I think that the ATM is in Baker Hall. This probably means it's near the philosophy department (but it might be near the civil engineering department).
As philosophers go, it's a technical department. But that doesn't mean they want to hear a loop of Beethoven and Talking Heads all day long. It's not really in the job description.
And then they'd pass after they see you can't use contractions.... of course Data couldn't either... but do THEY know that?
Insightful criticism from someone who can't keep a sentence in one tense.
There are two tenses in his sentence, no doubt ("would pass", "couldn't [use]" and "can't use", "do know"). But is it grammatically incorrect? I don't think it is.
"I wouldn't date a woman works on an oil rig." This sentence has the same features as his quote, but I don't think it's incorrect. You cannot change either tense and retain meaning.
(Please correct me if "wouldn't date" isn't a different tense than "works". I don't know diddly about grammar.)
Meanwhile PJ at Groklaw is busy tearing them a new one over mentioning her in one of their propaganda blasts. Good reading. Hate to have her as one of my enemies.
In my humble but honest opinion, PJ comes off a touch embarrassing in that article. At least, I cringed a bit when I read the following.
Frankly, I think they should pay to relocate me. And Linux Insider needs to print a retraction, making it clear that they were mistaken about my having any ties to IBM. As for SCO's immoral attacks, and that of others, I leave that to God and to history. But one thing is for sure, if anything bad happens to me, you will know who is responsible.
As usual, I appreciate what PJ does. She really provides a great service for the community. But in all honesty, I wish she hadn't come out quite so paranoid in that piece.
InfoWorld is reporting that SCO intends to sue a Linux using company. Ordinarily, this would not be newsworthy...
Every single time that SCO has threatened a customer (with or without a deadline), it's been reported here in Slashdot. Since "ordinarily" it would not be reported, we must conclude that these announcements have coincidentally been exceptional. The odds are so low that every such announcement has been exceptional that I must conclude that God is on SCO's side and therefore Linux is doomed (not even the devil will help, since he's likely partial to BSD).
I hope that Slashdot editors understand that with great power comes great responsibility. Now I must question my faith since it appears that, while there is an all-powerful diety, he's one of the bad guys, fighting on the side of proprietary software, frivolous lawsuits and the monopolies that fund them.
I'd hate to think that this bleak metaphysical outlook is due only to haphazard diction on the part of the editor.
I have two posts in this thread. Both of them have been marked overrated, despite the fact that neither of them had been previously rated. It's hard for an unrated post to be overrated, ain't it?
What the heck is the point of that? Is it merely to avoid later "meta-moderation"? Is it to avoid affecting the karma of the poster? What the heck?
(At least, if you want to moderate this down, be honest and mark it offtopic and not overrated.)
At best, the notion that patches are the source of all exploits is a logical fallacy.
Doesn't seem like a fallacy to me. Let's suppose that they are correct when they say that exploits for a particular vulnerability are far more likely once a patch has been released than prior to the release. Is it an instance of the post hoc fallacy to claim that exploits are likely due to the release of patches?
Not at all, as far as I can tell. Not only is there a fairly large number of repetitions[1] of the data (so that coincidence is less likely), but there is a causal story which explains the relationship between patch release and exploits. Namely, the patches can be analyzed to deduce what the vulnerability is, facilitating the creation of an exploit.
The post hoc fallacy occurs when there is no explanation of how the preceding event could cause the subsequent, and typically when there are few incidents of the two events (at least, I distinguish between a post hoc fallacy and a failure to distinguish the difference between correlation and causation, but maybe that's just me).
None of this is intended to support Microsoft's factual claims, but if they are correct that the number of exploits dramatically increases after patch releases, then they are not guilty of fallacious reasoning to suggest that the exploits are often due to the patch release.
[1] Yes, yes, I know. When discussing Microsoft security, every line is the setup for a punchline.
The real question though is: If the patch can be exploited, is it a patch? Yes, I know that they are analyzing the patch to attack unpatched machines, but to claim that vulnerabilities are not present before patches are released is circular logic.
But they didn't claim that there were no vulnerabilities before the patch. They said there were no exploits in the wild before the patch. (I'm not defending this claim. I wouldn't know.)
Now, for my pedant point. Claiming there were no vulnerabilities, had they done so, wouldn't be circular logic in any meaningful sense. It would be an abuse of the laws of causality, perhaps, requiring that patches cause vulnerabilities -- yes, yes, I know. Often Microsoft patches do. But not in the requisite sense.
We lost our rights and our liberty a long time ago, when most of you bowed down before the war on drugs.
I'm slowly getting used to it. You should too.
