My first thought on reading the summary was that it sounded a lot like the local chess and go competitions when I was in high school (a few decades ago, before computer games were common). I was one of the top players. I didn't much get that way by reading a lot of chess strategy books or by beating a lot of novices. I did it by consciously deciding that I liked losing better. That is, I challenged players who were better than I was. They usually learned to try each trick on me just once, because the second time I'd have worked out a reply. Also, from then on, they had to look out for the same trick from me.
Nowadays, I don't play many computer games. But if I decide to take it up, it'll be because of access to slowly-increasing challenges. If a game doesn't behave as described here, I'll get bored with it fast and go looking for something that's more interesting.
Actually, part of the reasons for getting out of games is that I realized that software development is a kind of game that you can get paid well for. The basic setup is: When you get the recalcitrant little beastie to do what you want, you get points (and possibly a raise for the next project). When the designers of the system (OS, runtime libs, compilers, data designers, whatever) trick you and the machine interprets your code differently than you expected, the people responsible for the system code get points (and possibly a good position building the next release of the system;-). A good programmer is one who can win at this game against the system designers.
So as a programmer, you're constantly challenged by the new challenges that are hiding out in the latest releases of the systems that you're programming for. You really are playing against some of the brightest human opponents on the planet. It's a much more interesting and challenging computer game than anything actually advertised as a game.
I've described this theory to a number of bosses in the past. One of them chuckled, and explained that this was probably why I hadn't ever "graduated" into management. He'd seen my code, and it was too clear and well-documented to ever be a good player on the "system" team in the game. The other programmers wouldn't face the challenges they expected from my code, so it was obvious that I wouldn't be welcome on the other team. So I chuckled to, and told him that I was happy playing for my current team. I got to build things that users actually use, which was a nice bennie. Sometimes they've even paid me for copies of my code, while people only pay for "systems" code because they have to for the machine to be usable. We both thought it was all pretty funny. But maybe this was partly because we were both paid pretty well to play.
For some reason many "system" programmers don't seem to appreciate this characterization of the software industry...
We might note that in 1970, a computer with the capacity of the OLPC XO would have been one of the biggest, fastest supercomputers in the world. And you couldn't even buy a computer terminal with a screen that had that resolution. Now it's a child's (educational) toy.
The first computers I worked with had fewer bytes of memory+disk and a slower process than the "smartphone" in my pocket. (Which phone doesn't matter; it'd be true for all of them.;-)
Fanboy basically means "no matter if they do good or bad I'll follow them", which is just another way of saying "I'm a fucking idiot". Seriously, being called fanboy is a bad thing.
I think you've got it wrong. An Apple fanboy is anyone who is less critical of Apple than you are, while an Apple-hater is anyone who is more critical of Apple than you are. At least that's how I've seen the words used on/.
Wait! You're both right!;-)
At least you are from the point of view of the typical dictionary editor or publisher. They keep pointing out, typically when someone has mistakenly quoted a dictionary as an authority, that most dictionary makers don't presume to be authorities on correct usage. Rather, they view their job as making a tool for someone who has run across a new word,or an old word used in a puzzling way. That person doesn't usually want to know the "correct" meaning of the word; they want to know "What meaning was intended in this passage?" Thus, dictionary makers like to collect all the distinct uses of a word. They try to figure out what was intended by each writer or speaker, and document all the meanings. The dictionary user can then go through the list of documented meanings, and pick one that makes sense in context.
There has been a funny example of this in the media over the past couple of months. The term "teabag" is being used as a verb in American political contexts, surprising and shocking a lot of people who only knew the obscene sexual meaning of the term. ("Those Republicans were doing what to their opponents? Aren't they against that sort of act?") I checked a couple of days ago, asking google to "define: teabag", and most of the cited dictionary entries gave only the sexual definition, plus of course the noun meaning as a porous container for tea leaves. But I did find a couple of versions of the new political definition, and found that I'd been led astray by hints that it had to do with the Boston Tea Party. A lot of passages suddenly made a lot more sense. The wikipedia entry even gave a link to an entry about the term in Rachel Maddow's blog, in which she and Ana Marie Cox discuss it in a way that can be read as either political or sexual. It's quite hilarious, with double-entendres thicker than you've ever heard them, once you know both meanings. At the end, Rachel admits to having blushed twice while doing the segment. Several other reporters have had similar fun with the term.
Anyway, any competent dictionary maker would find the uses of "fanbo[iy]" on this and other forums, and dutifully document both of the above meanings. It would then be up to the dictionary users to decide from context which was intended by the writer of the passages they're reading. It's fairly clear that the term is used with a wide range of meanings, from someone who slightly prefers one brand until a better comes along, to someone who would never buy or use anything else no matter how shoddy the brand becomes.
Also, it's quite traditional in many technical fields for people to adopt insult terms as neutral technical terms. For two good examples from previous centuries, look up the origins of the mathematical terms "irrational number" and "imaginary number". The recent adoption of "nerd" and "geek" as group identity terms is similar. OTOH, the use of "hacker" in the computer field went the other way, starting in the 1960s as insiders' term of praise, then being picked up in the 1980s by the media as an insult word. Again, a decent dictionary would include all of these meanings, along with the older circus side-show usage.
In our house, it would be our cockatiel. The little darling likes to play with keyboards, and we often find the screen showing long lines of total gibberish, usually including long repeats of a single character.
The weirdest story of this type that I've read was a news story maybe 10 years ago, about a tomato that dialed 911 (the emergency number in the US). There was no voice on the line, so the emergency folks sent a full contingent of medical people and police to the house. When nobody answered the door, they broke in, and found nobody in the house. After some time, they finally figured it out. Above the phone, there was a wire basket containing several tomatoes, one of which was a bit overripe. It had dripped onto the phone, leaving several red splotches. One of these was on the special button that was programmed to dial 911. The tomato juice had short-circuited the button's switch and triggered the call. They left a note for the residents explaining what had happened, and suggested moving either the phone or the basket to prevent recurrences.
The story was spread around a number of electronics mailing lists and forums. It was a good funny story about the unanticipated ways that Things Go Wrong, and how hard it can be to anticipate or diagnose such failures.
This doesn't mean they need to create new laws for "e-this, or cyber-that"...
Ah, but they do. The past several decades have shown that one of the most amazing powers of a computer is to erase history. As soon as a computer is introduced to any human activity, all historic precedent is instantly discarded, and we have to relearn everything that we used to know. This especially applies to laws and legal precedent. The mere presence of a computer leads to cries of "But this is different!" from all involved parties, followed by interminable discussion of who should be allowed to do what to whom, with absolutely no reference to precedent.
Examples of this abound in nearly every area of law. Thus, in the US we used to have a Constitutional rule forbidding "unwarranted search and seizure". But if there's a computer involved, it is completely legal to collect data on anyone for any reason, and to let anyone else search through that data at any time (if they pay the price you're asking for access). It's also legal for any authorities to seize and carry off anyone's computer without any legal warrant, just because you think there might be incriminating evidence on it (or you'd like to play with that model of computer for a while). The new GPS gadgets that are in most cars contain small computers, so they are the perfect excuse for police to stop anyone at any time, search the car and/or the persons in it, and carry off any electronics they may find. And so on.
So it should be no surprise that we have to reestablish legal rules involving restraining orders when a computer is involved. Of course we do; there's a computer involved. So the fact that, as others have pointed out, there is abundant legal precedent for handling accidental or fraudulent "violations" of restraining orders, this means nothing when computers are involved. We must laboriously repeat all the past discussions, and figure out all over again what the rules should be, without paying any attention to any of the precedent.
Of course, I could be violating the whole principle here, by pointing out in a computer-related forum that we're ignoring precedent. Of course we are; there are computers involved in making this forum work. So maybe I should just shut up and enjoy the discussion...
I'm not worried until somebody is busted for being tied with Al Qaeda in the sixth degree.
It's also fun to note that, under the Kevin Bacon scheme, George W Bush and Osama bin Laden have only one degree of separation. They have both been together in not just one, but two movies. Those movies were documentaries, of course, but that's a trivial detail that wouldn't stop any journalist from saying that they are "linked".
One of the movies was Micheal Moore's "Fahrenheit 9/11". I've forgotten the other one and I don't have time right now to google it. Maybe someone else knows. And there well may be several other movies that they share by now.
It is not as if [CERN] is a super secret research facility.... most likely you could get information here [web.cern.ch] in much more detail...
