagiarize from, he didn't even bother trying to make all the styles match up in his submitted DOC file; each paragraph had different indentation and fonts. He also copied my own papers, like I wouldn't spot that! Mind you, he was better off cheating than doing his own work; he managed to get a higher score on the sections he plagiarized (even with a heavy mark-down for cheating) than in the parts that were definitely his own work. We knew it was his own, because nobody even vaguely sane would use that as an example of what the question was about and the submitted code would not have worked for any purpose. Well, maybe it would have worked for crashing a compiler, but I couldn't be bothered to check. Quite the worst work I've ever seen, and the worst student too; the plagiarized essay parts marked the high point of this guy's career.
Teaching? Just pray you never come across anything quite so bad.
I'll go one further. Don't write your own textbook and make students buy it. When I was at university, this was a sure sign that the textbook was going to suck ass.
That beats having the teacher read their book out in class in a monotone with you having to write it all down as that crashing bore droned on. That's how it was in my day; damn, but that Software Engineering course was dull (and, lo and behold, the Waterfall Model sucks even more than I thought at the time...)
If Labour vote against it -- and I suspect they will -- then I think they'll be shooting themselves in the foot because it's been in their own manifesto for at least the last three elections.
All the indications are that Labour will be more keen on voting against the bill on the grounds that it reduces the number of MPs and changes all the constituency boundaries. Quite apart from the fact that this would be likely to affect them more than anyone else anyway, shaking up constituency boundaries is an open invitation to gerrymandering (whether or not you think that the current system is good that way) and it's just a good way to cause trouble.
Plus I suspect that both the Tories and Labour would love to see Clegg get a bloody nose from all this anyway, if for different reasons.
The current problem is that on an LCD display, the Red, Green, and Blue pixels are adjacent to each other, not co-located. Coming up with a scheme to make all 3 colors appear to emanate from the exact same point would be a useful development.
OTOH, subpixel rendering of text uses the fact that the individual elements are next to each other in a predictable pattern to enable (effectively) sub-pixel addressing, so that instead of RGB from one pixel being used, say G and B from one pixel are used and R from the next. (Massive simplification, but close to the truth.) It looks great, but only if properly configured.
Debit card processing systems require real-time access to the full network for every single transaction. PIN numbers cannot be cached locally, and must be validated before completing the transaction.
Actually they do not. As evidence for that, I cite the fact that I can purchase train tickets from the conductor while the train is in a tunnel where there is definitely no signal. In the absence of magic which lets radio waves penetrate a hundred metres or more of sandstone, what must be happening is that some sort of validation is occurring locally (though presumably it's formally unsafe) and then later on it is being reconciled with the bank. The train company takes the risk that the transaction will fail in order to get the (more highly valued to them) operational flexibility to issue tickets at any point.
Well it's not that easy, I think. Someone like Christopher Reuel Tolkien (age 85) is still publishing - at that age you are more likely to be interested in earning money for your family or descendents rather than yourself. That in turn might only be possible if you are able to sell or transfer the rights to the work in some way.
That's why the right needs to be transferrable, even though that leads to some abuses. Still, there's no need for the length of time to be very long; shortening it would encourage copyright holders that want to monetize their efforts to get on with it rather than sitting around gazing at their navels.
Still - 25 years after creation should be plenty of time to profit from the work and be a reasonable not to interfere with it becoming part of our culture and derivative works to be created.
Precisely.
Of course Men At Work would then no longer earn any royalties on the song either.
They can always record another version, which will have its own copyright. That's just got nothing to do with the copyright term on the original.
This leads to a frustrating experience -- whereas in a small company, these things tend to be handled quickly, because the support guy can escalate easily.
If it's a real small company, the support guy doesn't escalate. He just handles it because he's all the support. (And sales and development too; I know a few guys who run their own small companies doing this sort of thing.) He offers good support because that's his big edge over the big firms.
Oh, and those el-cheap-o Bluetooth modules you're suggesting are probably very out-dated, which is why they're so cheap. That $3 module probably cost more when it was less than a year old and they weren't trying to dump the inventory that they can't sell at a higher price...
But for keyboard simulation, you don't need a fancy high-speed module. You're talking a few bytes per second. A cheap module should be enough. Hardware that can do anything is more expensive than hardware which is more specialized to its task; flexibility costs.
Most presenting devices have at least rudimentary pairing between remote and dongle.
Yes, but a lot of projectors also have remote controls, and they're usually not paired. Switching things off mid-presentation is deeply annoying to the presenter.
(I say this because of a presentation I once saw a friend do where his remote would (IIRC) bring up the configuration menu every time he switched page. Funny, but it forced him to switch to manual control.)
But until Google says otherwise, we can't know that this wasn't already the case.
Fortunately, they already have all the data with potential exploits and are reasonably well known for their ability to search for things. Depending on how things are stored, it even might be as simple as doing a first-cut by looking for an unescaped < character.
If you were a real programmer you would have started barfing uncontrollably at the mention of XML :-)
There are worse things out there. There's some really horrible data formats lurking out there, some of which are still being actively promulgated. (Alas, I'm working with one at the moment where the best thing that could be said about the authors of the offending services/data is "You're Doing It Wrong." Beware of astronomers!)
The place I work at was at one point thinking of writing there own database system instead of using MySQL or PostgreSQL, which of course is madness, but would have been very educational for all involved.
Would that have been educational as in "don't do it, you dumbasses!"? (Get the database engine wrong and your data is toast, and often subtly so so you don't find out until far too late.)