Gosh, all of us guys that bowed down before the war on drugs are mighty glad you're so forgiving and stoic in the face of our failures. We will try, like you, to get used to the new tyranny, but I fear that we just haven't your courage in the face of adversity.
Anyway, thanks for the advice!
-- signed, The lowly yellow-bellies unworthy to stand in your shadow.
That aspect of the game was always both one of my favorite and most hated parts.
I liked it because it meant that players concentrate on simply playing. They don't calculate odds (they can't, since Paranoia gamemasters are encouraged to be arbitrary for the sake of humor). They are ignorant of possible outcomes. It helped the gameplay considerably, I thought.
On the other hand, it meant that I couldn't share much of the funniest part of the rules with my players. Sometimes very frustrating.
Paranoia! Late night playing sessions in the dormitory bathroom (helped the atmosphere of the game somehow). Jeez, what a game.
Of all the old roleplaying games, the only one I still own and cart with me when I move is Paranoia. I'll probably never play it again, but I can't bear to get rid of such an entertaining rulebook.
Good luck with the next edition. It will be hard to write a book that stands up well next to the original.
Spoke to someone in Microsoft Support today, they told me it was less than 1% of the OS code.
In the first discussion on this topic, I mentioned the oft-quoted claim that the total source code is somewhere near 40 gig (estimate attributed to at least one "analyst), while only one CD worth was leaked. I asked whether 40 gig could even be a reasonable estimate.
One of the respondents said he's putting together a Linux distro that weighs in at under 6 gig at the moment. I still don't know whether the 40 gig is reasonable or not.
Anyway, evidently Microsoft's support staff wants to increase the bloat figure by 50%. If 600M is less than 1% of the source, then the source for Windows 2000 must be 60 gig.
(Yeah, yeah, I know. The alternative is the too unlikely to be believed theory that the MS support guy was talking out his ass.)
"The 203MB file expands to just under 660MB, he said, noting that the final code size almost perfectly matches the capacity of a typical CD-ROM. The entire source code, he said, is believed to be about 40GB, meaning that the file circulating Thursday is only a fraction of the full code base." Security consultant Dragos Ruiu, as quoted at zdnet.
Can this be true? Can the Windows 2000 source code really be forty gig? What is he counting as source code?
My Linux 2.6.0 kernel source tree is 348M. Of course, Windows will have the GUI as part of their kernel source, but for X, that's just another 279M. Yeah, okay, so toss in the source for the MS equivalent of window managers, and perhaps some other utilities, but still...
You screwed up. You are part of the problem with/.not the solution.
Dropping such a false and out-of-place jab in the story contributes to Slashdot's notoriety for biased reporting. We could blame the editors for approving your rediculous write-up but you deserve admonishment too.
And what about Slashdot's reputation for arrogant and haughty respondents with silly hairs up their asses? Who's to blame for that reputation?
The "Big Brother" comment was just a throwaway line. No one took seriously any implication that Microsoft was spying or otherwise invading the privacy of the hiker.
As far as Slashdot's reputation for biased journalism: It's well deserved, but it is a feature of the site and not a failing, near as I can figure. Slashdot is not a paragon of the traditional American view of journalists who dispassionately report the news as if they had no compelling interest one way or the other. It is a geek site, written by geeks and for geeks and it doesn't bother me a bit that the contributors' opinions are easy to see in their writing -- just so long as the story also contains suitable references to other sources of information, including (where relevant) traditional sources of journalism.
From SCO's qanda (note: "FAQ" has taints of the GPL about it, don't it?): 1. Why did SCO create the Intellectual Property (IP) License for Linux?
Many customers are concerned about using Linux since they have become aware of the allegations that Linux is an unauthorized derivative work of the UNIX(R) operating system. These customers unknowingly received unauthorized copies of SCO intellectual property and many are running critical business applications on Linux. Customers have come to SCO asking what they can do to respect and help protect the rights of the SCO intellectual property in Linux. SCO has created the Intellectual Property License for Linux in response to these customers needs.
Leave these poor servants of the public interest alone, willya? Geez.
I don't think that's completely valid. For example: Assume if I am seeing flying penguins, then I am smoking crack. Given that I am not seeing flying penguions,... Well, that has no real bearing on whether I'm completely stoned out of my gourd.
No, but the fact that you think this is a counterexample proving the invalidity of modus tollens is pretty good evidence you're stoned.
Let P be the condition that you see flying penguins, and Q the condition that you're stoned. It is valid, given P -> Q and ~Q to conclude ~P. Hence, if you're not stoned, then you don't see the flying penguins.
