Why shouldn't municipal governments provide wi-fi?
Maybe they should, maybe they shouldn't. I don't have a strong opinion, but here's some arguments why not:
1. It provides a service to the upper class, supported by everyone. Props to the A.C. who stated this before me and provided a fuller explaination. 2. Governments are notorious for not being efficient. They may not be getting the best deal for the consumers, and because it effectively creates a monopoly (it's hard to compete with a government agency), there's no one competing to drive the actual cost down. The consumers still pay for it, just in the form of taxes. 3. It discourages future development and installation of technology. Let's say the next generation of technology comes out that's a big advancement. Private companies will have no incentive to deploy it, because they know that if it gets popular enough, the municiple government will destroy their market. Without private companies deploying technology, chances are it won't get popular enough for mass uptake, meaning that the governments won't put it out because there's not demand for it. Thus slowing techology growth.
is there some part of the US, Canadian or any other Constitution that I'm unaware of which guarantees "profit and unending dividends for all [businesses]"?
Many states do have laws against state institutions competing with private businesses because of the reasons in number three above. Private enterprise generates a very large amount of money and develops the new techknologies. Protecting that protects the tax income that both bring.
I recently discovered that Acquisition (a popular Mac OS X gnutella client) is using GPLed Limewire code.
[flamebait mod, here I come]
I'm sorry, but given that the majority of gnutella users (yes, I know there's exceptions, so spare me the tales of Linux ISOs, music that's been released for sharing, and fansubs that the owners look the other way on) are using it to trample over the rights and desires of the people that created music, movies, and software, I doubt they're going to be shedding too many tears over the rights and permissions of GPL software developers. The developer's website makes it pretty clear that its intent is to download music illegally. Develop software that caters to people that want to get around intellectual property rights, get users that don't care about intellectual property rights.
The most obvious place it's mentioned is the fine print of the "About" box.
I doubt most of the people using the software care if it contains GPL code, BSD code, or Superman's DNA, just so long as they can get their free mp3s. If they found a registration key for Acquisition, I'm sure they'd use it without caring how it affected the author. After all, they deserve whatever they want.
An example of Apple's attitude is the fact that they do everything they can to force their iPod patch [that exists to break Real's DRM interoperability] onto OS X systems. No matter how many times you mark it as "remove from list of updates" it magically reappears on the list the next time you run software update. That kind of idiocy has no place on my production servers.
So any sites saying "best viewed with..." are run by idiots
Some of the web work I've done looks better in Moz or Safari because they have better support of CSS. I spent quite a bit of time making my main template appear nearly identical in IE 5, IE 6, IE for MacOS, Safari, Moz/FF, Opera, and recent versions of Konq. But it looks a little better on browsers that fully support CSS. The content's no different and it's all easily accessable, but it's a little better organized. It also works equally well on small large displays, font sizes, and text to speach adapters, although I do get dinged on the accessibility checks because I don't put alt tags on the four images that are on the page exclusively for visual flair.
Unless every browser is built on the exact same rendering system, content will appear slightly different between them. Naturally, it will look "best" on the browser favoured by the development team.
That said, you won't find any "best viewed in" strings on my site.
People liked it the last time I posted it here, so here it is again. Visual Guide to installing RealPlayer - a step by step guide to turning off every annoying feature of RealPlayer. Yes, it takes a minute to do, but so does configuring QuickTime. It refers to the Windows version but is very close to the other versions as well.
rather than pay licence payers money (ie MY money) to Real for every seat they need to licence.
Real Server licenses can be bought for unlimited users on a perpetual basis for not a lot of money (tm) and was prolly done by the BBC at least half a decade ago. The only thing they'd be paying at this point would be the yearly support contract, which I believe would come out to something around 0.0005 pence per licence payer money (ie YOUR money). Not a whole lot of money.
Perhaps some guy just left his WiFi open, and a neighbors infected laptop has latched on to it (I've seen this happen). Would the Open WiFi guy be the ISP in this scenario?
