Also, you have to pay DOUBLE social-security (which is about 14%), FICA and SDI on a 1099, in addition to submitting quarterlies and paying state and fed. Also, the non-inflation-indexed AMT is going to sneak up and tax the fuck out of the middle class. That's why the budget projections are so rosy, that there wont be a budget deficit. Of course, none of the candidates for prez talk about the AMT nor do they talk about closing the tax loopholes for the rich and tax traps for the working poor. Damn, I better charge more than $40/hr gross and suboutsource my job to India. =)
i worked w/ a metroworks system that could not use operator new( ) nor malloc(size_t) after system init. There was a line of code that would execute, and all memory had to be statically allocated from the master memory pool. We had a Buffer class and different size Buffer's you could alloc from our own BufferManager class, mainly for IP packet and RS-232 packet buffer passing. Strings were statically compiled. AFAIK, the system was fairly stable, and they're weren't generally any memory leaks *grin*.
Shouldn't this be referred to the FTC so they can stop the sale, possibly recall this, and fine the manufacturers? What about stopping the importation of known fradulent products at Customs? I'm sick and tired of obviously fradulent schemes, products, services and ads (even on network TV) no getting pulled and acted on in a reasonable amount of time. The damn Nigerian 4-1-9 scammers operate w/ impuinity and these home loan re-fi , title/mortagage insurance scammers are operating boiler-rooms all over the place. Spam is also at least 30% scams. The FTC, FBI, and DHS are not properly staffed nor have resources to fight all this crap, how the hell are we going to fight terrorism? What the hell is wrong w/ this country!?!?!
SCO, possibly backed by Micro$oft, in a desperate proxy war (much like the Korean War) to destroy the lower-cost competitor will destroy itself under a mountain of litigation and debt. (Before flaming: Not implying that America was wrong to go to war, just a good example.) Is there any anti-trust / RICO laws being violated if it was provably instigated by Microsoft?
Interesting, isnt this an analog to the rBST / Monsanto vs organic "there's no difference BS" ? Monsanto sued an organic farmer for false advertisement because the organic farming claims merely *IMPLY* (!!!) that non-organic milk is less safe/wholesome/etc. So, the organic processors are forced to include the same disclaimer that non-organic mik includes ("there is no scientific evidence..." blah blah, of course there isnt if you dont do an unbiased double-blind study and chemical analysis)
In conclusion, SCO/Microsoft should not cry over spilled milk.
"This just in, Micro$oft buys the world and all intellectual property. Everyone must report to approved processing centers to purchase thought licenses. All creativity henceforth shall be automatically the property of Micro$oft, licensed back to the creator for a small fee."
EAL4 is bullshit... it doesnt include white-box code auditing and it's a standard developed in a vacuum (ISO and NIST are vacuums). I wouldn't trust any standard not evaluated by hackers. I mean, if Windoze can get their highest rating when it has known and unpatched exploits, what does that say about their testing and standards? This test was done using SP3 which doesnt include the RPC fixes; any system based on this will get Blastered almost immediately if it were attached to a public or infected network. Any user process on Win2k can gain Admin using SEH blasting shell code. Win2k and the Win32 API are too complicated to be provably secure. Since it's closed source and not open-source payware (if the source were included on the media), it's possible that bug that could be found (and fixed) by the public are hidden away in an ivory castle. Win2k is so full of redundant, legacy, incongruent, broken and incomplete features, there's no way to ever secure it w/o removing every unnecessary file, doing an extensive audit and unit testing, redoing some of the fundamental mistakes, and adding some security enhancements (remove RPC dependance, NTLM support, netbios; add encrypted memory spaces). Basically, it'd be better off to start from scratch, making an OS bootstrapped from.NET (no C/C++ compiled code). C/C++ coded operating systems are very difficult to make provably secure, no one has done it yet. A pure object-oriented OS (devoid of pointers, compartmentalized kernel, trusted hardware drivers) w/ real security features (much like Java VM) combined w/ hardware locking / keying of memory/disk pages would definitely be much better than the current state of OSes. Additionally, email programs should be REQUIRED to use gpg/pgp. A solid PKI infrastructure based on LDAP w/ Kerberos CA (which has a valid X.509 cert from thawte or verisign) is a DEFINITE must. In the future, P2P shared authentication MIGHT be a possibility.
Once, I had bought the 2nd season of Lexx, and 4 out of 5 discs were totally screwd. Something about the way they pressed them made them corrupt and totally unusable; there were tiny bubbles in the enamel layer that were interferring w/ the diffraction grating (where the data is located).
Embedded systems do this, they have a pool of Buffers and a BufferManager that allows you to do effectively your own memory mangement (and in some cases, static memory management). malloc() and free() are usually really slow, so if you can save 99% of those calls by reusing memory blocks, you can really speed up your programs.
Can they add a feature to detect porn so the chicks in the magazines arent digital airbrush creations? Show off those tats, scars and mutant limbs! Btw, what if you are working on a patterned mask that it decides is too money like? What about art? What about if you need to make some fake money image for a website or raffle or something? Adobe has really gone to the shitter, from what I've heard from insiders.
Messenger and Alerter services are stupid and useless, just as 'wall' is. Maybe they should turn off Remote Registry and administrative (C$, D$, etc) shares too. I wrote a script that can remotely disable all this junk and secure a machine for public network usage. The default XP, 2000, NT configuration is dangerous to use OotB.