Lame bastard. Why don't you RTFA like zidslaw suggests in this post.
Stealing from his post, we see:
2003-11-27 confirmed receipt from: secure microsoft com
2003-12-03 Note from Microsoft, Form protection "is not intended as a full-proof protection for tampering or spoofing, this is merely a functionality to prevent accidental changes of a document", request additional time to update Microsoft Knowledge Base article.
Targetting beginning of January 2004 for release of this advisory.
from: "Magnus"
(No flamebait mods, please. I'm allowed to criticize my own damn post.)
Because the very best encryption in the world may be difficult to implement, or may run afoul of exportation restrictions, we should not complain when Microsoft pretends to include password protection, but the protection is easily defeated?
I don't suppose that anyone would complain if MS used a reasonable protocol and a flaw was later discovered (append usual Slashdot caveat). But this password-to-modify protection is so lame that Microsoft has responded by claiming that some entries on the "security tab" aren't intended to add security.
There may be grey areas, where it's not clear if the security measures are enough or not. This doesn't seem to be one of them grey areas.
Another example of wishful thinking somehow being passed off as insightful.
The fact that MS used a lame scheme for this password does not mean that every password protection scheme can be broken. Nor does it mean that every security protocol is fundamentally flawed.
Not that I am suggesting that DRM is likely to succeed. In fact, I don't think that this password is a good example of DRM. But, generally, DRM seems to have some special difficulties that, say, standard security protocols for key exchanges don't have.
On the other hand, whenever I start opining on DRM and the difficulties it has, I'm probably talking out my ass, so I'll shut up now. My first two paragraphs still stand.
The DMCA prohibits distribution of the means to circumvent copyright protection mechanisms, if I understand matters correctly (probably not). This password-to-modify feature does not seem to be a copyright protection mechanism.
At least not until some lawyers get together and dub it so.
Slashdot Mirror
I think that the ATM is in Baker Hall. This probably means it's near the philosophy department (but it might be near the civil engineering department).
As philosophers go, it's a technical department. But that doesn't mean they want to hear a loop of Beethoven and Talking Heads all day long. It's not really in the job description.
Sharing without attribution is plagiarism. It is a shame, not a benefit.
And then they'd pass after they see you can't use contractions.... of course Data couldn't either... but do THEY know that?
Insightful criticism from someone who can't keep a sentence in one tense.
There are two tenses in his sentence, no doubt ("would pass", "couldn't [use]" and "can't use", "do know"). But is it grammatically incorrect? I don't think it is.
"I wouldn't date a woman works on an oil rig." This sentence has the same features as his quote, but I don't think it's incorrect. You cannot change either tense and retain meaning.
(Please correct me if "wouldn't date" isn't a different tense than "works". I don't know diddly about grammar.)
Meanwhile PJ at Groklaw is busy tearing them a new one over mentioning her in one of their propaganda blasts. Good reading. Hate to have her as one of my enemies.
In my humble but honest opinion, PJ comes off a touch embarrassing in that article. At least, I cringed a bit when I read the following.
Frankly, I think they should pay to relocate me. And Linux Insider needs to print a retraction, making it clear that they were mistaken about my having any ties to IBM. As for SCO's immoral attacks, and that of others, I leave that to God and to history. But one thing is for sure, if anything bad happens to me, you will know who is responsible.
As usual, I appreciate what PJ does. She really provides a great service for the community. But in all honesty, I wish she hadn't come out quite so paranoid in that piece.
InfoWorld is reporting that SCO intends to sue a Linux using company. Ordinarily, this would not be newsworthy...
Every single time that SCO has threatened a customer (with or without a deadline), it's been reported here in Slashdot. Since "ordinarily" it would not be reported, we must conclude that these announcements have coincidentally been exceptional. The odds are so low that every such announcement has been exceptional that I must conclude that God is on SCO's side and therefore Linux is doomed (not even the devil will help, since he's likely partial to BSD).
I hope that Slashdot editors understand that with great power comes great responsibility. Now I must question my faith since it appears that, while there is an all-powerful diety, he's one of the bad guys, fighting on the side of proprietary software, frivolous lawsuits and the monopolies that fund them.
I'd hate to think that this bleak metaphysical outlook is due only to haphazard diction on the part of the editor.
They should've fined him for a million dollars instead of throwing him in jail, no doubt.
So he breaks even? Not much deterrent, is it?
Well, I'm not losing sleep over jail time. I guess I'm just cold.
I have two posts in this thread. Both of them have been marked overrated, despite the fact that neither of them had been previously rated. It's hard for an unrated post to be overrated, ain't it?