So is your argument that people who leave open WiFi acess points available to the random public bear no responsibility for the actions taken using them? I love wireless access without any kind of authentication, but the fact is that there's enough jerks out there to ruin it for everyone. Let's say someone uses a random access point (and a spoofed MAC address) to e-mail threats to the president (or whatever). The taxpayers now get to pay for the subsequent investigation that will likely yield nothing useful. Is there no culpability for the AP owner? Granted, the AP manufacturers need to step up to the plate and make security part of their process.
I moved off of any official ICQ application because the little add window made that damn IE click noise every time it changed the ad. I was willing to put up with the ads - AOL was providing a service to me, but I tend to keep five or six ICQ windows open at a time, leading the a chorus of clicking noises. I tried deleting the sound file that appeared to be the one they were using it to no avail.
I'm one of those snobs who doesn't watch TV so I don't know if this is the case, but sometimes painful pushes are necessary to advance the general public. I imagine there was widespread discontent when horses were banned from many motorways, for example. People who had invested in the concept of a DC powergrid were prolly unhappy when AC was standardized.
the same arguments against gay rights based on choice also negate civil rights based on religion
You'll find that many of the most vocal opponents of gay rights aren't all that interested in freedom of religion either (so long as they're on top). The same religious views that make them so sure that gays are going straight to hell also make them want to convert people to the "one true way"(tm) through whatever means necessary.
If they're using realtime streaming to show short pre-recorded clips that could easily fit in a RAM buffer, then they deserve ridicule for doing it
I work in streaming media - my average file is around 80 minutes long. The files range from around 180-500MB. Is that a good enough use for you?
Real deserves ridicule for encouraging it.
I don't believe that any of the Real manuals that I've read include encouragement to show short clips via streaming.
It's another example of rights holders crippling their own damn product in a hopeless attempt to prevent you from downloading it and showing it to your friends.
So? The general public has shown itself to be inherently untrustworthy when it comes to digital media. Content costs money to create. There has to be some way to recoup that money.
Could you be a little more specific? I stream terabytes of data with Real without much of a problem. The client has finally been cleared out of all of the crud - if you want a step by step guide you can read mine here and the server's finally stablized to the point that they run for months without restarting the server application.
At least the original RealAudio wasn't nearly as bad, but it still consumed a lot of RAM and CPU cycles on my 68040.
A 225K stream in the current version of RealPlayer takes up 7-15% of my 2.0GHz Pentium-4M that I just tested it on.
Having worked with or investigated the three common streaming mediums, I think that Real offers the best quality for things such as Powerpoint presentations or capturing writing on a document camera. For larger (640x480) movies, I've found that QuickTime with Sorenson 3 seems a little better. However, QuickTime for Windows can be tremendously unstable and generally brings Windows down with it as well. It's also much harder than Real to get working on the client end.
Windows Media has never impressed me much - it's a variant of MPEG4 without much going for it other than the fact it's free. When Comedy Central went from Real to Windows Media, I noticed a drop in quality, even though they went up in bandwidth.
As far as what's being done with streaming media, I use the streaming legal music services (alternate between Napster and Real Rhapsody) and am happy with them - I've got more than enough bandwidth to use them at work and they let me listen to the stuff I don't like enough to buy but want to hear every now and then. It's helping improve education - many of the students I work for enjoy being able to review the lectures after the fact. It means we can place movies online for them to watch without them having to go to the library to watch a physical copy (that someone else may have already checked out).
what's it called when a non-customer (who you have no legal relationship with) does something you don't like
If the contract included all OSDL employees, whether or not they were actively using BK, then he was very much in fact a customer, just one that didn't happen to use the software. If he really wanted to work on the project, he could have left OSDL and everything prolly would have been fine. Do you think Microsoft would let one of their contractors work on Samba, even if their desk job had nothing to do with CIFS?
...and the nature of that special arrangement was ethically problematic, IMO, on both sides.
