Sigh. Yet another project that took the money from the people, and took away the results from the people. That's rediculous. If "we the people" paid for research, then "we the people" should get the result. It should be a rule that all government-funded research software must be released as open source software (unless it's classified or for some other reason can't be released to the public in any form)... at least by default. If someone wants to develop proprietary software, then they should be investing their own money, not taking mine. Why am I not getting what I paid for?
Spamhaus didn't respond at all originally, but shouldn't an appeals court be able to reverse a decision and say, "Spamhaus, you're right"? This is a freedom of speech issue. Anyone (including Spamhaus) should be able to say "X is a spammer" if X is, indeed, a spammer. And although anyone has a right to speak, others have a right to choose not to listen; if people don't want to listen to anyone Spamhaus doesn't like, it's their decision.
NONE of these should have been granted a U.S. patent. This is ridiculous!
U.S. law (Section 101 of Title 35 U.S.C.) defines what is patentable subject matter: "Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title." Gestures are not processes, machines, manufactures, or compositions of matter, so they are NEVER supposed to be patented.
Gestures are basically signals, and signals are specifically NOT patentable. The Federal Circuit has ruled that signals are not statutory subject matter, because articles of manufacture (the only plausible category) do not include intangible, incorporeal, transitory entities (in In re Nuitjen, 500 F.3d 1346 (Fed. Cir. 2007)).
This is another example of unwarranted interference by the government in the free market. Is there really a need to grant monopolies to companies for specific gestures? No. It's not justified by any law. What's more, it harms society. Just imagine if each car company had to have a radically different interface due to patents - it would harm safety! This just worsens the digital divide, with no legal or societal justification.
We need the courts to require a re-review of every patent, at no cost to defendants, before any case is tried, and for the courts to assume that the patent office is a registration of claim, not anything meaningful. There are too many bad patents to believe otherwise.
(Disclaimer: I'm not a lawyer, and speak only for myself. I'm sure not impressed by the work of some lawyers, though.)
Both Fedora and Ubuntu will reap benefits, because they will end up packaging many of the results.
But even more importantly, people around the world will reap the benefits. Not only immediately (from these projects), but even more importantly, but also from all the amazing work these developers will do in the years ahead because they they learned how to collaboratively develop software.
Good job.
I *like* to help people. Providing password-less wireless access is a nice way to help others. I don't do it at the moment, but only because of time pressures; I hope to do this in the future. It'd be best if there was a common convention that "no password means anyone can use" because there's no other way to make that obvious. In the meantime, I suggest using "public" somewhere in the network name, so that people will know that you're intentionally providing a service to others. Bruce Schneier has similar comments.
Actually, to be patent independent does NOT "require significant differences in their implementation". They just need to avoid or invalidate the patent claims, which are often really narrow. For more information, see Andrew Tridgell on Patent Defence. Which is why the statement that "VP8 is similar to H264" can be both true and a non-problem.
You jest, but it really is hard right now. Not because calculations are hard (they're obviously easy), but because the laws of every state/county/city/etc. categorize stuff differently, and the tax amount depends on the category. You need an across-the-country standard of tax categories, so that for each product you can correctly categorize it (and then figure out the tax). Quoting the article, there are "7,500 different taxing jurisdictions in the United States, each with a set of very precise rules describing what can and can't be taxed and at what rate. That makes it challenging terrain for retailers to navigate. In New Jersey, for instance, bottled water and cookies are exempt from sales tax, but bottled soda and candy are taxable. In Rhode Island, buying a mink handbag is taxed, but a mink fur coat is not". If there was a standard set of categories across the country, then it'd be easy. So if taxing jurisdictions want to collect the dollars, they're going to have to work out (AND AGREE ON) a standard.
Can no one look up and confirm well-known facts? Heck, this stuff is still within living memory.
The article claims that EDSAC was the "first working stored-program computer" and that is just wrong.
The Manchester Small-Scale Experimental Machine [often known as "Baby"] was the first stored-program computer, not EDSAC. Baby was operational on June 1948;
EDSAC didn't run anything until May 1949. Please don't play semantics with the word "working"; Baby worked, and in any case, all of these early computers were wimpy if you measure by storage or speed. EDSAC is important in computer history - don't take anything away from THAT - but let's get the facts right.
Once again, it's clear that fuzzing is really useful for testing security. Not that it's a be-all/end-all, but people developing secure software should be using fuzzers. It's unfortunate that this fuzzer's "design can make it unexpectedly difficult to get clean, deterministic repro"; without deterministic repros, it's often really hard to find and fix the problem.
Um, what? It's hard to estimate profit margins, but Daniel Eran Dilger estimates that Microsoft has a 66% profit margin on Office and 81% on Windows. That's far beyond typical profit margins, so such prices are not "rock bottom".