What the heck is the point of that? Is it merely to avoid later "meta-moderation"? Is it to avoid affecting the karma of the poster? What the heck?
(At least, if you want to moderate this down, be honest and mark it offtopic and not overrated.)
At best, the notion that patches are the source of all exploits is a logical fallacy.
Doesn't seem like a fallacy to me. Let's suppose that they are correct when they say that exploits for a particular vulnerability are far more likely once a patch has been released than prior to the release. Is it an instance of the post hoc fallacy to claim that exploits are likely due to the release of patches?
Not at all, as far as I can tell. Not only is there a fairly large number of repetitions[1] of the data (so that coincidence is less likely), but there is a causal story which explains the relationship between patch release and exploits. Namely, the patches can be analyzed to deduce what the vulnerability is, facilitating the creation of an exploit.
The post hoc fallacy occurs when there is no explanation of how the preceding event could cause the subsequent, and typically when there are few incidents of the two events (at least, I distinguish between a post hoc fallacy and a failure to distinguish the difference between correlation and causation, but maybe that's just me).
None of this is intended to support Microsoft's factual claims, but if they are correct that the number of exploits dramatically increases after patch releases, then they are not guilty of fallacious reasoning to suggest that the exploits are often due to the patch release.
[1] Yes, yes, I know. When discussing Microsoft security, every line is the setup for a punchline.
The real question though is: If the patch can be exploited, is it a patch? Yes, I know that they are analyzing the patch to attack unpatched machines, but to claim that vulnerabilities are not present before patches are released is circular logic.
But they didn't claim that there were no vulnerabilities before the patch. They said there were no exploits in the wild before the patch. (I'm not defending this claim. I wouldn't know.)
Now, for my pedant point. Claiming there were no vulnerabilities, had they done so, wouldn't be circular logic in any meaningful sense. It would be an abuse of the laws of causality, perhaps, requiring that patches cause vulnerabilities -- yes, yes, I know. Often Microsoft patches do. But not in the requisite sense.
We lost our rights and our liberty a long time ago, when most of you bowed down before the war on drugs.
I'm slowly getting used to it. You should too.
Gosh, all of us guys that bowed down before the war on drugs are mighty glad you're so forgiving and stoic in the face of our failures. We will try, like you, to get used to the new tyranny, but I fear that we just haven't your courage in the face of adversity.
Anyway, thanks for the advice!
-- signed, The lowly yellow-bellies unworthy to stand in your shadow.
Knowing the rules is Treason...
That aspect of the game was always both one of my favorite and most hated parts.
I liked it because it meant that players concentrate on simply playing. They don't calculate odds (they can't, since Paranoia gamemasters are encouraged to be arbitrary for the sake of humor). They are ignorant of possible outcomes. It helped the gameplay considerably, I thought.
On the other hand, it meant that I couldn't share much of the funniest part of the rules with my players. Sometimes very frustrating.
Sorry, I'm not familiar with that one.
When did it come out? I stopped playing RPGs some time around 1989 or so. Maybe a little earlier.
Paranoia! Late night playing sessions in the dormitory bathroom (helped the atmosphere of the game somehow). Jeez, what a game.
Of all the old roleplaying games, the only one I still own and cart with me when I move is Paranoia. I'll probably never play it again, but I can't bear to get rid of such an entertaining rulebook.
Good luck with the next edition. It will be hard to write a book that stands up well next to the original.
Spoke to someone in Microsoft Support today, they told me it was less than 1% of the OS code.
In the first discussion on this topic, I mentioned the oft-quoted claim that the total source code is somewhere near 40 gig (estimate attributed to at least one "analyst), while only one CD worth was leaked. I asked whether 40 gig could even be a reasonable estimate.
One of the respondents said he's putting together a Linux distro that weighs in at under 6 gig at the moment. I still don't know whether the 40 gig is reasonable or not.
Anyway, evidently Microsoft's support staff wants to increase the bloat figure by 50%. If 600M is less than 1% of the source, then the source for Windows 2000 must be 60 gig.
(Yeah, yeah, I know. The alternative is the too unlikely to be believed theory that the MS support guy was talking out his ass.)
"The 203MB file expands to just under 660MB, he said, noting that the final code size almost perfectly matches the capacity of a typical CD-ROM. The entire source code, he said, is believed to be about 40GB, meaning that the file circulating Thursday is only a fraction of the full code base." Security consultant Dragos Ruiu, as quoted at zdnet.
Can this be true? Can the Windows 2000 source code really be forty gig? What is he counting as source code?