From everything I've read, Linus is a pragmatic open source developer. He used the GPL because he felt it was the best way to create the software he wanted, not because of any great desire to make software free, in beer or action. Perhaps the contact was problematic, but that should have been worked out ahead of time. If Linus et al didn't add some kind of graceful closesure clause, there's not too much leway to complain. Beware of Greeks bearing gifts - there's little that's free in the commercial world. They knew what they were getting into and decided it was still worth it.
If people really had that big of a problem with BK, they were free to fork the kernel. Did anyone [notable] do so?
McVoy pretty much illustrated the inherent dangers of not being Open Source
Most PHB types could care less about whether something is Open Source or not. There's even a good chance it's something that they're biased against. The situation came about because of a special arrangement that was made with Linus - this isn't a representative sample of how a commercial customer would be treated.
Worse yet, we've illustrated that here's someone who's willing to do just that...yank his product from under a high profile project.
It's called basic contract law. A customer violates your contract, you take steps against them. It may not be what most companies want to be on the receiving end of, but it's not something that's easily defined (excepting Open Source fanatics and the trolls at The Register) as unethical.
there is no way to keep your code secure because you have to distribute it (in binary form) for anybody to be able to use it.
Really? I could have sworn that I wrote web applications that are usable without the users ever having the binaries.
Anyway, be a nice little AC and disassemble IE for me. Then show me the code for the CSS interpreter, highlighting each boundry check for me. Should be trivial, right?
Which I did point out. If you're really bored, you can look at my posting history and see that I'm a dedicated open source user and have been so for quite a while. But I chafe at absolutist statements that make the open source community look like the stereotype put forth by the article in question.
you think that is better to wait until some evil dude with time on his hands to decompile your program and discover the problems
Decompiling some little program is one thing, decompiling and understanding IE, IIS, or the Windows Kernel is a non-trivial task. Most of the attacks on IE have been created by using a little brain power to think of where buffers were used and attacking them. Recall the testing on Mozilla/Firefox where intentionally garbage HTML was thrown at them to see if it would break it. It found plenty of problems with no disassembly needed.
Do you really think that something like this or this could easily be found by decompiling?
The more secrets you have in your design, more points of failure in your security system.
Um... no. Openness only benefits security if there's substantial improvement from disclosing it and the implications of what black hats can create using it doesn't outway the benefits.
I use an algorithm to produce pseudo-random but rememberable passwords. I could disclose that to the general public, who could point out potential problems with it (it is pseudo-random, so obviously there are flaws), but that would greatly increase the chances that someone could use that knowledge to greatly speed up forcing my passwords. As it happens, I'm a smart enough guy to know that my passwords are "good enough" for my purposes. Secrecy enhances my security in this case.
My car has one out of X possible Ford key sets. Which one it uses is a secret, because it's kept secure by the fact that it's impractical to try each of the possibilities to break into my car. If I got rid of the secret and published which specific key it was, it would greatly ease the difficulty of stealing my car.
The NSA has encryption algorithms that are very much secrets. I'd put good money on them being harder to crack than the published algorithms. Shall I go on?
As for staying on top of the patches MS is no diferent, an unpatched windows cannot survive much in the wild.
True. But there's been relatively few MS kernel patches released to fix security issues. Most of what they patch are things on top of the kernel layer. Linux has many little fixes in each kernel release. Here in the real world, we have pressures from the management to have X% uptime. We have applications that are only certified against specific kernels from vendors that will refuse to support us if we upgrade the kernel. We have systems that are owned by people who won't upgrade every time a new kernel comes out. Not to mention the fact that you run the risk of encountering problems if you're running bleeding edge kernel releases. So you have to straddle the line between reliability and knowing that there's a couple potential escalation of priviledge issues lurking in it.
Neither approach is absolutely the best. Choose the one with the consequences you can handle. But I guarantee that you would have a harder time finding flaws in well written, complex software without the source than you would with it.