Microsoft is 50% more likely to be using FUD than a presidential campaign. GNU/Linux kernel is 33% less likely to steal your personal information and share it w/o asking you. Microsoft is 99% likely to use arbitrary, biased, and intellectually dishonest figures in a FUD campaign to smear the competitors. I'm surprised they haven't waged an ad-hominem attack on Linus et al. and anyone else using *nix systems. It's funny, the Microsoft accounting robs Peter to pay Paul, because you shift budget requirements between license fees and IT staffing, and then they dont mention the added costs of licensing fees. Also, they might assume you need 2 IT people per Linux server instead of 1 on a windows box, when in fact you could end up w/ fewer IT people if you have enterprise-wide, instrumentated server management. BMC and friends make lots and lots of money on server management... example: i know of a case where the state of california paid about $25K / server for windows server management software (incl labor) for about 50 servers, about a $2M project. That doesnt count the client license packs or the server software or the app software or the future IT staffing. From what I heard, it never got finished and it was not ever utilized. Tell me that all the incidental costs of Windows are as much as Linux, on average. Mileage may vary, but trained *nix admins can do alot for very cheap (you only have to pay them, they know what free software to use), otherwise for totally legit setups, you'd be spending upwards of $50K per Windows server vs $20K for a Linux server (not including IT staffing, which would be comparable in most cases). Support costs are around the same, maybe even less w/ Linux because of the ease of installing / upgrading / management due to the exposed programmitic interfaces and wide availability of free tools.
Microsoft should send cars w/ loudhorns to every neighborhood in the world, bleating out: "Microsoft good, *nix bad. You dont want that free system, it would require a speck of intelligence to operate. Use Microsoft, it will give you wings. Be patriotic, use Microsoft; Linux is an evil Communist plot to steal intellectual property!"
Theories of specialization dictates that whomever can do the most for the cheapest (meeting some other constraints) will get the job, even if it means doing less in-house, but you then have a dependance upon a third-pary, increasing risks. The question is, do we want to add "Made, managed, designed, admin'd in USA" ? Protectionism doesn't work, unless you're the fat cat on the block, which China is gonna overtake the US w/in the next decade. The US will be another UK in 10-30 years, because it will have lost the majority of manufacturing jobs (which arent coming back) and low skill jobs are primarily being done by illegals and immigrants. India is a mess, the bubble there is completely unsustainable; their infrastructure sucks and prices are rising meteorically.
I thought that the more connected, efficient and pervasive a global communications system was a sign of progress and intellectual exchange. Are we destined to go back to the BBS days if the internet is gonna suck? In the Dark Ages, isolationism was the name of the game, and look what happened to science. At this point in human existence, we need more sharing of ideas and information rather than less. Learning doesnt work well in a vacuum. Does all human art, achievement, and learning require a ticket for admission? What is the overall quality of free vs pay? Do you really get what you pay for? The MPAA, RIAA, etc. goals seem to be to legitimize their racket upon all human creativity.
The cost to automate code generation must be more than hiring a bunch of indians at $.10/hr. Otherwise, someone would have developed an efficient symbol input system, or maybe the technology to develop such a thing has not yet appeared. In any event, technology should reduce the cost of capital, and the efficiency of designing and manufacturing, and reducing the theoretical min time-to-market (TTM) (time from idea to first deliverable). But, automation allows for greatly reduced flaws (since computers do exactly what they're told to do) and increased harmonization and flexibility. Also, having more people working on a project increases complexity and possibilities for confusion and errors by increasing the number of communication paths (N! paths if their are N people that can talk to each other).
93 Assembly Bill No. 301 CHAPTER 303 An act to amend Section 27602 of the Vehicle Code, relating to vehicles. [Approved by Governor September 4, 2003. Filed with Secretary of State September 5, 2003.] LEGISLATIVE COUNSEL'S DIGEST AB 301, Reyes. Vehicles: video displays. (1) Existing law prohibits any person from driving a motor vehicle that is equipped with a television receiver, screen, or other means of visually receiving a television broadcast, if the device is located in the motor vehicle at any point forward of the back of the driver's seat, or is visible to the driver while operating the motor vehicle. This prohibition does not apply to a mobile digital terminal installed in a law enforcement vehicle. This bill would recast this prohibition and, additionally, would prohibit any person from driving a motor vehicle if a video monitor, or a video screen, or any other, similar means of visually displaying a video signal that produces entertainment or business applications, is operating and is located in the motor vehicle at any point forward of the back of the driver's seat, or is operating and visible to the driver while driving the motor vehicle. This prohibition would not apply to specified equipment or to a motor vehicle providing emergency road service or roadside assistance. Because a violation of this prohibition would be a crime, the bill would establish a state-mandated local program. (2) The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement. This bill would provide that no reimbursement is required by this act for a specified reason. The people of the State of California do enact as follows: SECTION 1. Section 27602 of the Vehicle Code is amended to read: 27602. (a) A person may not drive a motor vehicle if a television receiver, a video monitor, or a television or video screen, or any other, similar means of visually displaying a television broadcast or video signal that produces entertainment or business applications, is operating Ch. 303 --2-- 93 and is located in the motor vehicle at any point forward of the back of the driver's seat, or is operating and visible to the driver while driving the motor vehicle. (b) Subdivision (a) does not apply to the following equipment when installed in a vehicle: (1) A vehicle information display. (2) A global positioning display. (3) A mapping display. (4) A visual display used to enhance or supplement the driver's view forward, behind, or to the sides of a motor vehicle for the purpose of maneuvering the vehicle. (5) A television receiver, video monitor, television or video screen, or any other, similar means of visually displaying a television broadcast or video signal, if that equipment has an interlock device that, when the motor vehicle is driven, disables the equipment for all uses except as a visual display as described in paragraphs (1) to (4), inclusive. (c) Subdivision (a) does not apply to a mobile, digital terminal installed in an authorized emergency vehicle or to a motor vehicle providing emergency road service or roadside assistance. SEC. 2. No reimbursement is required by this act pursuant to Section 6 of Article XIII B of the California Constitution because the only costs that may be incurred by a local agency or school district will be incurred because this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIII B of the California Constitution.