My Linux 2.6.0 kernel source tree is 348M. Of course, Windows will have the GUI as part of their kernel source, but for X, that's just another 279M. Yeah, okay, so toss in the source for the MS equivalent of window managers, and perhaps some other utilities, but still...
Is 40 gig a reasonable estimate? Really?
You screwed up. You are part of the problem with /.not the solution.
Dropping such a false and out-of-place jab in the story contributes to Slashdot's notoriety for biased reporting. We could blame the editors for approving your rediculous write-up but you deserve admonishment too.
And what about Slashdot's reputation for arrogant and haughty respondents with silly hairs up their asses? Who's to blame for that reputation?
The "Big Brother" comment was just a throwaway line. No one took seriously any implication that Microsoft was spying or otherwise invading the privacy of the hiker.
As far as Slashdot's reputation for biased journalism: It's well deserved, but it is a feature of the site and not a failing, near as I can figure. Slashdot is not a paragon of the traditional American view of journalists who dispassionately report the news as if they had no compelling interest one way or the other. It is a geek site, written by geeks and for geeks and it doesn't bother me a bit that the contributors' opinions are easy to see in their writing -- just so long as the story also contains suitable references to other sources of information, including (where relevant) traditional sources of journalism.
Silly, overbearing and self-important freak.
Note that Bradley claimed to be referring to the NT logon procedure. Full quote is from this video.
Note as well that he was obviously joking when he said he meant the NT logon procedure. See the video.
and you think that his opinion of who's hot and who's not is misguided, due to hanging out with Slashdot geeks?
From SCO's qanda (note: "FAQ" has taints of the GPL about it, don't it?):
1. Why did SCO create the Intellectual Property (IP) License for Linux?
Many customers are concerned about using Linux since they have become aware of the allegations that Linux is an unauthorized derivative work of the UNIX(R) operating system. These customers unknowingly received unauthorized copies of SCO intellectual property and many are running critical business applications on Linux. Customers have come to SCO asking what they can do to respect and help protect the rights of the SCO intellectual property in Linux. SCO has created the Intellectual Property License for Linux in response to these customers needs.
Leave these poor servants of the public interest alone, willya? Geez.
I don't think that's completely valid. For example: Assume if I am seeing flying penguins, then I am smoking crack. Given that I am not seeing flying penguions, ... Well, that has no real bearing on whether I'm completely stoned out of my gourd.
No, but the fact that you think this is a counterexample proving the invalidity of modus tollens is pretty good evidence you're stoned.
Let P be the condition that you see flying penguins, and Q the condition that you're stoned. It is valid, given P -> Q and ~Q to conclude ~P. Hence, if you're not stoned, then you don't see the flying penguins.
Which is what he said.
Lame bastard. Why don't you RTFA like zidslaw suggests in this post.
Stealing from his post, we see:
2003-11-27 confirmed receipt from: secure microsoft com
2003-12-03 Note from Microsoft, Form protection "is not intended as a full-proof protection for tampering or spoofing, this is merely a functionality to prevent accidental changes of a document", request additional time to update Microsoft Knowledge Base article.
Targetting beginning of January 2004 for release of this advisory.
from: "Magnus"
(No flamebait mods, please. I'm allowed to criticize my own damn post.)
Any idea how to find the last-modified time of that page?
I don't get it.
Because the very best encryption in the world may be difficult to implement, or may run afoul of exportation restrictions, we should not complain when Microsoft pretends to include password protection, but the protection is easily defeated?
I don't suppose that anyone would complain if MS used a reasonable protocol and a flaw was later discovered (append usual Slashdot caveat). But this password-to-modify protection is so lame that Microsoft has responded by claiming that some entries on the "security tab" aren't intended to add security.
There may be grey areas, where it's not clear if the security measures are enough or not. This doesn't seem to be one of them grey areas.
Another case of "if you build it I'll break it"
Anything built by man can be cracked by man.
Another example of wishful thinking somehow being passed off as insightful.
The fact that MS used a lame scheme for this password does not mean that every password protection scheme can be broken. Nor does it mean that every security protocol is fundamentally flawed.
Not that I am suggesting that DRM is likely to succeed. In fact, I don't think that this password is a good example of DRM. But, generally, DRM seems to have some special difficulties that, say, standard security protocols for key exchanges don't have.
On the other hand, whenever I start opining on DRM and the difficulties it has, I'm probably talking out my ass, so I'll shut up now. My first two paragraphs still stand.
The DMCA prohibits distribution of the means to circumvent copyright protection mechanisms, if I understand matters correctly (probably not). This password-to-modify feature does not seem to be a copyright protection mechanism.
At least not until some lawyers get together and dub it so.