True, but there's a long history of the government "security" folks not particularly caring whether the information was secret or not.
For a historic example, read some of the copious material on Julius and Ethel Rosenberg in 1953. One of the points made by some of the historians is that the things the Rosenbergs were accused of passing to the Soviets could all be found in college textbooks of the time.
I saw a funny case of this back in the 1970s, when I was in college. In the textbook for a physics class, one of the end-of-chapter exercises was of the form "Using the equations in this chapter and the tables in appendix [X]., calculate the critical masses of the following isotopes:...." The end of the sentence referenced a footnote, which informed the student that giving the answers to this question to anyone without a US security clearance was punishable in the US by N years in a federal prison.
The author(s) of this textbook obviously had a sense of humor about it all. But the government security people tend to take it seriously. Consider that only a few years ago, one of the things that we computer geeks were forbidden to show to foreigners was the RSA algorithm. The fun part of this is that "RSA" is the last initials of its three developers, of which only two were US citizens. Trivia question: What was [is] the nationality of the third person in this trio?
Anyway, it's likely that the US and various other governments will declare some of the discoveries at the LHC to be government secrets, even the things that are published openly in physics journals. I suppose they will be secrets to the great majority of people who don't or can't read physics journals.
(I still have one of those t-shirts with the three-line perl implementation of RSA, and the explanation of why the t-shirt is legally "munitions" in the US, under the ITAR regulations.;-)
When I was in the Government, replacing local computing resources with centralized resources was always pushed as a cost-saving move, and always cost more money.
Similarly in the business world. The basic problem is that a mainframe requires a professional staff to support it, and that always turns into a department that is its own separate power center. The computer department (under various names) invariably puts strict controls on how their equipment is used, and if they don't approve of what you're trying to do, you can't do it.
This is much of what drove the adoption of "desktop" machines back in the 1980s. The prices of small computers dropped to the level that they could be bought out of discretionary funds. The central DP people tried to block this, and force people to use the mainframe. But the argument in the rest of the organization was "We need to do X, and the DP folks won't let us do it." Thus, the DP people had no idea what this newfangled "spreadsheet" stuff was for, and until a thorough review could be scheduled, it couldn't be installed on the mainframe, because they'd have to support it, and they didn't know if it was worth the effort. So, "in the meantime", people bought small computers that had spreadsheet software, typed in their data, and got the results that couldn't be gotten from the mainframe.
Similarly for word processing; by 1990 most mainframes still didn't have printers that could print lower-case letters, or print on standard letter-size paper. But you could buy ascii printers for your laptop that could use the full English characters set (and sometimes even other languages), and could print on standard-size paper. So departments got their own desktop machines, sent their typewriters to storage, and moved forward without permission from the DP people who still didn't understand why anyone would want to print nice-looking documents. "That's not computing; where are the numbers? It's just typing, and has nothing to do with computers."
This was the story with nearly everything new that came along. It was first developed on small machines, and bought individually by people who found it useful for the job. Eventually, the central IT people noticed and got similar things, but that was usually years later.
And management has always loved big machinery, while most of the technical advances in computing have always been done on the smallest, cheapest computers. Now we're seeing the newest stuff coming out for the smallest laptops and handhelds. We can guarantee that Congress's new computers aren't like that; they're probably some pretty big boxes in comparison, or maybe a bunch of "blade" machines in tall racks. So Congress isn't really keeping up with the times; it's moving into the late 1980s.
But it's about time. And probably lots of Congresspeople are using their "notebook" and "smartphone" computers, while not much thinking of them as related to the machines in their new data center. In another decade or two, this will have its effects, and there will be news stories about another major reorg in the data centers.
... can be had orders of magnitude cheaper with Linux clusters....
And right there we have the answer to the earlier comment about "... there's something in the constitution about separation of data centres...".
In management circles, worship of IBM (and His Son Microsoft) now qualifies as an ancient religion that is sorely challenged by the flock of Protestant religions based on various unix (and its bastard offspring linux) computer systems. The US Constitution is clear in forbidding Congress to make any laws concerning religions, and this obviously includes its own religions. So decisions concerning which software to use can't be decided by law; it must be left up to the whims of individual Congresspersons, perhaps guided by holy Committees.
As a Google Voice user, I was confused when I tried to call a free conference call service and my phone never rang.... They could at least explain WHY they're not allowing the call to go through.
Maybe what google needs to do is produce a little popup that says something like "This call can't be completed for free because [telco name] charges $x.yz per minute for the connection. Would you like to pay for this connection with a charge card? [YES] [NO]".
They might include a link to a page explaining the charges and the FCC's role in the issue. They could get a few digs in at AT&T while they're at it. This could get across to users what's going on, and put some slight social pressure on the FCC to do something reasonable to fix it.
I wonder how difficult it would be for Google Voice to figure out the telco name and the $x.yz charge, and tell them to the user? In my experience, it can be very difficult for software to discover who's responsible for the various links in a connection. This is carefully hidden from applications by the "layer" structure of the protocols. I've often wanted to have such data for debugging reasons, and it's generally not available via the runtime libraries that I have available. But maybe some of the bright folks at google have a way to get at the information. After all, the software (in some layer) does somehow know not to make the connection.
The mails asked users to log in to "Hotmail" using a convenient link in the email, because their account would soon "time out" if it was not used.
Yeah, and I've been getting phishing messages like that for several years now, at all of my email accounts. So why is it suddenly a big story? Did the MSM reporters just now discover this kind of attack? Or maybe there has been a huge increase in the incidence recently? Or maybe someone at/. just learned about what's been going on for years? I haven't noticed any major increase, though I might not because the filters on my accounts are all reasonably good at spotting them and tossing them out.
So why is this a news story? Is it just because some "important" users of hotmail got bitten by it?
But why are people surprised, that if you operate in a country, you will have to abide by the laws of that country?
Because generally this isn't true.
First, you only need to obey laws that are enforced. This is often less than half the laws that are on the book; the others you only need to worry about if you offend someone in power.
Second, the enforced laws can often be ignored, with care, plus a few, uh, contributions to the right people in the government. This is as true in the US as elsewhere, and often goes by the name "campaign contributions".
For example, consider the company formerly known as Blackwater USA, then Blackwater Worldwide, and now Xe Services LLC. It's a private military contractor, with headquarters in North Carolina, USA. Google will find you a lot of information about its history (and probably a bit of misinformation here and there). It fairly obviously operates outside the law in various parts of the world, as a supplier of private "protection units", and a good number of local people have died during some of its operations. This is widely documented in the media, but you'll have trouble finding any successful prosecutions of the company or its officers under any nation's laws.
Blackwater is merely one of the more notorious of such companies. It's easy to find others. Thus, as we've been hearing lately, there are illegal movie and music copying operations all around the world, often done in the labs of "legit" companies. The (non-pharmaceutical) drug business is operating illegally almost anywhere, and usually only the lowest-grade employees have any danger of arrest or prosecution, while the officers and shareholders become wealthy. (Of course, a good part of their wealth often goes to paying their private armed guards.;-) Most such corporations operate quite openly, as they must if they are to succeed as retail-sales organizations. But they are rarely taken to court, despite the generally illegal nature of their main business.
The idea that corporations "have to" obey laws anywhere is a bit naïve; the reality is sometimes rather different.
So if the company does something illegal, let the shareholders be personally responsible and serve time for the company's crime.
Probably a good idea. But it goes against the basic reason that corporations exist. If you dig into the history, you'll find that one of the primary motives in creating such legal entities was to insulate the officers and shareholders from legal liabilities. The whole point of a corporation's existence is to allow the people running it to say "I didn't do it; the corporation did". Stockholders' fines for corporate criminal behavior is usually limited to their investment, and it's exceedingly rare for such fines to be imposed. Instead, the corporation is fined.
Of course, there were and are other reasons for corporations, such as different tax laws. For example, here in the US and many other places, people pay income tax on their full income, while corporations pay tax on only their "profits". A corporation can deduct all expenses of doing business; if a living human tries the equivalent and doesn't pay taxes on the portion that they pay for food and/or shelter, they are likely to end up with a good fine or jail time. (Yes, tax laws often make some portion of such things deductible, but rarely all of them.)
Also, a corporation usually doesn't pay the same taxes on equipment (vehicles, machinery, office supplies, whatever) that a human would pay. This is why individuals or families sometimes form corporations. That way, equipment can be bought and owned by the corporation, not the individual. This is also used to avoid inheritance taxes, since the deceased didn't own the money or building or equipment; the family corporation did, and it didn't die.