... that means that cops w/ computers in their patrol cars are breaking the law too.... better rip them out and install a secretary in the back seat. Another stupid law created by spineless, ignorant neophytes in Sacramento. I wonder if that means CB radios are outlawed as well, what about delivery people (UPS, FedEx)!??!?!
I think the point of making new laws is to make everyone in volation of some law by contradictions, e.g., simplify political leveraging (extortion) of trouble-makers, and more ways to make lawyers rich.
The real problem is that there is no real debate on laws (because the SIGs/PACs/lobbiests own the politician's ears), and there's no immediate accountability, and there's no review/disposal of outmoded/outdated laws. For example, laws from the 19th century regarding commerce, wagons and livestock ought to be examined w/ a fine-tooth comb.
Fuck this the Politically Correctness bullshit!! If we listened to every whining hippie, we'd have a Disney society of bland, boring, homogenous mediocric neutralness. Take a stand by sitting down and playing GTA. Anyways, this clammoring will help RockStar's stock and GTA sales. Nothing sells like a good controversy. I wonder what RockStar's next game will be, Virtual Porn Star or Drugdealers Inc, maybe Mob Boss - Racket Accounting: The Exciting World of Exhortion? Is it art, entertainment, or both? Art supposedly allows for the rendering and imaginging of things/ideas that are not legal, moral, or even physically possible. Can art go too far? Can games go too far? If s/Hatian/French/g, I bet no one would complain, but then that's silly and P.C.
Correct on that non-networked environment. But what good is that? If you have physical access to a machine, it can be hacked anyways (key loggers, reset button, etc.) We gotta have real, proven security standards not relying completely on security-through-obscurity for our supposedly secure, critical networks. Example: I bet mucho dinero that give the protocol used for encrypting comms and satellite data links, brute-forcing is relatively easy nowadays.... system analysts 10, 20+ years ago did not scale their security to account for increase in computing power. Example, cracking P-channel of GPS is easy.. anyone with sufficient knowedge can get the same as a keyed GPS receiver w/o SA. 32-80 bit keys are common on these protocols, which means that white-box (attack knowing the algorithm in the box) attacks could be optimized (algorithms developed in secret arent always as good or as secure as open ones) to silicon ASICs (custom chips) for fast cracking. You can crack triple DES (3DES, three different keys) in less than a few hours using the right hardware (racks and racks of massive parallel cracking nodes). Worse yet, less secure ancillary systems, protocols and standards are vulnerable to brute-forcing and other newer disruptive technologies and methods.
Holy crap! who'd thunk that network security would be sacrificed on the altar of politics and bureaucracy?
Sounds like a good candidate for whistle-blowing, since the chain-of-command doesnt seem to be working.
Hopefully, someone (you?) will step up to these fools and show them a better way to do things, even if it costs a little more. Paper-pushers dont care about real security; and introducing insecure systems into a secure network is a major security threat Someone's got to do something, because I don't want some operators in Iraq getting killed because some terrorists hacked into siprnet through a random windows xp box running IIS 5.x w/o the lock-down tool. (Granted, that's a contrived, slippery-slope example.)
I guess the problem is that deep, focused, hard science isn't all fun-and-games, and the vast majority of people are just too busy or have a short attention span. If you read this, your attention span is probably longer than most.
In other words... "People are ignorant, dumb and lazy." (But not necessarily sad, grizzled, or apathetic.)
Say "dihydrogen monoxide," and 99% of people's eyes in the world glaze over. C'mon, what fraction of the world's population reads English, has a computer, can connect to the Internet, reads Slashdot, has an understanding of scientific principals, and is formally educated? Maybe.01%? Around ten- to 300 thousand ? What about some depth of scientific knowledge (master's, PhD's), maybe upper limit of one million? Both subgroups, by definition, form the intellectual, aristocratic elite (l337)... they say who gets to learn and who doesn't, who's an expert and who's not. We might as well have the Kansas School Board of Education run the education grant troughs, deciding what science is worthy. But, it seems as every imperfect human endeavor, more often than not, scientific method devolves into posturing and shouting matches rife with emotion and politics. Is it entropy or fate?
P.S.: Remember: The currently understood science is not necessarily complete or correct, just models that are believed to be most correct so far discovered... just look at Cosmology and Quantum Physics. Also, using big jargon words to keep laypersons out of science does a disservice to everyone: don't use "dihydrogen monoxide" when "water" works fine. Also, define a list of simulative definitions (glossary/table/index) if you need to redefine words/abbreviations that are not used in a common way. Try to always use plain, clear (precise, concise, simple, etc.) language so that the maximum number of people can learn. The previous paragraph is an anti-example. If information is power, learning and knowledge will be the trade and currencies of the future.
"Molten Boron; Nobody does it like Molten Boron!"
Why the push for native 64-bit execution?
on
G5 vs Opteron, Finally
·
· Score: 1, Interesting
Next year it will be 128-, 256-, 512-, 1024-bits.... see a trend? Where does it end? And, do people always believe more expensive and bigger numbers (faster clock) is necessarily better?