No, security by obscurity provides a fairly good amount of security assuming you can keep your code secure. The benefit of open source is that you [hopefully] write better code and/or have better testing that eliminates that major security problems before it goes into production. There's been a bunch of escalation of priviledge flaws discovered in Linux in the past few months that use obscure race conditions and the like. Those would have been extremely unlikely to have been found without the source code. Read the detailed changelogs of the kernel updates - there's tons of little security flaws fixed all the time.
It's a tossup - Open source finds and fixes the little tiny bugs but you have to stay on top of the patches.
It works like this. Everybody is evaluated in terms of academic performance after then 10th grade. Anybody with a GPA of 3.0 and higher can move on further.
Ever hear of grade inflation? I'd be willing to bet that you'd find that wealthier areas would tend to have disproportionately high QCAs. Keep a rich person's parent from going onto 10th grade, and daddy calls his buddy on the school board and all of a sudden you [the teacher] don't have a job any more. After all, little Johnny is just too busy with all of his extracuricular activities that the ivy league schools want to see to pay attention to your class.
Further, the system you describe institutionalizes poverty and failure. The kids most likely to do well are the ones who have supportive parents and stable home lives. The children of parents who have to work two minimum wage jobs to get by are likely to do worse than the children of engineers who can either help them with homework or hire tutors, let alone children of drug addicts or the like. So the worse off kids are denied the opportunity to better themselves and go on to have kids that suffer the same problems. It also favours schools in metropolitan areas that offer many honors and AP level classes (which are factored higher in GPAs than normal classes - honors A == 4.5 and AP A == 5), while many rural schools can't offer those classes simply due to smaller budgets and class sizes.
The US education system certainly has many problems, but what you advocate would make them worse, not better.
coercing people to pay for something that they can currently get for free is exactly the antithesis of everything the open-source community stands for.
Which open source community do you claim to represent? The people that use open source only because it's "free" (as in beer)? Or the ones that believe in access to the code that's important, and happily pay for the development costs because they know that programmers have to eat too? Richard Stallman has repeatedly said that selling software is fine, so long as the source is open.
That might actually be a fantastic idea, it would be fantastic to use the MAC to seed the WEP keys.
The MAC address sits outside of part that's encrypted, so it doesn't really work for that. Fire up a copy of tcpdump, snort, or etherial and look at some packets coming across a wireless connection. They're trivial to find out and trivial to spoof.
Re:live performances vs. commercial product
on
EZTree Shuts Down
·
· Score: 2, Insightful
It's a tricky question at the minute that combines several fields of law. Recently (IIRC) there was a ruling that stated that the current US laws against bootlegs were unconstitutional, not because the idea was unsound, but specifically because it gave a perpetual time period, in violation of Section 8 clause 8 of the constitution. That states:
To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
So that law may be rewritten and come back.
The other legal issue is whether or not someone has the right to tape a concert. Most of the bands on btree specifically allowed and encouraged taping. However, there is no inherent right to record a performance, so someone making the tape could be sued for doing so if there was no permission. Whether that tape could be distributed after the fact is another question entirely, which I don't know the answer to.
I think that people with more money generally have less free time than people with less money. This is because they tend to work more.
Sometimes. But the fact that they have more money to begin with means that they can skip out on work for a week if they want a whole lot easier than someone that's just barely getting by. And better jobs tend to provide more vacation time, at least in.us.
Otherwise the tendancy exists that jurors become biased by media coverage.
Even if everyone played nice and didn't publish any information, the fact that so many people are interested in the case means that there are no completely unbiased people. Obviously, a large number of people are interested in the case and are talking about it, which leads to gossip. When you add in Nth generation heresay from the people who attended the trial, then all kinds of disinformation gets created and spread. At least in an open press situation you get multiple first person accounts of different biases to use to construct the big picture.
Slashdot Mirror
Why shouldn't municipal governments provide wi-fi?