In all of these examples, we see that the corporation relieves the people running it from legal liability for something. Usually it's liability for taxes, which are lower for corporations. But all too often, the laws only impose a minor fine on a corporation for actions that would be criminal violations if a human did them.
There was a fun bit of journalistic "research" a few years ago in the US, that consisted in tallying the punishments that the courts gave to corporations for actions that resulted in deaths, such as contaminated food, incorrect medicines, overly dangerous equipment of various sorts, etc. The bottom line was that corporations were on average fined about $300 per documented death. This is a whole lot "better" than the sentences handed down to killers that are humans. It explains why many corporations consider criminal law to be not much more than a minor tax on their business operations, and why such fines often have little effect on corporate behavior. If the likely fine is less than the profit, there's no reason a corporation shouldn't do it.
It's true that in a few especially egregious cases, the officers have been charged and tried for their part in the actions. But it's pretty rare that they are actually convicted of anything.
I have to wonder why you would think anyone knows to look for green bars.
So what's a green bar? Is it something that a browser does? Where would I see one, so that I can recognize them when I don't seem them?
I have a dozen browsers installed on this Macbook, and looking around at their windows, I don't seem to see anything I'd call a "green bar" in any of them. So are you saying that none of them are safe? Note even the ones that are showing a page on my own web site (which I've been testing on all the browsers)?;-)
Hmmm... Some readers seem to have missed the point that it was (quite consciously) written in the form of a fawning news report copied from a corporate press release. So of course it's full of rhetoric that hides the fact. That's what Marketing does, y'know.
Our house has had Windows, Mac, and linux (ubuntu, knoppix and OLPC right now) systems for a long time now. The interesting case is my wife's machines. She has long worked for several local medical organizations (HMOs), and at work everything is Microsoft (with IBM mainframes). She has also worked part-time from home for several years now, because she gets so much more done there where the schmoozers can't reach her). So she has always had to have a Windows machine at home. She hates it, and loves her Mac(s).
But for the past year, she has no longer had a "Windows machine" at home; she just has "Windows". The reason is that she replaced her creaky old Mac Powerbook with a new iMac (with a huge screen). While talking to the folks at the Apple Store, she learned about that new "virtual" stuff, and along with the iMac, she took home disks for the software that would install a virtual XP. After it had been working for a couple of weeks, fully networked via VPN with her office network, she donated her old Windows box to me, and I reformatted it as a linux machine that's our firewall/gateway/etc.
So, while she has a Mac and a Windows machine, they're the same machine, her iMac. A couple of months ago, she decided that another laptop would be really useful, so she got a Mac Powerbook - and installed a virtual XP on it. A month ago, we were on vacation a couple thousand miles away, and she impressed the folks at work by connecting to the office network from her Mac/XP via VPN, and helped them out with some problems they were having. Actually, it didn't impress everyone, because most of the employees are Mac users at home, and several of them had already followed her lead when they got their new Macs.
There are a couple of interesting possibilities implied by this. One is that, if you like Macs but "need Windows for work", there's no need to pay for any hardware for your Windows machine. You might want to get an extra GB or two of memory, since Windows is a bit of a hog. And you'll have to learn how to get one of the Mac's several virtualization schemes to work. You will have to pay (somebody;-) for a release of Windows. But you can run it on your Mac., and you're free of the hassle of dealing with the Microsoft-based hardware market. She has also found that the Apple Store people and online Mac forums can answer questions much better than, say, Dell Customer Support can. In a few years this might have an, uh, "interesting" effect on the PC market.
Another thing to think about is the problem of crappy security on Windows. It's hard to get a straight story on this, but there are hints that the "jail" (or "sandbox" if you prefer) that Windows runs in under OS X is significantly more secure than Windows on a bare machine. We'd like to learn more about this, because as I mentioned, my wife does computing work for medical organizations. Here in the US, people are waking up to the serious problems with the (overly slow) computerization and networkization of medical data. Some fairly stringent security requirements are being written into law for medical data. And the medical industry almost everywhere runs on MS Windows, the most insecure system on the market. It doesn't take a genius to see the problem here.
Virtualization has the potential of at least limiting the damage from the latest exploits, since Windows is run under the control of another system that has better security. We know from the history of IBM's VM system that this can be effective, assuming that the low-level system is accessible to knowledgeable developers (which isn't always true in the small-computer market). But imposing security on an insecure system that has "no user serviceable parts inside" isn't easy, so we can't really say how effective this will be.
Her management never allowed upgrading to Vista, in part because they learned about the network-update (discussed here on/. several times) that can't be disabled for some portions of the system software. They und
There's a relevant comic on the topic over at PartiallyClips. The business world has a long tradition of not distinguishing "unethical" or "immoral" from "illegal". The legal and law enforcement communities do understand the distinction, and generally don't show great interest in going after things that are legal, no matter how unsavory they may be.
Yeah, just as with the ancient technique of the "finger on the scale", or padding various products (especially food) with small amounts of extra junk. It's perfectly natural for sellers to hoodwink customers in such ways, and if the customers are dumb enough to fall for it, they deserve what they get, right?
Suppose you're building an application using two DLLs, let's call them A and B. Both depend on a third DLL named C. Now, suppose A uses C version X, and B uses C version Y. You're screwed, right? Not with SxS, since that allows multiple versions of C to be loaded. That's the real added value of SxS.
Huh? Microsoft's compilers and linkers have allowed this for ages. The difference is that it's now a feature, not a bug.
There was a study of MS's binary apps years ago (and I thought it was reported here, but I don't seem to find it in the archive), which analyzed the contents of the binary files. It was found that there were typically many copies of various library routines, sometimes 10 or more copies. They even had duplicated local data blocks. This was presented as a bug at the time, and an explanation of why MS's binaries required so much memory.
But now this practice is called "side-by-side", and it's considered a feature. Which, of course, means that it never will be fixed, and users can look forward to even more bloated programs that contain copies of all the versions of a routine that have ever been released.
It's sorta like extending the concept of a CMS into the binaries of apps. No longer will all those old versions be kept on the sidelines, off in obscure libraries. They will all be right there in the binary, ready to be loaded into memory if they are ever needed.
Who was it that has congratulated the software industry for consistently undoing all the amazing hardware advances of the past decades by responding to bigger memories and faster processors by making the software use more memory and cpu cycles? SxS is a major step forward in this technique, and promises to lead to major increases in memory sales in the near future. And all it took was realizing that a practice that had been considered sloppy wastefulness of memory was actually a valuable new feature for backwards compatibility.
I don't consider Tatu YlÃnen [sic] here as a bad guy. What he has given to the world free of charge is 1) the SSH v1 protocol specification, 2) the SSH v1 open source implementation, and 3) the SSH v2 protocol specification. On top of that he has managed to make a living off of the SSH v2 code, and he certainly has the right to do that.
Presumably the problem is the thing about trying to use the legal system to stop OpenSSH. If he had cooperated with the open branch, while building a private company to sell the closed branch, most people would have probably accepted it without comment. After all, there's a portion of the market who believe that closed, proprietary software is more secure than open software. It's quite appropriate to make a closed, proprietary version of any open software to satisfy them.
One could argue that it's better if both branches are in fact identical, so that they interoperate well and there's reason to expect that the closed version doesn't contain any backdoors. But that's probably being too trusting, and the closed branch should always be treated with suspicion by knowledgeable people. "What are they hiding in it that they don't want us to know about?" But we know that there are a lot of people in management who don't trust anything that's open, and rather than seeing them use some separate package that probably contains all kinds of undiagnosable holes, it's better if a closed-source edition can be made available just for them.
It's also appropriate to market an expensive edition of the closed version, specially tailored for that part of the market who believe "You get what you pay for".;-)
Other than that, OpenSSH is possibly one of the most capable and reliable pieces of software I've ever had the privilege to use.
Oh, I dunno about that. Right now, I've again been seeing an OpenBSD/OpenSSH failure mode that has plagued a bunch of us for years, and nobody seems to be able to find a clue about what's wrong.