Is the migration to 64-bit part of the scheme of planned obselecence? Or merely an excuse to fix the 2038 32-bit Unix Y2K problem by a hardware hack? Haven't we learned from the wintel platform that making hardware/software purposely incompatible? M$ft/intel ostensibly maintains backward compatibly, but in truth, Falcon AT is not going to run on native DOS on Athlon64 FX or Pentium EE. Either do code-morphing transmeta style, build an emulator, or break compatibility and design a usable, general-purpose, stable system to last for the foreseeable future and stop changing things!
1) 64-bit chips are vastly more complex, requiring 1 more gate delay for mux/dmux's.
2) Clock skew becomes an even bigger issue, as most of the cpus (excluding ROMs/RAMs/cache/CAM) is dedicated to clock synchronization by area.
3) What does one need w/ 64-bit buses? A 32-bit bus is sufficient, word size can be increased by multiples of 32-bits regardless. A 64-bit signed add/sub can be done in two 32-bit add/subs, it can even be done in parallel using carry prediction and double the hardware, save the carry-out choice. All this extra precision is unnecessary in most cases... it would be better to have an uber-efficient 4 x 8-bit operand parallel CPU that could execute code as if it were microcode. That way, you could do variable precision operations, possibly saving cycles. Otherwise, you'll have that honkin' 64-bit UINT calculated every time you want to increment by one. Let's see.... increment overflow will only take 585000 years at 1 MPS. Darn that off-by-one bug!
Serial busses are potentially faster than any parallel bus, since a serial bus can have embedded clock (manchester, diff manchester, etc.). And the differential serial bus is always nice in the noise-immunitity department.
Change isn't always progress, but an excuse to push product out the door.
"Marketing is the art of trickery and deceit to convince people to buy your product, much like dating and job interviewing."
Nothing new. The US military is gonna use it for all future large vehicles because of the reduced maintence costs and problems. Replaces transmission / drive train w/ wires & electronics.
This patch uses strcpy()/strcat() and 256 char buffers instead of dynamic buffers and strncpy()/strncat() in IETray.cpp.
FOR THE LOVE OF GOD/ALLAH/BUDHA DONT USE strcpy()/strcat()/gets() !!!
These functions ought to be made illegal. This is why buffer overflows exist, because amateur coders generally don't know what they're doing and because they dont grasp the security implications of design decisions. Be warned, users[ESC]bcwidiots herd together.
-- Naive C programming will get you everywhere, it appears, even if you don't have a clue.
"Sounds like someone has a case of the Croynies." Shameless "Office Space" ripoff.
1) It's sorta interesting that Win NT 4.0 w/ SP6a + hotfixes + C2 patch suite can actually attain C2 certification, but that's not very secure. M$ft has since not applied 2k/XP/2k3 for C2 certification. Obviously, this is because of "mission creep" within the OS, "integrating" everything from IE to office to.NET/DCOM/ActiveX/RPC-DCE. Not to mention that there are many other commercial OSes out there that could do the job.
2) BTW, the DoD is soo massive, why didn't they develop their own proprietary kernel / tool suite / dev system (prob using Ada/ASM, i bet) for use in embedded systems and app/transaction servers? A combination of security-through-obscurity and peer-reviewed protcols/standards/algorithms would produce a superior product than allowing a small cadre of gov't geeks to toil away in an ivory tower.
3) The rainbow security books need to be kept reasonably up-to-date to take advantage of newer proven protocols/standards/etc., i.e., 64 bit DES and 3DES are not sufficient, multiple layers of differing security measures on all 7 ISO layers that automatically increase key size over time (future-resistant). Interoperability is good, as long as security is not compromised (e.g., trust-based security system doesnt allow a hacker into everything w/ one password).
4) The DoD needs a real, independent technical project review body that can asses a proposed implementations, and provide cost and technical guidance. (maybe something like this already exists, im not familure w/ the DoD's procurement process).
Maybe I'm too optimistic to assume that anything the government does will either be cost-controlled, intelligent, or not involve croynism. P.S.: My mom worked for the Navy as a civ accountant back in the 70s, she said it was a mess, that they lost track of expensive aircraft parts all the time.
I wonder, I bet I could make buku dinero doing as a DoD IT/IS security consultant. Security is a economically inelastic product... entities will pay $$$$$$$$ for real security, not airport TSA-brand of security.
TSA Agent: "Excuse me ma'am, is your baby a terrorist?" Confused Parent: [Amazed looks] "... Umm, no." TSA Agent: "Alright, but I still have to frisk her to make sure... and you'll have to leave your purse here, it might be an explosive device."
I double-dog, thirty resolution dare them. Bring it; maybe they'll send in UN troops from Zimbabwe to Marina del Rey, CA (33.9803N, 118.4405W). Or maybe they'll RBL everything.us/.com/.net/.org/.gov to europe.... oh wait, that's 99% of the net; passive-agressive seems to be the French way. Or, bring UNSECO in on it, let them make dozens of toothless resolutions: "The UN has become a point-less debating society" that panders to the little Fidel's of the world, along with the finger-pointing and empty threats to the Saddam's. Face it... ICANN (unfortunately, that dirty NGO) rules the net with a copper wire. Cut the cord, and there will be fighting over IPv4 subnet ownership and we'll end up w/ a fragmented internet (pun not intended). Let's just go to IPv6 (and not hand it over completely to big companies), and have a completely free TLD for dynamic dns / hobby kinda stuff, say.alt or something. Let's not give ownership to these dimwit politicians because they ask for it, and let's not allow big companies to create artificially low supply as the case is w/ IPv4 subnets. Stanford, UCB, UCD, etc. dont need a class B, it's completely stupid how every admin and bozo employee has a public, unfirewalled IP.