Maybe they should, maybe they shouldn't. I don't have a strong opinion, but here's some arguments why not:
1. It provides a service to the upper class, supported by everyone. Props to the A.C. who stated this before me and provided a fuller explaination.
2. Governments are notorious for not being efficient. They may not be getting the best deal for the consumers, and because it effectively creates a monopoly (it's hard to compete with a government agency), there's no one competing to drive the actual cost down. The consumers still pay for it, just in the form of taxes.
3. It discourages future development and installation of technology. Let's say the next generation of technology comes out that's a big advancement. Private companies will have no incentive to deploy it, because they know that if it gets popular enough, the municiple government will destroy their market. Without private companies deploying technology, chances are it won't get popular enough for mass uptake, meaning that the governments won't put it out because there's not demand for it. Thus slowing techology growth.
is there some part of the US, Canadian or any other Constitution that I'm unaware of which guarantees "profit and unending dividends for all [businesses]"?
Many states do have laws against state institutions competing with private businesses because of the reasons in number three above. Private enterprise generates a very large amount of money and develops the new techknologies. Protecting that protects the tax income that both bring.
I recently discovered that Acquisition (a popular Mac OS X gnutella client) is using GPLed Limewire code.
[flamebait mod, here I come]
I'm sorry, but given that the majority of gnutella users (yes, I know there's exceptions, so spare me the tales of Linux ISOs, music that's been released for sharing, and fansubs that the owners look the other way on) are using it to trample over the rights and desires of the people that created music, movies, and software, I doubt they're going to be shedding too many tears over the rights and permissions of GPL software developers. The developer's website makes it pretty clear that its intent is to download music illegally. Develop software that caters to people that want to get around intellectual property rights, get users that don't care about intellectual property rights.
The most obvious place it's mentioned is the fine print of the "About" box.
I doubt most of the people using the software care if it contains GPL code, BSD code, or Superman's DNA, just so long as they can get their free mp3s. If they found a registration key for Acquisition, I'm sure they'd use it without caring how it affected the author. After all, they deserve whatever they want.
An example of Apple's attitude is the fact that they do everything they can to force their iPod patch [that exists to break Real's DRM interoperability] onto OS X systems. No matter how many times you mark it as "remove from list of updates" it magically reappears on the list the next time you run software update. That kind of idiocy has no place on my production servers.
So any sites saying "best viewed with..." are run by idiots
Some of the web work I've done looks better in Moz or Safari because they have better support of CSS. I spent quite a bit of time making my main template appear nearly identical in IE 5, IE 6, IE for MacOS, Safari, Moz/FF, Opera, and recent versions of Konq. But it looks a little better on browsers that fully support CSS. The content's no different and it's all easily accessable, but it's a little better organized. It also works equally well on small large displays, font sizes, and text to speach adapters, although I do get dinged on the accessibility checks because I don't put alt tags on the four images that are on the page exclusively for visual flair.
Unless every browser is built on the exact same rendering system, content will appear slightly different between them. Naturally, it will look "best" on the browser favoured by the development team.
That said, you won't find any "best viewed in" strings on my site.
People liked it the last time I posted it here, so here it is again. Visual Guide to installing RealPlayer - a step by step guide to turning off every annoying feature of RealPlayer. Yes, it takes a minute to do, but so does configuring QuickTime. It refers to the Windows version but is very close to the other versions as well.
rather than pay licence payers money (ie MY money) to Real for every seat they need to licence.
Real Server licenses can be bought for unlimited users on a perpetual basis for not a lot of money (tm) and was prolly done by the BBC at least half a decade ago. The only thing they'd be paying at this point would be the yearly support contract, which I believe would come out to something around 0.0005 pence per licence payer money (ie YOUR money). Not a whole lot of money.
Perhaps some guy just left his WiFi open, and a neighbors infected laptop has latched on to it (I've seen this happen). Would the Open WiFi guy be the ISP in this scenario?