The scenario is a flock of unix/linux machines of various makes, models and release numbers, with ssh/scp/... used between them. All of the machines work together pairwise, except for when one of the pair is the FreeBSD machine. With that one, an ssh or scp gets through just fine, and works for a while, but then it simply hangs, and neither end gets any more traffic for hours. There's lots of evidence that the problem is in SSL on the FreeBSD machine. One bit of evidence is that I often have connections to it from several different machines, and all of them hang at the same time. While they're hung, I can make a new ssh connection, which works fine, and I can verify that 1) the processes on that end are all still running, but 2) they're not receiving data or errors from the SSL link. Also, killing the processes on either end of the connection has no effect on the other end. But it's not the machine's low-level networking that's at fault, because other kinds of connections survive the event without problems. Turning ssh's debug level way up doesn't help; neither end sees any problems during the hang. It's not a Comcast-like blocking from the ISP, because links via different ISPs hang simultaneously.
Questions about this on various forums have gotten no replies other than "You must have something configured wrong" without any hints as to what config error might produce such problems. And it doesn't help that the problem isn't reliably reproducible. Sometimes things will work for weeks. Then, as happened in an ssh session from this Macbook just before I hit Reply here, the connection will suddenly hang in the middle of typing a command to the remote shell, and a quick check (in a couple of other windows ssh'd to the same FreeBSD machine) will show that they're all hung, too, including the one that was running a "top" command that halted during the same second.
Anyone here know if this problem has been successfully diagnosed anywhere? Google doesn't seem to be our friend this time, e.g., "ssh hangs" gets some 8 million hits, but they all seem to be about hangs during initialization or exit. This hang is during routine use, usually noticed when the echoing stops while typing something. Adding other keywords for google doesn't seem to help, because what are the right keywords to describe a hang that appears randomly during routine use and isn't related to anything you can name?
It is impressive that we haven't been able to get this particular misbehavior on any of the other OSs that we have available. We've only seen it when one end is FreeBSD, and it survives upgrades of the OS and OpenSSH. It has been around for a while, though. On one of the FreeBSD systems where it happens, "ssh -v" gives "OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004", so the problem has been around at least that long. It happened a few days ago with a new FreeBSD installation on another machine in the lab.
Note that this hang isn't a failure to connect or disconnect. Those work fine. It happens "for no apparent reason", during an ssh or scp (or rsync) session that has been working fine up to that point. And it appears to happen to all SSL-based connections to the FreeBSD system at the same time, to within a second or so.
Actually, what would be really useful is a technique for asking google (or some other fine search site) about this topic, and not get buried by millions of comments about similar problems during the connect or disconnect phase. The problem with search sites is that there seem to be an uncountable number of different keywords used to talk about startup/shutdown or login/logout or connect/exit/ or whatever, and no matter how many of t
Isn't this the way that the information network is suposedly done in Diamond Age? As long as the encryption is good enough and the bandwidth wide enough, there's no reason such a system couldn't work.
Somewhere around here, I have some of the docs from the early days of the ARPAnet, pre-Internet and in the late 1960s. I remember well a number of discussions of the way that these docs included pictures that were 1) completely wireless, and 2) included relaying by pretty much every gadget. The intent from the first was that if there was a data path between two nodes that wanted to talk, the software would find a path and deliver their packets to each other. This was funded by the military, as you'll all recall, so the equirements included the possibility that relay nodes were coming on- and off-line randomly, often because someone was shooting at them as they came on-line. The military wanted routing software that would rapidly route around damage and get the packets through. (Has anyone here heard the phrase "route around damage"?;-)
In the 1980s, I poked around a bit at MIT's ChaosNet, which was based on the same concepts: Everything is a relay, and if there's a data path, the data will be delivered. We did a few experiments chaining together machines with RS-232 crossover cables, firing up the "chaos" drivers, and watching the last node on the chain connect to a remote machine. I don't recall how long a chain we had, but we got it so the last one was pretty slow.
Lots of us have been disappointed for some four decades now, that we don't yet have total wireless interconnection with everything acting as a relay as needed. A while ago, I played with some OLPCs, and sure enough, they've implemented this idea. If you carry an OLPC into an area where there are others, it becomes part of the local mesh, and if any of them has access to the Internet, they all do. Most of us don't have this, because the commercial world is still dragging their feet on such concepts after all these decades, and only a few groups of people here and there actually have software that does it. (I have wondered whether the OLPC really does a good job of this, but none of my neighbors have one, so I can't experiment with it easily. I did one test of a chain of 4 machines, where the first could see my home gateway, and the others could see at most 2 neighbors. The last one could use the Internet, and was visibly slow but usable.)
And in other places, people are trying to implement this, not knowing (or caring?) that others have worked on it before them. And others continue to argue against the practicality, with the same arguments we've heard before. Yes, we need better batteries, but that's no reason we can't work on full mesh networks now (or 30 years ago). Yes, we need to encrypt everything; the security folks have been recommending end-to-end encryption for decades and we have software that can do it. We (or more often the commercial suppliers) just refuse to supply systems that put it all together. Part of it is the comm companies, who don't want total interconnection; they want everyone to pay them for data transport, and they want to be able to see all the data as it passes through their relays. Part of it dummies who don't want their computer to forward packets for others, and aren't smart enough to understand the result of others behaving the same way.
Amongst all the wide-eyed discussions of the miracles of modern technology, we occasionally are reminded of things that we could have had long ago, if we'd been smart enough to force the vendors to include them.
(And I expect replies that mention flying cars...;-)
Oh, I dunno; I'm not too impressed by the way that the stars near galactic north and south are spread out into lines. This image doesn't use the best sort of sphere-to-plane projection. I wonder if we can get it in a better projection? I'm not sure I even want to see what looks like if I try to zoom in on the polar regions.
There is no such thing as an irrefutable origins theory.
Another suggestion I've read and sorta like is that if the biblical creation theory is correct, then God must have faked all the geology and fossil records. If they were put there by some Devil, God (being omniscient and omnipotent) must have permitted it. This means that God wants us to believe that the world is old and has gone through a long evolutionary process to produce His living creatures, and Darwin was just explaining to us what God wants us to believe. If God wants us to believe this, someone who doesn't believe in evolution is violating God's will.
So far, I haven't heard any religious reply to this. They've gotta have heard it by now. So how do they reply to it? Anyone have a link?
Oops, that should be "provable", not "irrefutable".
And, of course, lots of "philosophy of science" type writers like to point out that scientists and their scientific methods never actually "prove" anything. That's what mathematicians do, not scientists. Rather, the conventional scientific approach is a double negative: An accepted theory is one that can't be disproved. The standards are high; you can't just make up a theory that can't be disproved because it can't be tested at all (e.g., the Last Thursday Theory or biblical creationism). To be in the running, a proposed theory ("hypothesis") must be "falsifiable", i.e., there must be a test that someone can actually do that could disprove the hypothesis if things turn out right. To be really accepted, there must be a series of such tests, actually carried out by different people who aren't cooperating with each other, and the proposed theory must pass all the tests. And even then, many scientists consider it good form to think up new ways to test an accepted theory. One thing about Einstein's Relativity Theory is how many people have thought up really crazy-sounding new tests, each of which could debunk General Relativity. But this hasn't happened yet. So it's generally accepted that the universe actually obeys General Relativity. But anyone who comes up with a good test that it flunks will have a guaranteed place in science-history texts for a long time, so people keep testing it in new ways.
But this is far to complex for the minds of your typical religious and/or media folks, who usually can't handle a double negative (and often reduce it to a simple negative).
Evolutionary Theory is an interesting case, because unlike Einstein's theory, evolution hasn't been reduced to a set of precise equations that can be easily tested. But it turns out that quite a lot of tests are possible, and have been done, with results that are well within the (admittedly large) error bounds of what the theory predicts. So it is generally accepted in a high-level fashion, with lots of details still to be worked out. Thus, Darwin et al didn't know about DNA, and its discovery led to lots of ways to test the evolutionary process, all of which supported Darwin's theory (if sometimes in a modified form). But it is materially harder to test well than most theories in physics. Everything in biology is like that.
Now if the String Theory folks could just come up with a few tests that can actually be done in our universe, and which could debunk the theory. Well, maybe next year...
Anyway, one good way to test someone's credentials as a science writer is to see whether they accept the phrase "scientific proof". If they do, they're not actually scientists. And a good science writer should be able to explain (to reasonably intelligent people;-) what's wrong with that phrase. Some writers do use the phrase while knowing what's wrong with it, but they can rephrase what they write so that it's correct (and less understandable by dummies). We can give them a little slack, though we should challenge anyone who talks about scientific proof in a serious manner. We should verify that they understand that there's no such thing; there are just theories that are accepted for now because they've passed all the tests that we've managed to perform that could have disproved them but didn't.