NOCs... oh, like the one Enron had for petrochem market trading? HAHA. All u need is nmap, snort, ethereal, neotrace pro (runs on wine i think), dshield's log generator, etherape, and nagios (netsaint). Nagios is fucking l337. But a whole solution that integrates CRM (ticket manager) and monitor/response would be nifty w/ a slick interface. Something like neotrace + etherape + DIDS monitoring + nagios would be awesome.
Lol, u can't find wardrivers if they have their transmitters turned off.;)
lmao... red phone... a simple circuit can be used to direct dial a hard line to the boss's office or something. Hell, a VoIP setup should be ez (assuming u have real encryption goin).
BTW, I dont see anywhere to download source for Coyote (www.coyotelinux.com) (Vortech Consulting, www.vortech.net). Isnt that a GPL violation? *Sigh* Yet Another closed-source whoring of modified GPL projects for monetary gain. (YACSWOMGPFMG).
Slashdot Mirror
Also, you have to pay DOUBLE social-security (which is about 14%), FICA and SDI on a 1099, in addition to submitting quarterlies and paying state and fed. Also, the non-inflation-indexed AMT is going to sneak up and tax the fuck out of the middle class. That's why the budget projections are so rosy, that there wont be a budget deficit. Of course, none of the candidates for prez talk about the AMT nor do they talk about closing the tax loopholes for the rich and tax traps for the working poor. Damn, I better charge more than $40/hr gross and suboutsource my job to India. =)
i worked w/ a metroworks system that could not use operator new( ) nor malloc(size_t) after system init. There was a line of code that would execute, and all memory had to be statically allocated from the master memory pool. We had a Buffer class and different size Buffer's you could alloc from our own BufferManager class, mainly for IP packet and RS-232 packet buffer passing. Strings were statically compiled. AFAIK, the system was fairly stable, and they're weren't generally any memory leaks *grin*.
Shouldn't this be referred to the FTC so they can stop the sale, possibly recall this, and fine the manufacturers? What about stopping the importation of known fradulent products at Customs? I'm sick and tired of obviously fradulent schemes, products, services and ads (even on network TV) no getting pulled and acted on in a reasonable amount of time. The damn Nigerian 4-1-9 scammers operate w/ impuinity and these home loan re-fi , title/mortagage insurance scammers are operating boiler-rooms all over the place. Spam is also at least 30% scams. The FTC, FBI, and DHS are not properly staffed nor have resources to fight all this crap, how the hell are we going to fight terrorism? What the hell is wrong w/ this country!?!?!
SCO, possibly backed by Micro$oft, in a desperate proxy war (much like the Korean War) to destroy the lower-cost competitor will destroy itself under a mountain of litigation and debt. (Before flaming: Not implying that America was wrong to go to war, just a good example.) Is there any anti-trust / RICO laws being violated if it was provably instigated by Microsoft?
Interesting, isnt this an analog to the rBST / Monsanto vs organic "there's no difference BS" ? Monsanto sued an organic farmer for false advertisement because the organic farming claims merely *IMPLY* (!!!) that non-organic milk is less safe/wholesome/etc. So, the organic processors are forced to include the same disclaimer that non-organic mik includes ("there is no scientific evidence..." blah blah, of course there isnt if you dont do an unbiased double-blind study and chemical analysis)
In conclusion, SCO/Microsoft should not cry over spilled milk.
"This just in, Micro$oft buys the world and all intellectual property. Everyone must report to approved processing centers to purchase thought licenses. All creativity henceforth shall be automatically the property of Micro$oft, licensed back to the creator for a small fee."
EAL4 is bullshit... it doesnt include white-box code auditing and it's a standard developed in a vacuum (ISO and NIST are vacuums). I wouldn't trust any standard not evaluated by hackers. I mean, if Windoze can get their highest rating when it has known and unpatched exploits, what does that say about their testing and standards? This test was done using SP3 which doesnt include the RPC fixes; any system based on this will get Blastered almost immediately if it were attached to a public or infected network. Any user process on Win2k can gain Admin using SEH blasting shell code. Win2k and the Win32 API are too complicated to be provably secure. Since it's closed source and not open-source payware (if the source were included on the media), it's possible that bug that could be found (and fixed) by the public are hidden away in an ivory castle. Win2k is so full of redundant, legacy, incongruent, broken and incomplete features, there's no way to ever secure it w/o removing every unnecessary file, doing an extensive audit and unit testing, redoing some of the fundamental mistakes, and adding some security enhancements (remove RPC dependance, NTLM support, netbios; add encrypted memory spaces). Basically, it'd be better off to start from scratch, making an OS bootstrapped from .NET (no C/C++ compiled code). C/C++ coded operating systems are very difficult to make provably secure, no one has done it yet. A pure object-oriented OS (devoid of pointers, compartmentalized kernel, trusted hardware drivers) w/ real security features (much like Java VM) combined w/ hardware locking / keying of memory/disk pages would definitely be much better than the current state of OSes. Additionally, email programs should be REQUIRED to use gpg/pgp. A solid PKI infrastructure based on LDAP w/ Kerberos CA (which has a valid X.509 cert from thawte or verisign) is a DEFINITE must. In the future, P2P shared authentication MIGHT be a possibility.