In theory, you can live without cable/internet/cell/phone, just as you can live without roads. But unless you already have a lot of farmable land (think Amish), you cannot realistically survive. If you wish to have most jobs, or start a business, you need to be able to communicate. Internet is no longer a luxury for many.
In most cases realistically useful Internet access is only provided by monopolies or duopolies. Regulation should be limited, but in the case of monopolies, they are often necessary.
In this case, it's necessary.
The "trusting trust" attack is a nasty attack, but there is a counter-measure. Diverse double-compiling can detect compiler executables subverted by the "trusting trust" attack. See my paper for more, if you're curious.
Actually, the U.S. administration has already admitted that the current export control system is messed up.
In April 2010
U.S. Defense Secretary Robert Gates called for a major overhaul of America’s export control regime, saying the current system is outdated, hurts America’s competitiveness, and does not adequately protect national security.
Of course, admitting there's a problem is not the same as making a change that solves it (or makes it better), but at least they know there are problems and are trying to find solutions.
I particularly like this part: "One major culprit is an overly broad definition of what should be subject to export classification and control. The real-world effect is to make it more difficult to focus on those items and technologies that truly need to stay in this country. Frederick the Great’s famous maxim that “he who defends everything defends nothing” certainly applies to export control."
If they do the real job effectively, and don't cost too much more, they should do it. In fact, I'd like to see these worldwide. If human-shaped ones don't have enough legs, then animal-shaped ones might be good alternative (dinosaurs? dogs? dragons?).
Today's pylons do the job, but let's face it, they're ugly. If we have to dot our landscapes with pylons, we should at least make them interesting.
There are two spaces between each sentence. Period. You want more space between sentences than between words, so that it is easier to parse. Don't give me garbage that this is done automatically; programs have trouble doing this automatically because they can't tell the difference between the period at the end of a sentence ("Jack jumped.") and the end of an abbreviation ("Dr. Williams jumped."). Especially when abbreviations can occur at the end of a sentence (!). There are other ways to do it, but they're all far more painful and tend to get lost when data gets transferred.
Yes, HTML loses this if you don't use non-breaking spaces, but that's irrelevant. HTML is not the be-all of typography, it loses LOTS of typographical information. If typography is critical to you, you need to use formats like OpenDocument format (editable) or PDF (practically read-only).
You stated that "the vast majority of users have Adobe Reader installed to view PDF files, and they will not know why or how they should change to something else". That may be true, but that explains why we have so many security problems in the first place.
The more people that say, "Product X has too many security problems, I will switch to product Y", the faster the maker of product X will wake up and eliminate security vulnerabilities. Or disappear, leaving room for whoever makes product Y. Making a secure program is not rocket science; the principles have been known since the mid-1970s, and there is lots of freely-available information on how to do it (e.g., see my Secure Programming material). But developers will only do that if there is a reason to do so.
If most users accept whatever product they have, as if it appeared by magic from the heavens, then unsurprisingly, the maker of that product will not improve the product.
People should be rising up and saying, "Your product keeps having security problems, ones your competitors don't have. So I'm switching to a competitor". If enough people do that, security problems will be a rare event. So, let's get people to say "I'm not going to take it any more!!" Then, Adam Smith's invisible hand will cause products to either get better in a hurry, or disappear into their rightly-deserved rubbish bin.
The emancipation proclamation was actually two executive orders, one in 1862 and a follow-on one in 1863. As executive orders, the emancipation proclamation could indeed have been rescinded by a later president. However, on December 6, 1865, the 13th amendment was adopted, forbidding slavery in a way that a future executive order can't undo. Of course, the price of freedom is eternal vigilance.
I agree that handling weird filenames can be tricky; see Fixing Unix/Linux/POSIX Filenames for more.
The biggest problems aren't specific to shell, though, but are general complications that apply to all languages:
Control Characters (such as Newline), Leading Dashes, and non-UTF-8 characters.
As far as using shell to handle filenames with spaces, double-quotes, and so on, the answer is pretty simple.
First, always begin shell scripts with:
IFS=`printf '\n\t'`
This means that the "space" character is no longer special, and this eliminates 99% of your problems.
Second, whenever you USE (instead of set) a variable, use "$variablename" instead of $variablename.
If variablename can only contain alphanumeric characters, you don't need to do this (though it doesn't hurt).
Third, when you want a list of "filenames in this directory", use
for x in./*
instead of
for x in *
so that filenames beginning with "-" won't get you (this is a problem for all languages, not just shell).
Follow those rules, and the vast majority of "problems" go away. You can have filenames with double-quote characters, for example, as long as you reference them with "$variablename" instead of $variablename, it's not a problem (shell is smart enough to not interpret them twice).
Of course, if you want things even easier, support the idea of limiting filenames in Linux/Unix as I discuss in
Fixing Unix/Linux/POSIX Filenames for more.
H.264 is not an open standard.