Slashdot Mirror
My first thought on reading the summary was that it sounded a lot like the local chess and go competitions when I was in high school (a few decades ago, before computer games were common). I was one of the top players. I didn't much get that way by reading a lot of chess strategy books or by beating a lot of novices. I did it by consciously deciding that I liked losing better. That is, I challenged players who were better than I was. They usually learned to try each trick on me just once, because the second time I'd have worked out a reply. Also, from then on, they had to look out for the same trick from me.
Nowadays, I don't play many computer games. But if I decide to take it up, it'll be because of access to slowly-increasing challenges. If a game doesn't behave as described here, I'll get bored with it fast and go looking for something that's more interesting.
Actually, part of the reasons for getting out of games is that I realized that software development is a kind of game that you can get paid well for. The basic setup is: When you get the recalcitrant little beastie to do what you want, you get points (and possibly a raise for the next project). When the designers of the system (OS, runtime libs, compilers, data designers, whatever) trick you and the machine interprets your code differently than you expected, the people responsible for the system code get points (and possibly a good position building the next release of the system ;-). A good programmer is one who can win at this game against the system designers.
So as a programmer, you're constantly challenged by the new challenges that are hiding out in the latest releases of the systems that you're programming for. You really are playing against some of the brightest human opponents on the planet. It's a much more interesting and challenging computer game than anything actually advertised as a game.
I've described this theory to a number of bosses in the past. One of them chuckled, and explained that this was probably why I hadn't ever "graduated" into management. He'd seen my code, and it was too clear and well-documented to ever be a good player on the "system" team in the game. The other programmers wouldn't face the challenges they expected from my code, so it was obvious that I wouldn't be welcome on the other team. So I chuckled to, and told him that I was happy playing for my current team. I got to build things that users actually use, which was a nice bennie. Sometimes they've even paid me for copies of my code, while people only pay for "systems" code because they have to for the machine to be usable. We both thought it was all pretty funny. But maybe this was partly because we were both paid pretty well to play.
For some reason many "system" programmers don't seem to appreciate this characterization of the software industry ...
We might note that in 1970, a computer with the capacity of the OLPC XO would have been one of the biggest, fastest supercomputers in the world. And you couldn't even buy a computer terminal with a screen that had that resolution. Now it's a child's (educational) toy.
The first computers I worked with had fewer bytes of memory+disk and a slower process than the "smartphone" in my pocket. (Which phone doesn't matter; it'd be true for all of them. ;-)
Wait! You're both right! ;-)
At least you are from the point of view of the typical dictionary editor or publisher. They keep pointing out, typically when someone has mistakenly quoted a dictionary as an authority, that most dictionary makers don't presume to be authorities on correct usage. Rather, they view their job as making a tool for someone who has run across a new word,or an old word used in a puzzling way. That person doesn't usually want to know the "correct" meaning of the word; they want to know "What meaning was intended in this passage?" Thus, dictionary makers like to collect all the distinct uses of a word. They try to figure out what was intended by each writer or speaker, and document all the meanings. The dictionary user can then go through the list of documented meanings, and pick one that makes sense in context.
There has been a funny example of this in the media over the past couple of months. The term "teabag" is being used as a verb in American political contexts, surprising and shocking a lot of people who only knew the obscene sexual meaning of the term. ("Those Republicans were doing what to their opponents? Aren't they against that sort of act?") I checked a couple of days ago, asking google to "define: teabag", and most of the cited dictionary entries gave only the sexual definition, plus of course the noun meaning as a porous container for tea leaves. But I did find a couple of versions of the new political definition, and found that I'd been led astray by hints that it had to do with the Boston Tea Party. A lot of passages suddenly made a lot more sense. The wikipedia entry even gave a link to an entry about the term in Rachel Maddow's blog, in which she and Ana Marie Cox discuss it in a way that can be read as either political or sexual. It's quite hilarious, with double-entendres thicker than you've ever heard them, once you know both meanings. At the end, Rachel admits to having blushed twice while doing the segment. Several other reporters have had similar fun with the term.
Anyway, any competent dictionary maker would find the uses of "fanbo[iy]" on this and other forums, and dutifully document both of the above meanings. It would then be up to the dictionary users to decide from context which was intended by the writer of the passages they're reading. It's fairly clear that the term is used with a wide range of meanings, from someone who slightly prefers one brand until a better comes along, to someone who would never buy or use anything else no matter how shoddy the brand becomes.
Also, it's quite traditional in many technical fields for people to adopt insult terms as neutral technical terms. For two good examples from previous centuries, look up the origins of the mathematical terms "irrational number" and "imaginary number". The recent adoption of "nerd" and "geek" as group identity terms is similar. OTOH, the use of "hacker" in the computer field went the other way, starting in the 1960s as insiders' term of praise, then being picked up in the 1980s by the media as an insult word. Again, a decent dictionary would include all of these meanings, along with the older circus side-show usage.
I bet it was really her cat.
In our house, it would be our cockatiel. The little darling likes to play with keyboards, and we often find the screen showing long lines of total gibberish, usually including long repeats of a single character.
The weirdest story of this type that I've read was a news story maybe 10 years ago, about a tomato that dialed 911 (the emergency number in the US). There was no voice on the line, so the emergency folks sent a full contingent of medical people and police to the house. When nobody answered the door, they broke in, and found nobody in the house. After some time, they finally figured it out. Above the phone, there was a wire basket containing several tomatoes, one of which was a bit overripe. It had dripped onto the phone, leaving several red splotches. One of these was on the special button that was programmed to dial 911. The tomato juice had short-circuited the button's switch and triggered the call. They left a note for the residents explaining what had happened, and suggested moving either the phone or the basket to prevent recurrences.
The story was spread around a number of electronics mailing lists and forums. It was a good funny story about the unanticipated ways that Things Go Wrong, and how hard it can be to anticipate or diagnose such failures.
This doesn't mean they need to create new laws for "e-this, or cyber-that" ...
Ah, but they do. The past several decades have shown that one of the most amazing powers of a computer is to erase history. As soon as a computer is introduced to any human activity, all historic precedent is instantly discarded, and we have to relearn everything that we used to know. This especially applies to laws and legal precedent. The mere presence of a computer leads to cries of "But this is different!" from all involved parties, followed by interminable discussion of who should be allowed to do what to whom, with absolutely no reference to precedent.
Examples of this abound in nearly every area of law. Thus, in the US we used to have a Constitutional rule forbidding "unwarranted search and seizure". But if there's a computer involved, it is completely legal to collect data on anyone for any reason, and to let anyone else search through that data at any time (if they pay the price you're asking for access). It's also legal for any authorities to seize and carry off anyone's computer without any legal warrant, just because you think there might be incriminating evidence on it (or you'd like to play with that model of computer for a while). The new GPS gadgets that are in most cars contain small computers, so they are the perfect excuse for police to stop anyone at any time, search the car and/or the persons in it, and carry off any electronics they may find. And so on.
So it should be no surprise that we have to reestablish legal rules involving restraining orders when a computer is involved. Of course we do; there's a computer involved. So the fact that, as others have pointed out, there is abundant legal precedent for handling accidental or fraudulent "violations" of restraining orders, this means nothing when computers are involved. We must laboriously repeat all the past discussions, and figure out all over again what the rules should be, without paying any attention to any of the precedent.
Of course, I could be violating the whole principle here, by pointing out in a computer-related forum that we're ignoring precedent. Of course we are; there are computers involved in making this forum work. So maybe I should just shut up and enjoy the discussion ...
I'm not worried until somebody is busted for being tied with Al Qaeda in the sixth degree.
It's also fun to note that, under the Kevin Bacon scheme, George W Bush and Osama bin Laden have only one degree of separation. They have both been together in not just one, but two movies. Those movies were documentaries, of course, but that's a trivial detail that wouldn't stop any journalist from saying that they are "linked".
One of the movies was Micheal Moore's "Fahrenheit 9/11". I've forgotten the other one and I don't have time right now to google it. Maybe someone else knows. And there well may be several other movies that they share by now.
It is not as if [CERN] is a super secret research facility. ... most likely you could get information here [web.cern.ch] in much more detail ...
True, but there's a long history of the government "security" folks not particularly caring whether the information was secret or not.