Once, I had bought the 2nd season of Lexx, and 4 out of 5 discs were totally screwd. Something about the way they pressed them made them corrupt and totally unusable; there were tiny bubbles in the enamel layer that were interferring w/ the diffraction grating (where the data is located).
Embedded systems do this, they have a pool of Buffers and a BufferManager that allows you to do effectively your own memory mangement (and in some cases, static memory management). malloc() and free() are usually really slow, so if you can save 99% of those calls by reusing memory blocks, you can really speed up your programs.
Can they add a feature to detect porn so the chicks in the magazines arent digital airbrush creations? Show off those tats, scars and mutant limbs! Btw, what if you are working on a patterned mask that it decides is too money like? What about art? What about if you need to make some fake money image for a website or raffle or something? Adobe has really gone to the shitter, from what I've heard from insiders.
Messenger and Alerter services are stupid and useless, just as 'wall' is. Maybe they should turn off Remote Registry and administrative (C$, D$, etc) shares too. I wrote a script that can remotely disable all this junk and secure a machine for public network usage. The default XP, 2000, NT configuration is dangerous to use OotB.
Microsoft is 50% more likely to be using FUD than a presidential campaign. GNU/Linux kernel is 33% less likely to steal your personal information and share it w/o asking you. Microsoft is 99% likely to use arbitrary, biased, and intellectually dishonest figures in a FUD campaign to smear the competitors. I'm surprised they haven't waged an ad-hominem attack on Linus et al. and anyone else using *nix systems. It's funny, the Microsoft accounting robs Peter to pay Paul, because you shift budget requirements between license fees and IT staffing, and then they dont mention the added costs of licensing fees. Also, they might assume you need 2 IT people per Linux server instead of 1 on a windows box, when in fact you could end up w/ fewer IT people if you have enterprise-wide, instrumentated server management. BMC and friends make lots and lots of money on server management... example: i know of a case where the state of california paid about $25K / server for windows server management software (incl labor) for about 50 servers, about a $2M project. That doesnt count the client license packs or the server software or the app software or the future IT staffing. From what I heard, it never got finished and it was not ever utilized. Tell me that all the incidental costs of Windows are as much as Linux, on average. Mileage may vary, but trained *nix admins can do alot for very cheap (you only have to pay them, they know what free software to use), otherwise for totally legit setups, you'd be spending upwards of $50K per Windows server vs $20K for a Linux server (not including IT staffing, which would be comparable in most cases). Support costs are around the same, maybe even less w/ Linux because of the ease of installing / upgrading / management due to the exposed programmitic interfaces and wide availability of free tools.
Microsoft should send cars w/ loudhorns to every neighborhood in the world, bleating out:
"Microsoft good, *nix bad. You dont want that free system, it would require a speck of intelligence to operate. Use Microsoft, it will give you wings. Be patriotic, use Microsoft; Linux is an evil Communist plot to steal intellectual property!"
Theories of specialization dictates that whomever can do the most for the cheapest (meeting some other constraints) will get the job, even if it means doing less in-house, but you then have a dependance upon a third-pary, increasing risks. The question is, do we want to add "Made, managed, designed, admin'd in USA" ? Protectionism doesn't work, unless you're the fat cat on the block, which China is gonna overtake the US w/in the next decade. The US will be another UK in 10-30 years, because it will have lost the majority of manufacturing jobs (which arent coming back) and low skill jobs are primarily being done by illegals and immigrants. India is a mess, the bubble there is completely unsustainable; their infrastructure sucks and prices are rising meteorically.
They can speak, and I can run them over w/ my tank. =P
I thought that the more connected, efficient and pervasive a global communications system was a sign of progress and intellectual exchange. Are we destined to go back to the BBS days if the internet is gonna suck? In the Dark Ages, isolationism was the name of the game, and look what happened to science. At this point in human existence, we need more sharing of ideas and information rather than less. Learning doesnt work well in a vacuum. Does all human art, achievement, and learning require a ticket for admission? What is the overall quality of free vs pay? Do you really get what you pay for? The MPAA, RIAA, etc. goals seem to be to legitimize their racket upon all human creativity.
The cost to automate code generation must be more than hiring a bunch of indians at $.10/hr. Otherwise, someone would have developed an efficient symbol input system, or maybe the technology to develop such a thing has not yet appeared. In any event, technology should reduce the cost of capital, and the efficiency of designing and manufacturing, and reducing the theoretical min time-to-market (TTM) (time from idea to first deliverable). But, automation allows for greatly reduced flaws (since computers do exactly what they're told to do) and increased harmonization and flexibility. Also, having more people working on a project increases complexity and possibilities for confusion and errors by increasing the number of communication paths (N! paths if their are N people that can talk to each other).
... that means that cops w/ computers in their patrol cars are breaking the law too.... better rip them out and install a secretary in the back seat. Another stupid law created by spineless, ignorant neophytes in Sacramento. I wonder if that means CB radios are outlawed as well, what about delivery people (UPS, FedEx)!??!?!
I think the point of making new laws is to make everyone in volation of some law by contradictions, e.g., simplify political leveraging (extortion) of trouble-makers, and more ways to make lawyers rich.
The real problem is that there is no real debate on laws (because the SIGs/PACs/lobbiests own the politician's ears), and there's no immediate accountability, and there's no review/disposal of outmoded/outdated laws. For example, laws from the 19th century regarding commerce, wagons and livestock ought to be examined w/ a fine-tooth comb.