So is your argument that people who leave open WiFi acess points available to the random public bear no responsibility for the actions taken using them? I love wireless access without any kind of authentication, but the fact is that there's enough jerks out there to ruin it for everyone. Let's say someone uses a random access point (and a spoofed MAC address) to e-mail threats to the president (or whatever). The taxpayers now get to pay for the subsequent investigation that will likely yield nothing useful. Is there no culpability for the AP owner? Granted, the AP manufacturers need to step up to the plate and make security part of their process.
I moved off of any official ICQ application because the little add window made that damn IE click noise every time it changed the ad. I was willing to put up with the ads - AOL was providing a service to me, but I tend to keep five or six ICQ windows open at a time, leading the a chorus of clicking noises. I tried deleting the sound file that appeared to be the one they were using it to no avail.
I'm one of those snobs who doesn't watch TV so I don't know if this is the case, but sometimes painful pushes are necessary to advance the general public. I imagine there was widespread discontent when horses were banned from many motorways, for example. People who had invested in the concept of a DC powergrid were prolly unhappy when AC was standardized.
I cry for the moderation system.
the same arguments against gay rights based on choice also negate civil rights based on religion
You'll find that many of the most vocal opponents of gay rights aren't all that interested in freedom of religion either (so long as they're on top). The same religious views that make them so sure that gays are going straight to hell also make them want to convert people to the "one true way"(tm) through whatever means necessary.
If they're using realtime streaming to show short pre-recorded clips that could easily fit in a RAM buffer, then they deserve ridicule for doing it
I work in streaming media - my average file is around 80 minutes long. The files range from around 180-500MB. Is that a good enough use for you?
Real deserves ridicule for encouraging it.
I don't believe that any of the Real manuals that I've read include encouragement to show short clips via streaming.
It's another example of rights holders crippling their own damn product in a hopeless attempt to prevent you from downloading it and showing it to your friends.
So? The general public has shown itself to be inherently untrustworthy when it comes to digital media. Content costs money to create. There has to be some way to recoup that money.
I think the current RealOne player is garbage.
Could you be a little more specific? I stream terabytes of data with Real without much of a problem. The client has finally been cleared out of all of the crud - if you want a step by step guide you can read mine here and the server's finally stablized to the point that they run for months without restarting the server application.
At least the original RealAudio wasn't nearly as bad, but it still consumed a lot of RAM and CPU cycles on my 68040.
A 225K stream in the current version of RealPlayer takes up 7-15% of my 2.0GHz Pentium-4M that I just tested it on.
Having worked with or investigated the three common streaming mediums, I think that Real offers the best quality for things such as Powerpoint presentations or capturing writing on a document camera. For larger (640x480) movies, I've found that QuickTime with Sorenson 3 seems a little better. However, QuickTime for Windows can be tremendously unstable and generally brings Windows down with it as well. It's also much harder than Real to get working on the client end.
Windows Media has never impressed me much - it's a variant of MPEG4 without much going for it other than the fact it's free. When Comedy Central went from Real to Windows Media, I noticed a drop in quality, even though they went up in bandwidth.
As far as what's being done with streaming media, I use the streaming legal music services (alternate between Napster and Real Rhapsody) and am happy with them - I've got more than enough bandwidth to use them at work and they let me listen to the stuff I don't like enough to buy but want to hear every now and then. It's helping improve education - many of the students I work for enjoy being able to review the lectures after the fact. It means we can place movies online for them to watch without them having to go to the library to watch a physical copy (that someone else may have already checked out).
If the contract included all OSDL employees, whether or not they were actively using BK, then he was very much in fact a customer, just one that didn't happen to use the software. If he really wanted to work on the project, he could have left OSDL and everything prolly would have been fine. Do you think Microsoft would let one of their contractors work on Samba, even if their desk job had nothing to do with CIFS?