For a historic example, read some of the copious material on Julius and Ethel Rosenberg in 1953. One of the points made by some of the historians is that the things the Rosenbergs were accused of passing to the Soviets could all be found in college textbooks of the time.
I saw a funny case of this back in the 1970s, when I was in college. In the textbook for a physics class, one of the end-of-chapter exercises was of the form "Using the equations in this chapter and the tables in appendix [X]., calculate the critical masses of the following isotopes: ...." The end of the sentence referenced a footnote, which informed the student that giving the answers to this question to anyone without a US security clearance was punishable in the US by N years in a federal prison.
The author(s) of this textbook obviously had a sense of humor about it all. But the government security people tend to take it seriously. Consider that only a few years ago, one of the things that we computer geeks were forbidden to show to foreigners was the RSA algorithm. The fun part of this is that "RSA" is the last initials of its three developers, of which only two were US citizens. Trivia question: What was [is] the nationality of the third person in this trio?
Anyway, it's likely that the US and various other governments will declare some of the discoveries at the LHC to be government secrets, even the things that are published openly in physics journals. I suppose they will be secrets to the great majority of people who don't or can't read physics journals.
(I still have one of those t-shirts with the three-line perl implementation of RSA, and the explanation of why the t-shirt is legally "munitions" in the US, under the ITAR regulations. ;-)
When I was in the Government, replacing local computing resources with centralized resources was always pushed as a cost-saving move, and always cost more money.
Similarly in the business world. The basic problem is that a mainframe requires a professional staff to support it, and that always turns into a department that is its own separate power center. The computer department (under various names) invariably puts strict controls on how their equipment is used, and if they don't approve of what you're trying to do, you can't do it.
This is much of what drove the adoption of "desktop" machines back in the 1980s. The prices of small computers dropped to the level that they could be bought out of discretionary funds. The central DP people tried to block this, and force people to use the mainframe. But the argument in the rest of the organization was "We need to do X, and the DP folks won't let us do it." Thus, the DP people had no idea what this newfangled "spreadsheet" stuff was for, and until a thorough review could be scheduled, it couldn't be installed on the mainframe, because they'd have to support it, and they didn't know if it was worth the effort. So, "in the meantime", people bought small computers that had spreadsheet software, typed in their data, and got the results that couldn't be gotten from the mainframe.
Similarly for word processing; by 1990 most mainframes still didn't have printers that could print lower-case letters, or print on standard letter-size paper. But you could buy ascii printers for your laptop that could use the full English characters set (and sometimes even other languages), and could print on standard-size paper. So departments got their own desktop machines, sent their typewriters to storage, and moved forward without permission from the DP people who still didn't understand why anyone would want to print nice-looking documents. "That's not computing; where are the numbers? It's just typing, and has nothing to do with computers."
This was the story with nearly everything new that came along. It was first developed on small machines, and bought individually by people who found it useful for the job. Eventually, the central IT people noticed and got similar things, but that was usually years later.
And management has always loved big machinery, while most of the technical advances in computing have always been done on the smallest, cheapest computers. Now we're seeing the newest stuff coming out for the smallest laptops and handhelds. We can guarantee that Congress's new computers aren't like that; they're probably some pretty big boxes in comparison, or maybe a bunch of "blade" machines in tall racks. So Congress isn't really keeping up with the times; it's moving into the late 1980s.
But it's about time. And probably lots of Congresspeople are using their "notebook" and "smartphone" computers, while not much thinking of them as related to the machines in their new data center. In another decade or two, this will have its effects, and there will be news stories about another major reorg in the data centers.
... can be had orders of magnitude cheaper with Linux clusters. ...
And right there we have the answer to the earlier comment about "... there's something in the constitution about separation of data centres ...".
In management circles, worship of IBM (and His Son Microsoft) now qualifies as an ancient religion that is sorely challenged by the flock of Protestant religions based on various unix (and its bastard offspring linux) computer systems. The US Constitution is clear in forbidding Congress to make any laws concerning religions, and this obviously includes its own religions. So decisions concerning which software to use can't be decided by law; it must be left up to the whims of individual Congresspersons, perhaps guided by holy Committees.
As a Google Voice user, I was confused when I tried to call a free conference call service and my phone never rang. ... They could at least explain WHY they're not allowing the call to go through.
Maybe what google needs to do is produce a little popup that says something like "This call can't be completed for free because [telco name] charges $x.yz per minute for the connection. Would you like to pay for this connection with a charge card? [YES] [NO]".
They might include a link to a page explaining the charges and the FCC's role in the issue. They could get a few digs in at AT&T while they're at it. This could get across to users what's going on, and put some slight social pressure on the FCC to do something reasonable to fix it.
I wonder how difficult it would be for Google Voice to figure out the telco name and the $x.yz charge, and tell them to the user? In my experience, it can be very difficult for software to discover who's responsible for the various links in a connection. This is carefully hidden from applications by the "layer" structure of the protocols. I've often wanted to have such data for debugging reasons, and it's generally not available via the runtime libraries that I have available. But maybe some of the bright folks at google have a way to get at the information. After all, the software (in some layer) does somehow know not to make the connection.
The mails asked users to log in to "Hotmail" using a convenient link in the email, because their account would soon "time out" if it was not used.
Yeah, and I've been getting phishing messages like that for several years now, at all of my email accounts. So why is it suddenly a big story? Did the MSM reporters just now discover this kind of attack? Or maybe there has been a huge increase in the incidence recently? Or maybe someone at /. just learned about what's been going on for years? I haven't noticed any major increase, though I might not because the filters on my accounts are all reasonably good at spotting them and tossing them out.
So why is this a news story? Is it just because some "important" users of hotmail got bitten by it?
But why are people surprised, that if you operate in a country, you will have to abide by the laws of that country?
Because generally this isn't true.
First, you only need to obey laws that are enforced. This is often less than half the laws that are on the book; the others you only need to worry about if you offend someone in power.
Second, the enforced laws can often be ignored, with care, plus a few, uh, contributions to the right people in the government. This is as true in the US as elsewhere, and often goes by the name "campaign contributions".
For example, consider the company formerly known as Blackwater USA, then Blackwater Worldwide, and now Xe Services LLC. It's a private military contractor, with headquarters in North Carolina, USA. Google will find you a lot of information about its history (and probably a bit of misinformation here and there). It fairly obviously operates outside the law in various parts of the world, as a supplier of private "protection units", and a good number of local people have died during some of its operations. This is widely documented in the media, but you'll have trouble finding any successful prosecutions of the company or its officers under any nation's laws.
Blackwater is merely one of the more notorious of such companies. It's easy to find others. Thus, as we've been hearing lately, there are illegal movie and music copying operations all around the world, often done in the labs of "legit" companies. The (non-pharmaceutical) drug business is operating illegally almost anywhere, and usually only the lowest-grade employees have any danger of arrest or prosecution, while the officers and shareholders become wealthy. (Of course, a good part of their wealth often goes to paying their private armed guards. ;-) Most such corporations operate quite openly, as they must if they are to succeed as retail-sales organizations. But they are rarely taken to court, despite the generally illegal nature of their main business.
The idea that corporations "have to" obey laws anywhere is a bit naïve; the reality is sometimes rather different.
So if the company does something illegal, let the shareholders be personally responsible and serve time for the company's crime.
Probably a good idea. But it goes against the basic reason that corporations exist. If you dig into the history, you'll find that one of the primary motives in creating such legal entities was to insulate the officers and shareholders from legal liabilities. The whole point of a corporation's existence is to allow the people running it to say "I didn't do it; the corporation did". Stockholders' fines for corporate criminal behavior is usually limited to their investment, and it's exceedingly rare for such fines to be imposed. Instead, the corporation is fined.
Of course, there were and are other reasons for corporations, such as different tax laws. For example, here in the US and many other places, people pay income tax on their full income, while corporations pay tax on only their "profits". A corporation can deduct all expenses of doing business; if a living human tries the equivalent and doesn't pay taxes on the portion that they pay for food and/or shelter, they are likely to end up with a good fine or jail time. (Yes, tax laws often make some portion of such things deductible, but rarely all of them.)
Also, a corporation usually doesn't pay the same taxes on equipment (vehicles, machinery, office supplies, whatever) that a human would pay. This is why individuals or families sometimes form corporations. That way, equipment can be bought and owned by the corporation, not the individual. This is also used to avoid inheritance taxes, since the deceased didn't own the money or building or equipment; the family corporation did, and it didn't die.