H.264 is a standard, but being a standard doesn't make it open, in the same sense that being a door doesn't make it open:-).
There are
several definitions of "open standard", and patent-encumbered standards like H.264 fail nearly all of them:
The "Digital Standards Organization" (digistan.org) definition of "free and open standard"; among its requirements, "The patents possibly present on (parts of) the standard are made irrevocably available on a royalty-free basis." I think this is an especially good definition of "open standard".
The European Union adopted a definition of "open standard" in its European Interoperability Framework, and one of its requirements is that "The intellectual property - i.e. patents possibly present - of (parts of) the standard is made irrevocably available on a royalty-free basis." and "There are no constraints on the re-use of the standard".
One of the most popular (by Google reference) definitions is Bruce Perens', which requires
"3. No Royalty: Open Standards are free for all to implement, with no royalty or fee."
Microsoft's Vijay Kapoor, national technology officer, Microsoft, defines "open standard" as: 'open' refers to it being royalty-free, while 'standard' means a technology approved by formalised committees that are open to participation by all interested parties and operate on a consensus basis. An open standard is publicly available, and developed, approved and maintained via a collaborative and consensus driven process." Since H.264 is not "royalty-free", it fails this definition.
We don't need a new "digital divide". The web should be inclusive, not exclusive.
The creator of the World Wide Web, Tim Berners-Lee, said: "The decision to make the Web an open system was necessary for it to be universal. You can't propose that something be a universal space and at the same time keep control of it."
Slashdot Mirror
Sigh. Yet another project that took the money from the people, and took away the results from the people. That's rediculous. If "we the people" paid for research, then "we the people" should get the result. It should be a rule that all government-funded research software must be released as open source software (unless it's classified or for some other reason can't be released to the public in any form)... at least by default. If someone wants to develop proprietary software, then they should be investing their own money, not taking mine. Why am I not getting what I paid for?
Spamhaus didn't respond at all originally, but shouldn't an appeals court be able to reverse a decision and say, "Spamhaus, you're right"? This is a freedom of speech issue. Anyone (including Spamhaus) should be able to say "X is a spammer" if X is, indeed, a spammer. And although anyone has a right to speak, others have a right to choose not to listen; if people don't want to listen to anyone Spamhaus doesn't like, it's their decision.
NONE of these should have been granted a U.S. patent. This is ridiculous!
U.S. law (Section 101 of Title 35 U.S.C.) defines what is patentable subject matter: "Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title." Gestures are not processes, machines, manufactures, or compositions of matter, so they are NEVER supposed to be patented.
Gestures are basically signals, and signals are specifically NOT patentable. The Federal Circuit has ruled that signals are not statutory subject matter, because articles of manufacture (the only plausible category) do not include intangible, incorporeal, transitory entities (in In re Nuitjen, 500 F.3d 1346 (Fed. Cir. 2007)).
This is another example of unwarranted interference by the government in the free market. Is there really a need to grant monopolies to companies for specific gestures? No. It's not justified by any law. What's more, it harms society. Just imagine if each car company had to have a radically different interface due to patents - it would harm safety! This just worsens the digital divide, with no legal or societal justification.
We need the courts to require a re-review of every patent, at no cost to defendants, before any case is tried, and for the courts to assume that the patent office is a registration of claim, not anything meaningful. There are too many bad patents to believe otherwise.
(Disclaimer: I'm not a lawyer, and speak only for myself. I'm sure not impressed by the work of some lawyers, though.)
Both Fedora and Ubuntu will reap benefits, because they will end up packaging many of the results. But even more importantly, people around the world will reap the benefits. Not only immediately (from these projects), but even more importantly, but also from all the amazing work these developers will do in the years ahead because they they learned how to collaboratively develop software. Good job.
The Real Science Gap basically makes the same point - the jobs are horrible for scientists, so lots of smart people avoid the field.
I *like* to help people. Providing password-less wireless access is a nice way to help others. I don't do it at the moment, but only because of time pressures; I hope to do this in the future. It'd be best if there was a common convention that "no password means anyone can use" because there's no other way to make that obvious. In the meantime, I suggest using "public" somewhere in the network name, so that people will know that you're intentionally providing a service to others. Bruce Schneier has similar comments.
Actually, to be patent independent does NOT "require significant differences in their implementation". They just need to avoid or invalidate the patent claims, which are often really narrow. For more information, see Andrew Tridgell on Patent Defence. Which is why the statement that "VP8 is similar to H264" can be both true and a non-problem.