From everything I've read, Linus is a pragmatic open source developer. He used the GPL because he felt it was the best way to create the software he wanted, not because of any great desire to make software free, in beer or action. Perhaps the contact was problematic, but that should have been worked out ahead of time. If Linus et al didn't add some kind of graceful closesure clause, there's not too much leway to complain. Beware of Greeks bearing gifts - there's little that's free in the commercial world. They knew what they were getting into and decided it was still worth it.
If people really had that big of a problem with BK, they were free to fork the kernel. Did anyone [notable] do so?
McVoy pretty much illustrated the inherent dangers of not being Open Source
Most PHB types could care less about whether something is Open Source or not. There's even a good chance it's something that they're biased against. The situation came about because of a special arrangement that was made with Linus - this isn't a representative sample of how a commercial customer would be treated.
Worse yet, we've illustrated that here's someone who's willing to do just that...yank his product from under a high profile project.
It's called basic contract law. A customer violates your contract, you take steps against them. It may not be what most companies want to be on the receiving end of, but it's not something that's easily defined (excepting Open Source fanatics and the trolls at The Register) as unethical.
it assumes that the workings of the program will not be suceptable to black-box reverse engineering
See the Linux kernel examples I gave in this reply.
But [IE] has proven very suceptable to reverse engineering.
Was it reverse engineering or just putting some brainpower into analyzing where buffers would be?
there is no way to keep your code secure because you have to distribute it (in binary form) for anybody to be able to use it.
Really? I could have sworn that I wrote web applications that are usable without the users ever having the binaries.
Anyway, be a nice little AC and disassemble IE for me. Then show me the code for the CSS interpreter, highlighting each boundry check for me. Should be trivial, right?
Try taking CS 101 again, morone.
Um, yeah. I think that speaks for itself.
But at least they are found and fixed
Which I did point out. If you're really bored, you can look at my posting history and see that I'm a dedicated open source user and have been so for quite a while. But I chafe at absolutist statements that make the open source community look like the stereotype put forth by the article in question.
you think that is better to wait until some evil dude with time on his hands to decompile your program and discover the problems
Decompiling some little program is one thing, decompiling and understanding IE, IIS, or the Windows Kernel is a non-trivial task. Most of the attacks on IE have been created by using a little brain power to think of where buffers were used and attacking them. Recall the testing on Mozilla/Firefox where intentionally garbage HTML was thrown at them to see if it would break it. It found plenty of problems with no disassembly needed.
Do you really think that something like this or this could easily be found by decompiling?
The more secrets you have in your design, more points of failure in your security system.
Um... no. Openness only benefits security if there's substantial improvement from disclosing it and the implications of what black hats can create using it doesn't outway the benefits.
I use an algorithm to produce pseudo-random but rememberable passwords. I could disclose that to the general public, who could point out potential problems with it (it is pseudo-random, so obviously there are flaws), but that would greatly increase the chances that someone could use that knowledge to greatly speed up forcing my passwords. As it happens, I'm a smart enough guy to know that my passwords are "good enough" for my purposes. Secrecy enhances my security in this case.
My car has one out of X possible Ford key sets. Which one it uses is a secret, because it's kept secure by the fact that it's impractical to try each of the possibilities to break into my car. If I got rid of the secret and published which specific key it was, it would greatly ease the difficulty of stealing my car.
The NSA has encryption algorithms that are very much secrets. I'd put good money on them being harder to crack than the published algorithms. Shall I go on?
As for staying on top of the patches MS is no diferent, an unpatched windows cannot survive much in the wild.
True. But there's been relatively few MS kernel patches released to fix security issues. Most of what they patch are things on top of the kernel layer. Linux has many little fixes in each kernel release. Here in the real world, we have pressures from the management to have X% uptime. We have applications that are only certified against specific kernels from vendors that will refuse to support us if we upgrade the kernel. We have systems that are owned by people who won't upgrade every time a new kernel comes out. Not to mention the fact that you run the risk of encountering problems if you're running bleeding edge kernel releases. So you have to straddle the line between reliability and knowing that there's a couple potential escalation of priviledge issues lurking in it.