In all of these examples, we see that the corporation relieves the people running it from legal liability for something. Usually it's liability for taxes, which are lower for corporations. But all too often, the laws only impose a minor fine on a corporation for actions that would be criminal violations if a human did them.
There was a fun bit of journalistic "research" a few years ago in the US, that consisted in tallying the punishments that the courts gave to corporations for actions that resulted in deaths, such as contaminated food, incorrect medicines, overly dangerous equipment of various sorts, etc. The bottom line was that corporations were on average fined about $300 per documented death. This is a whole lot "better" than the sentences handed down to killers that are humans. It explains why many corporations consider criminal law to be not much more than a minor tax on their business operations, and why such fines often have little effect on corporate behavior. If the likely fine is less than the profit, there's no reason a corporation shouldn't do it.
It's true that in a few especially egregious cases, the officers have been charged and tried for their part in the actions. But it's pretty rare that they are actually convicted of anything.
See also last week's PartiallyClips comic.
I have to wonder why you would think anyone knows to look for green bars.
So what's a green bar? Is it something that a browser does? Where would I see one, so that I can recognize them when I don't seem them?
I have a dozen browsers installed on this Macbook, and looking around at their windows, I don't seem to see anything I'd call a "green bar" in any of them. So are you saying that none of them are safe? Note even the ones that are showing a page on my own web site (which I've been testing on all the browsers)? ;-)
Hmmm ... Some readers seem to have missed the point that it was (quite consciously) written in the form of a fawning news report copied from a corporate press release. So of course it's full of rhetoric that hides the fact. That's what Marketing does, y'know.
Our house has had Windows, Mac, and linux (ubuntu, knoppix and OLPC right now) systems for a long time now. The interesting case is my wife's machines. She has long worked for several local medical organizations (HMOs), and at work everything is Microsoft (with IBM mainframes). She has also worked part-time from home for several years now, because she gets so much more done there where the schmoozers can't reach her). So she has always had to have a Windows machine at home. She hates it, and loves her Mac(s).
But for the past year, she has no longer had a "Windows machine" at home; she just has "Windows". The reason is that she replaced her creaky old Mac Powerbook with a new iMac (with a huge screen). While talking to the folks at the Apple Store, she learned about that new "virtual" stuff, and along with the iMac, she took home disks for the software that would install a virtual XP. After it had been working for a couple of weeks, fully networked via VPN with her office network, she donated her old Windows box to me, and I reformatted it as a linux machine that's our firewall/gateway/etc.
So, while she has a Mac and a Windows machine, they're the same machine, her iMac. A couple of months ago, she decided that another laptop would be really useful, so she got a Mac Powerbook - and installed a virtual XP on it. A month ago, we were on vacation a couple thousand miles away, and she impressed the folks at work by connecting to the office network from her Mac/XP via VPN, and helped them out with some problems they were having. Actually, it didn't impress everyone, because most of the employees are Mac users at home, and several of them had already followed her lead when they got their new Macs.
There are a couple of interesting possibilities implied by this. One is that, if you like Macs but "need Windows for work", there's no need to pay for any hardware for your Windows machine. You might want to get an extra GB or two of memory, since Windows is a bit of a hog. And you'll have to learn how to get one of the Mac's several virtualization schemes to work. You will have to pay (somebody ;-) for a release of Windows. But you can run it on your Mac., and you're free of the hassle of dealing with the Microsoft-based hardware market. She has also found that the Apple Store people and online Mac forums can answer questions much better than, say, Dell Customer Support can. In a few years this might have an, uh, "interesting" effect on the PC market.
Another thing to think about is the problem of crappy security on Windows. It's hard to get a straight story on this, but there are hints that the "jail" (or "sandbox" if you prefer) that Windows runs in under OS X is significantly more secure than Windows on a bare machine. We'd like to learn more about this, because as I mentioned, my wife does computing work for medical organizations. Here in the US, people are waking up to the serious problems with the (overly slow) computerization and networkization of medical data. Some fairly stringent security requirements are being written into law for medical data. And the medical industry almost everywhere runs on MS Windows, the most insecure system on the market. It doesn't take a genius to see the problem here.
Virtualization has the potential of at least limiting the damage from the latest exploits, since Windows is run under the control of another system that has better security. We know from the history of IBM's VM system that this can be effective, assuming that the low-level system is accessible to knowledgeable developers (which isn't always true in the small-computer market). But imposing security on an insecure system that has "no user serviceable parts inside" isn't easy, so we can't really say how effective this will be.
Her management never allowed upgrading to Vista, in part because they learned about the network-update (discussed here on /. several times) that can't be disabled for some portions of the system software. They und
There's a relevant comic on the topic over at PartiallyClips. The business world has a long tradition of not distinguishing "unethical" or "immoral" from "illegal". The legal and law enforcement communities do understand the distinction, and generally don't show great interest in going after things that are legal, no matter how unsavory they may be.
Yeah, just as with the ancient technique of the "finger on the scale", or padding various products (especially food) with small amounts of extra junk. It's perfectly natural for sellers to hoodwink customers in such ways, and if the customers are dumb enough to fall for it, they deserve what they get, right?
Suppose you're building an application using two DLLs, let's call them A and B. Both depend on a third DLL named C. Now, suppose A uses C version X, and B uses C version Y. You're screwed, right? Not with SxS, since that allows multiple versions of C to be loaded. That's the real added value of SxS.
Huh? Microsoft's compilers and linkers have allowed this for ages. The difference is that it's now a feature, not a bug.
There was a study of MS's binary apps years ago (and I thought it was reported here, but I don't seem to find it in the archive), which analyzed the contents of the binary files. It was found that there were typically many copies of various library routines, sometimes 10 or more copies. They even had duplicated local data blocks. This was presented as a bug at the time, and an explanation of why MS's binaries required so much memory.
But now this practice is called "side-by-side", and it's considered a feature. Which, of course, means that it never will be fixed, and users can look forward to even more bloated programs that contain copies of all the versions of a routine that have ever been released.
It's sorta like extending the concept of a CMS into the binaries of apps. No longer will all those old versions be kept on the sidelines, off in obscure libraries. They will all be right there in the binary, ready to be loaded into memory if they are ever needed.
Who was it that has congratulated the software industry for consistently undoing all the amazing hardware advances of the past decades by responding to bigger memories and faster processors by making the software use more memory and cpu cycles? SxS is a major step forward in this technique, and promises to lead to major increases in memory sales in the near future. And all it took was realizing that a practice that had been considered sloppy wastefulness of memory was actually a valuable new feature for backwards compatibility.
I don't consider Tatu YlÃnen [sic] here as a bad guy. What he has given to the world free of charge is 1) the SSH v1 protocol specification, 2) the SSH v1 open source implementation, and 3) the SSH v2 protocol specification. On top of that he has managed to make a living off of the SSH v2 code, and he certainly has the right to do that.
Presumably the problem is the thing about trying to use the legal system to stop OpenSSH. If he had cooperated with the open branch, while building a private company to sell the closed branch, most people would have probably accepted it without comment. After all, there's a portion of the market who believe that closed, proprietary software is more secure than open software. It's quite appropriate to make a closed, proprietary version of any open software to satisfy them.
One could argue that it's better if both branches are in fact identical, so that they interoperate well and there's reason to expect that the closed version doesn't contain any backdoors. But that's probably being too trusting, and the closed branch should always be treated with suspicion by knowledgeable people. "What are they hiding in it that they don't want us to know about?" But we know that there are a lot of people in management who don't trust anything that's open, and rather than seeing them use some separate package that probably contains all kinds of undiagnosable holes, it's better if a closed-source edition can be made available just for them.
It's also appropriate to market an expensive edition of the closed version, specially tailored for that part of the market who believe "You get what you pay for". ;-)
Other than that, OpenSSH is possibly one of the most capable and reliable pieces of software I've ever had the privilege to use.
Oh, I dunno about that. Right now, I've again been seeing an OpenBSD/OpenSSH failure mode that has plagued a bunch of us for years, and nobody seems to be able to find a clue about what's wrong.