Fuck this the Politically Correctness bullshit!! If we listened to every whining hippie, we'd have a Disney society of bland, boring, homogenous mediocric neutralness. Take a stand by sitting down and playing GTA. Anyways, this clammoring will help RockStar's stock and GTA sales. Nothing sells like a good controversy. I wonder what RockStar's next game will be, Virtual Porn Star or Drugdealers Inc, maybe Mob Boss - Racket Accounting: The Exciting World of Exhortion? Is it art, entertainment, or both? Art supposedly allows for the rendering and imaginging of things/ideas that are not legal, moral, or even physically possible. Can art go too far? Can games go too far? If s/Hatian/French/g, I bet no one would complain, but then that's silly and P.C.
These P.C. fuckers need to get overthemselves!
Correct on that non-networked environment. But what good is that? If you have physical access to a machine, it can be hacked anyways (key loggers, reset button, etc.) We gotta have real, proven security standards not relying completely on security-through-obscurity for our supposedly secure, critical networks. Example: I bet mucho dinero that give the protocol used for encrypting comms and satellite data links, brute-forcing is relatively easy nowadays.... system analysts 10, 20+ years ago did not scale their security to account for increase in computing power. Example, cracking P-channel of GPS is easy.. anyone with sufficient knowedge can get the same as a keyed GPS receiver w/o SA. 32-80 bit keys are common on these protocols, which means that white-box (attack knowing the algorithm in the box) attacks could be optimized (algorithms developed in secret arent always as good or as secure as open ones) to silicon ASICs (custom chips) for fast cracking. You can crack triple DES (3DES, three different keys) in less than a few hours using the right hardware (racks and racks of massive parallel cracking nodes). Worse yet, less secure ancillary systems, protocols and standards are vulnerable to brute-forcing and other newer disruptive technologies and methods.
Holy crap! who'd thunk that network security would be sacrificed on the altar of politics and bureaucracy?
Sounds like a good candidate for whistle-blowing, since the chain-of-command doesnt seem to be working.
Hopefully, someone (you?) will step up to these fools and show them a better way to do things, even if it costs a little more. Paper-pushers dont care about real security; and introducing insecure systems into a secure network is a major security threat Someone's got to do something, because I don't want some operators in Iraq getting killed because some terrorists hacked into siprnet through a random windows xp box running IIS 5.x w/o the lock-down tool. (Granted, that's a contrived, slippery-slope example.)
I guess the problem is that deep, focused, hard science isn't all fun-and-games, and the vast majority of people are just too busy or have a short attention span. If you read this, your attention span is probably longer than most.
.01%? Around ten- to 300 thousand ? What about some depth of scientific knowledge (master's, PhD's), maybe upper limit of one million? Both subgroups, by definition, form the intellectual, aristocratic elite (l337)... they say who gets to learn and who doesn't, who's an expert and who's not. We might as well have the Kansas School Board of Education run the education grant troughs, deciding what science is worthy. But, it seems as every imperfect human endeavor, more often than not, scientific method devolves into posturing and shouting matches rife with emotion and politics. Is it entropy or fate?
In other words... "People are ignorant, dumb and lazy." (But not necessarily sad, grizzled, or apathetic.)
Say "dihydrogen monoxide," and 99% of people's eyes in the world glaze over. C'mon, what fraction of the world's population reads English, has a computer, can connect to the Internet, reads Slashdot, has an understanding of scientific principals, and is formally educated? Maybe
P.S.: Remember: The currently understood science is not necessarily complete or correct, just models that are believed to be most correct so far discovered... just look at Cosmology and Quantum Physics. Also, using big jargon words to keep laypersons out of science does a disservice to everyone: don't use "dihydrogen monoxide" when "water" works fine. Also, define a list of simulative definitions (glossary/table/index) if you need to redefine words/abbreviations that are not used in a common way. Try to always use plain, clear (precise, concise, simple, etc.) language so that the maximum number of people can learn. The previous paragraph is an anti-example. If information is power, learning and knowledge will be the trade and currencies of the future.
"Molten Boron; Nobody does it like Molten Boron!"
Next year it will be 128-, 256-, 512-, 1024-bits.... see a trend? Where does it end? And, do people always believe more expensive and bigger numbers (faster clock) is necessarily better?
Is the migration to 64-bit part of the scheme of planned obselecence? Or merely an excuse to fix the 2038 32-bit Unix Y2K problem by a hardware hack? Haven't we learned from the wintel platform that making hardware/software purposely incompatible? M$ft/intel ostensibly maintains backward compatibly, but in truth, Falcon AT is not going to run on native DOS on Athlon64 FX or Pentium EE. Either do code-morphing transmeta style, build an emulator, or break compatibility and design a usable, general-purpose, stable system to last for the foreseeable future and stop changing things!
1) 64-bit chips are vastly more complex, requiring 1 more gate delay for mux/dmux's.
2) Clock skew becomes an even bigger issue, as most of the cpus (excluding ROMs/RAMs/cache/CAM) is dedicated to clock synchronization by area.
3) What does one need w/ 64-bit buses? A 32-bit bus is sufficient, word size can be increased by multiples of 32-bits regardless. A 64-bit signed add/sub can be done in two 32-bit add/subs, it can even be done in parallel using carry prediction and double the hardware, save the carry-out choice. All this extra precision is unnecessary in most cases... it would be better to have an uber-efficient 4 x 8-bit operand parallel CPU that could execute code as if it were microcode. That way, you could do variable precision operations, possibly saving cycles. Otherwise, you'll have that honkin' 64-bit UINT calculated every time you want to increment by one. Let's see.... increment overflow will only take 585000 years at 1 MPS. Darn that off-by-one bug!