Neither approach is absolutely the best. Choose the one with the consequences you can handle. But I guarantee that you would have a harder time finding flaws in well written, complex software without the source than you would with it.
Security by obscurity is no security.
No, security by obscurity provides a fairly good amount of security assuming you can keep your code secure. The benefit of open source is that you [hopefully] write better code and/or have better testing that eliminates that major security problems before it goes into production. There's been a bunch of escalation of priviledge flaws discovered in Linux in the past few months that use obscure race conditions and the like. Those would have been extremely unlikely to have been found without the source code. Read the detailed changelogs of the kernel updates - there's tons of little security flaws fixed all the time.
It's a tossup - Open source finds and fixes the little tiny bugs but you have to stay on top of the patches.
The actual post
It works like this. Everybody is evaluated in terms of academic performance after then 10th grade. Anybody with a GPA of 3.0 and higher can move on further.
Ever hear of grade inflation? I'd be willing to bet that you'd find that wealthier areas would tend to have disproportionately high QCAs. Keep a rich person's parent from going onto 10th grade, and daddy calls his buddy on the school board and all of a sudden you [the teacher] don't have a job any more. After all, little Johnny is just too busy with all of his extracuricular activities that the ivy league schools want to see to pay attention to your class.
Further, the system you describe institutionalizes poverty and failure. The kids most likely to do well are the ones who have supportive parents and stable home lives. The children of parents who have to work two minimum wage jobs to get by are likely to do worse than the children of engineers who can either help them with homework or hire tutors, let alone children of drug addicts or the like. So the worse off kids are denied the opportunity to better themselves and go on to have kids that suffer the same problems. It also favours schools in metropolitan areas that offer many honors and AP level classes (which are factored higher in GPAs than normal classes - honors A == 4.5 and AP A == 5), while many rural schools can't offer those classes simply due to smaller budgets and class sizes.
The US education system certainly has many problems, but what you advocate would make them worse, not better.
coercing people to pay for something that they can currently get for free is exactly the antithesis of everything the open-source community stands for.
Which open source community do you claim to represent? The people that use open source only because it's "free" (as in beer)? Or the ones that believe in access to the code that's important, and happily pay for the development costs because they know that programmers have to eat too? Richard Stallman has repeatedly said that selling software is fine, so long as the source is open.
That might actually be a fantastic idea, it would be fantastic to use the MAC to seed the WEP keys.
The MAC address sits outside of part that's encrypted, so it doesn't really work for that. Fire up a copy of tcpdump, snort, or etherial and look at some packets coming across a wireless connection. They're trivial to find out and trivial to spoof.
Here's a visual analysis of a packet.
It's a tricky question at the minute that combines several fields of law. Recently (IIRC) there was a ruling that stated that the current US laws against bootlegs were unconstitutional, not because the idea was unsound, but specifically because it gave a perpetual time period, in violation of Section 8 clause 8 of the constitution. That states:
To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
So that law may be rewritten and come back.
The other legal issue is whether or not someone has the right to tape a concert. Most of the bands on btree specifically allowed and encouraged taping. However, there is no inherent right to record a performance, so someone making the tape could be sued for doing so if there was no permission. Whether that tape could be distributed after the fact is another question entirely, which I don't know the answer to.
I think that people with more money generally have less free time than people with less money. This is because they tend to work more.
.us.
Sometimes. But the fact that they have more money to begin with means that they can skip out on work for a week if they want a whole lot easier than someone that's just barely getting by. And better jobs tend to provide more vacation time, at least in
Otherwise the tendancy exists that jurors become biased by media coverage.
Even if everyone played nice and didn't publish any information, the fact that so many people are interested in the case means that there are no completely unbiased people. Obviously, a large number of people are interested in the case and are talking about it, which leads to gossip. When you add in Nth generation heresay from the people who attended the trial, then all kinds of disinformation gets created and spread. At least in an open press situation you get multiple first person accounts of different biases to use to construct the big picture.