The scenario is a flock of unix/linux machines of various makes, models and release numbers, with ssh/scp/... used between them. All of the machines work together pairwise, except for when one of the pair is the FreeBSD machine. With that one, an ssh or scp gets through just fine, and works for a while, but then it simply hangs, and neither end gets any more traffic for hours. There's lots of evidence that the problem is in SSL on the FreeBSD machine. One bit of evidence is that I often have connections to it from several different machines, and all of them hang at the same time. While they're hung, I can make a new ssh connection, which works fine, and I can verify that 1) the processes on that end are all still running, but 2) they're not receiving data or errors from the SSL link. Also, killing the processes on either end of the connection has no effect on the other end. But it's not the machine's low-level networking that's at fault, because other kinds of connections survive the event without problems. Turning ssh's debug level way up doesn't help; neither end sees any problems during the hang. It's not a Comcast-like blocking from the ISP, because links via different ISPs hang simultaneously.
Questions about this on various forums have gotten no replies other than "You must have something configured wrong" without any hints as to what config error might produce such problems. And it doesn't help that the problem isn't reliably reproducible. Sometimes things will work for weeks. Then, as happened in an ssh session from this Macbook just before I hit Reply here, the connection will suddenly hang in the middle of typing a command to the remote shell, and a quick check (in a couple of other windows ssh'd to the same FreeBSD machine) will show that they're all hung, too, including the one that was running a "top" command that halted during the same second.
Anyone here know if this problem has been successfully diagnosed anywhere? Google doesn't seem to be our friend this time, e.g., "ssh hangs" gets some 8 million hits, but they all seem to be about hangs during initialization or exit. This hang is during routine use, usually noticed when the echoing stops while typing something. Adding other keywords for google doesn't seem to help, because what are the right keywords to describe a hang that appears randomly during routine use and isn't related to anything you can name?
It is impressive that we haven't been able to get this particular misbehavior on any of the other OSs that we have available. We've only seen it when one end is FreeBSD, and it survives upgrades of the OS and OpenSSH. It has been around for a while, though. On one of the FreeBSD systems where it happens, "ssh -v" gives "OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004", so the problem has been around at least that long. It happened a few days ago with a new FreeBSD installation on another machine in the lab.
Note that this hang isn't a failure to connect or disconnect. Those work fine. It happens "for no apparent reason", during an ssh or scp (or rsync) session that has been working fine up to that point. And it appears to happen to all SSL-based connections to the FreeBSD system at the same time, to within a second or so.
Actually, what would be really useful is a technique for asking google (or some other fine search site) about this topic, and not get buried by millions of comments about similar problems during the connect or disconnect phase. The problem with search sites is that there seem to be an uncountable number of different keywords used to talk about startup/shutdown or login/logout or connect/exit/ or whatever, and no matter how many of t
Isn't this the way that the information network is suposedly done in Diamond Age? As long as the encryption is good enough and the bandwidth wide enough, there's no reason such a system couldn't work.
Somewhere around here, I have some of the docs from the early days of the ARPAnet, pre-Internet and in the late 1960s. I remember well a number of discussions of the way that these docs included pictures that were 1) completely wireless, and 2) included relaying by pretty much every gadget. The intent from the first was that if there was a data path between two nodes that wanted to talk, the software would find a path and deliver their packets to each other. This was funded by the military, as you'll all recall, so the equirements included the possibility that relay nodes were coming on- and off-line randomly, often because someone was shooting at them as they came on-line. The military wanted routing software that would rapidly route around damage and get the packets through. (Has anyone here heard the phrase "route around damage"? ;-)
In the 1980s, I poked around a bit at MIT's ChaosNet, which was based on the same concepts: Everything is a relay, and if there's a data path, the data will be delivered. We did a few experiments chaining together machines with RS-232 crossover cables, firing up the "chaos" drivers, and watching the last node on the chain connect to a remote machine. I don't recall how long a chain we had, but we got it so the last one was pretty slow.
Lots of us have been disappointed for some four decades now, that we don't yet have total wireless interconnection with everything acting as a relay as needed. A while ago, I played with some OLPCs, and sure enough, they've implemented this idea. If you carry an OLPC into an area where there are others, it becomes part of the local mesh, and if any of them has access to the Internet, they all do. Most of us don't have this, because the commercial world is still dragging their feet on such concepts after all these decades, and only a few groups of people here and there actually have software that does it. (I have wondered whether the OLPC really does a good job of this, but none of my neighbors have one, so I can't experiment with it easily. I did one test of a chain of 4 machines, where the first could see my home gateway, and the others could see at most 2 neighbors. The last one could use the Internet, and was visibly slow but usable.)
And in other places, people are trying to implement this, not knowing (or caring?) that others have worked on it before them. And others continue to argue against the practicality, with the same arguments we've heard before. Yes, we need better batteries, but that's no reason we can't work on full mesh networks now (or 30 years ago). Yes, we need to encrypt everything; the security folks have been recommending end-to-end encryption for decades and we have software that can do it. We (or more often the commercial suppliers) just refuse to supply systems that put it all together. Part of it is the comm companies, who don't want total interconnection; they want everyone to pay them for data transport, and they want to be able to see all the data as it passes through their relays. Part of it dummies who don't want their computer to forward packets for others, and aren't smart enough to understand the result of others behaving the same way.
Amongst all the wide-eyed discussions of the miracles of modern technology, we occasionally are reminded of things that we could have had long ago, if we'd been smart enough to force the vendors to include them.
(And I expect replies that mention flying cars ... ;-)
Oh, I dunno; I'm not too impressed by the way that the stars near galactic north and south are spread out into lines. This image doesn't use the best sort of sphere-to-plane projection. I wonder if we can get it in a better projection? I'm not sure I even want to see what looks like if I try to zoom in on the polar regions.
There is no such thing as an irrefutable origins theory.
Another suggestion I've read and sorta like is that if the biblical creation theory is correct, then God must have faked all the geology and fossil records. If they were put there by some Devil, God (being omniscient and omnipotent) must have permitted it. This means that God wants us to believe that the world is old and has gone through a long evolutionary process to produce His living creatures, and Darwin was just explaining to us what God wants us to believe. If God wants us to believe this, someone who doesn't believe in evolution is violating God's will.
So far, I haven't heard any religious reply to this. They've gotta have heard it by now. So how do they reply to it? Anyone have a link?
Oops, that should be "provable", not "irrefutable".
And, of course, lots of "philosophy of science" type writers like to point out that scientists and their scientific methods never actually "prove" anything. That's what mathematicians do, not scientists. Rather, the conventional scientific approach is a double negative: An accepted theory is one that can't be disproved. The standards are high; you can't just make up a theory that can't be disproved because it can't be tested at all (e.g., the Last Thursday Theory or biblical creationism). To be in the running, a proposed theory ("hypothesis") must be "falsifiable", i.e., there must be a test that someone can actually do that could disprove the hypothesis if things turn out right. To be really accepted, there must be a series of such tests, actually carried out by different people who aren't cooperating with each other, and the proposed theory must pass all the tests. And even then, many scientists consider it good form to think up new ways to test an accepted theory. One thing about Einstein's Relativity Theory is how many people have thought up really crazy-sounding new tests, each of which could debunk General Relativity. But this hasn't happened yet. So it's generally accepted that the universe actually obeys General Relativity. But anyone who comes up with a good test that it flunks will have a guaranteed place in science-history texts for a long time, so people keep testing it in new ways.
But this is far to complex for the minds of your typical religious and/or media folks, who usually can't handle a double negative (and often reduce it to a simple negative).
Evolutionary Theory is an interesting case, because unlike Einstein's theory, evolution hasn't been reduced to a set of precise equations that can be easily tested. But it turns out that quite a lot of tests are possible, and have been done, with results that are well within the (admittedly large) error bounds of what the theory predicts. So it is generally accepted in a high-level fashion, with lots of details still to be worked out. Thus, Darwin et al didn't know about DNA, and its discovery led to lots of ways to test the evolutionary process, all of which supported Darwin's theory (if sometimes in a modified form). But it is materially harder to test well than most theories in physics. Everything in biology is like that.
Now if the String Theory folks could just come up with a few tests that can actually be done in our universe, and which could debunk the theory. Well, maybe next year ...
Anyway, one good way to test someone's credentials as a science writer is to see whether they accept the phrase "scientific proof". If they do, they're not actually scientists. And a good science writer should be able to explain (to reasonably intelligent people ;-) what's wrong with that phrase. Some writers do use the phrase while knowing what's wrong with it, but they can rephrase what they write so that it's correct (and less understandable by dummies). We can give them a little slack, though we should challenge anyone who talks about scientific proof in a serious manner. We should verify that they understand that there's no such thing; there are just theories that are accepted for now because they've passed all the tests that we've managed to perform that could have disproved them but didn't.