4,5,...) Pipeline stall cycle length (deeper pipelines), more complex functional units, larger footprint, cycle efficiency, etc/etc.
Serial busses are potentially faster than any parallel bus, since a serial bus can have embedded clock (manchester, diff manchester, etc.). And the differential serial bus is always nice in the noise-immunitity department.
Change isn't always progress, but an excuse to push product out the door.
"Marketing is the art of trickery and deceit to convince people to buy your product, much like dating and job interviewing."
Nothing new. The US military is gonna use it for all future large vehicles because of the reduced maintence costs and problems. Replaces transmission / drive train w/ wires & electronics.
This patch uses strcpy()/strcat() and 256 char buffers instead of dynamic buffers and strncpy()/strncat() in IETray.cpp.
FOR THE LOVE OF GOD/ALLAH/BUDHA DONT USE strcpy()/strcat()/gets() !!!
These functions ought to be made illegal. This is why buffer overflows exist, because amateur coders generally don't know what they're doing and because they dont grasp the security implications of design decisions. Be warned, users[ESC]bcwidiots herd together.
-- Naive C programming will get you everywhere, it appears, even if you don't have a clue.
"Sounds like someone has a case of the Croynies."
.NET/DCOM/ActiveX/RPC-DCE. Not to mention that there are many other commercial OSes out there that could do the job.
Shameless "Office Space" ripoff.
1) It's sorta interesting that Win NT 4.0 w/ SP6a + hotfixes + C2 patch suite can actually attain C2 certification, but that's not very secure. M$ft has since not applied 2k/XP/2k3 for C2 certification. Obviously, this is because of "mission creep" within the OS, "integrating" everything from IE to office to
2) BTW, the DoD is soo massive, why didn't they develop their own proprietary kernel / tool suite / dev system (prob using Ada/ASM, i bet) for use in embedded systems and app/transaction servers? A combination of security-through-obscurity and peer-reviewed protcols/standards/algorithms would produce a superior product than allowing a small cadre of gov't geeks to toil away in an ivory tower.
3) The rainbow security books need to be kept reasonably up-to-date to take advantage of newer proven protocols/standards/etc., i.e., 64 bit DES and 3DES are not sufficient, multiple layers of differing security measures on all 7 ISO layers that automatically increase key size over time (future-resistant). Interoperability is good, as long as security is not compromised (e.g., trust-based security system doesnt allow a hacker into everything w/ one password).
4) The DoD needs a real, independent technical project review body that can asses a proposed implementations, and provide cost and technical guidance. (maybe something like this already exists, im not familure w/ the DoD's procurement process).
Maybe I'm too optimistic to assume that anything the government does will either be cost-controlled, intelligent, or not involve croynism. P.S.: My mom worked for the Navy as a civ accountant back in the 70s, she said it was a mess, that they lost track of expensive aircraft parts all the time.
I wonder, I bet I could make buku dinero doing as a DoD IT/IS security consultant. Security is a economically inelastic product... entities will pay $$$$$$$$ for real security, not airport TSA-brand of security.
TSA Agent: "Excuse me ma'am, is your baby a terrorist?"
Confused Parent: [Amazed looks] "... Umm, no."
TSA Agent: "Alright, but I still have to frisk her to make sure... and you'll have to leave your purse here, it might be an explosive device."
I double-dog, thirty resolution dare them. Bring it; maybe they'll send in UN troops from Zimbabwe to Marina del Rey, CA (33.9803N, 118.4405W). Or maybe they'll RBL everything .us/.com/.net/.org/.gov to europe.... oh wait, that's 99% of the net; passive-agressive seems to be the French way. Or, bring UNSECO in on it, let them make dozens of toothless resolutions: "The UN has become a point-less debating society" that panders to the little Fidel's of the world, along with the finger-pointing and empty threats to the Saddam's. Face it... ICANN (unfortunately, that dirty NGO) rules the net with a copper wire. Cut the cord, and there will be fighting over IPv4 subnet ownership and we'll end up w/ a fragmented internet (pun not intended). Let's just go to IPv6 (and not hand it over completely to big companies), and have a completely free TLD for dynamic dns / hobby kinda stuff, say .alt or something. Let's not give ownership to these dimwit politicians because they ask for it, and let's not allow big companies to create artificially low supply as the case is w/ IPv4 subnets. Stanford, UCB, UCD, etc. dont need a class B, it's completely stupid how every admin and bozo employee has a public, unfirewalled IP.
NOCs... oh, like the one Enron had for petrochem market trading? HAHA. All u need is nmap, snort, ethereal, neotrace pro (runs on wine i think), dshield's log generator, etherape, and nagios (netsaint). Nagios is fucking l337. But a whole solution that integrates CRM (ticket manager) and monitor/response would be nifty w/ a slick interface. Something like neotrace + etherape + DIDS monitoring + nagios would be awesome.
;)
Lol, u can't find wardrivers if they have their transmitters turned off.
lmao... red phone... a simple circuit can be used to direct dial a hard line to the boss's office or something. Hell, a VoIP setup should be ez (assuming u have real encryption goin).
BTW, I dont see anywhere to download source for Coyote (www.coyotelinux.com) (Vortech Consulting, www.vortech.net). Isnt that a GPL violation? *Sigh* Yet Another closed-source whoring of modified GPL projects for monetary gain. (YACSWOMGPFMG).