You jest, but it really is hard right now. Not because calculations are hard (they're obviously easy), but because the laws of every state/county/city/etc. categorize stuff differently, and the tax amount depends on the category. You need an across-the-country standard of tax categories, so that for each product you can correctly categorize it (and then figure out the tax). Quoting the article, there are "7,500 different taxing jurisdictions in the United States, each with a set of very precise rules describing what can and can't be taxed and at what rate. That makes it challenging terrain for retailers to navigate. In New Jersey, for instance, bottled water and cookies are exempt from sales tax, but bottled soda and candy are taxable. In Rhode Island, buying a mink handbag is taxed, but a mink fur coat is not". If there was a standard set of categories across the country, then it'd be easy. So if taxing jurisdictions want to collect the dollars, they're going to have to work out (AND AGREE ON) a standard.
Wow, what an inspiring story! Someone who worked to help others, to the very end. My congrats to him, and my condolences to his family.
Can no one look up and confirm well-known facts? Heck, this stuff is still within living memory. The article claims that EDSAC was the "first working stored-program computer" and that is just wrong.
The Manchester Small-Scale Experimental Machine [often known as "Baby"] was the first stored-program computer, not EDSAC. Baby was operational on June 1948; EDSAC didn't run anything until May 1949. Please don't play semantics with the word "working"; Baby worked, and in any case, all of these early computers were wimpy if you measure by storage or speed. EDSAC is important in computer history - don't take anything away from THAT - but let's get the facts right.
... in the air, anyway. As a technique to "engage the public in the science of environmental pollution" this might even help.
Once again, it's clear that fuzzing is really useful for testing security. Not that it's a be-all/end-all, but people developing secure software should be using fuzzers. It's unfortunate that this fuzzer's "design can make it unexpectedly difficult to get clean, deterministic repro"; without deterministic repros, it's often really hard to find and fix the problem.
Um, what? It's hard to estimate profit margins, but Daniel Eran Dilger estimates that Microsoft has a 66% profit margin on Office and 81% on Windows. That's far beyond typical profit margins, so such prices are not "rock bottom".
In theory, you can live without cable/internet/cell/phone, just as you can live without roads. But unless you already have a lot of farmable land (think Amish), you cannot realistically survive. If you wish to have most jobs, or start a business, you need to be able to communicate. Internet is no longer a luxury for many.
In most cases realistically useful Internet access is only provided by monopolies or duopolies. Regulation should be limited, but in the case of monopolies, they are often necessary. In this case, it's necessary.
The "trusting trust" attack is a nasty attack, but there is a counter-measure. Diverse double-compiling can detect compiler executables subverted by the "trusting trust" attack. See my paper for more, if you're curious.
I'm posting this, from a Linux desktop. It doesn't look dead to me.
You're talking about the trusting trust attack, which was made famous by Ken Thompson.
Thankfully, you can counter the "trusting trust" attack using a technique called "Diverse Double-Compiling" (DDC). See the linked PhD dissertation for details.
Actually, the U.S. administration has already admitted that the current export control system is messed up. In April 2010 U.S. Defense Secretary Robert Gates called for a major overhaul of America’s export control regime, saying the current system is outdated, hurts America’s competitiveness, and does not adequately protect national security. Of course, admitting there's a problem is not the same as making a change that solves it (or makes it better), but at least they know there are problems and are trying to find solutions. I particularly like this part: "One major culprit is an overly broad definition of what should be subject to export classification and control. The real-world effect is to make it more difficult to focus on those items and technologies that truly need to stay in this country. Frederick the Great’s famous maxim that “he who defends everything defends nothing” certainly applies to export control."
If they do the real job effectively, and don't cost too much more, they should do it. In fact, I'd like to see these worldwide. If human-shaped ones don't have enough legs, then animal-shaped ones might be good alternative (dinosaurs? dogs? dragons?).
Today's pylons do the job, but let's face it, they're ugly. If we have to dot our landscapes with pylons, we should at least make them interesting.
Nope. The Soviet Union had, as a major ideological objective, "the elimination of religion and its replacement with atheism as a fundamental ideological goal of the state. Toward that end, the communist regime confiscated church property, ridiculed religion, harassed believers, and propagated atheism in the schools.". Marx even said, " Religion is the opium of the people". And yet, we had the Cold War, and many people here will remember their invasion of Afghanistan.
There are two spaces between each sentence. Period. You want more space between sentences than between words, so that it is easier to parse. Don't give me garbage that this is done automatically; programs have trouble doing this automatically because they can't tell the difference between the period at the end of a sentence ("Jack jumped.") and the end of an abbreviation ("Dr. Williams jumped."). Especially when abbreviations can occur at the end of a sentence (!). There are other ways to do it, but they're all far more painful and tend to get lost when data gets transferred.
Yes, HTML loses this if you don't use non-breaking spaces, but that's irrelevant. HTML is not the be-all of typography, it loses LOTS of typographical information. If typography is critical to you, you need to use formats like OpenDocument format (editable) or PDF (practically read-only).
You stated that "the vast majority of users have Adobe Reader installed to view PDF files, and they will not know why or how they should change to something else". That may be true, but that explains why we have so many security problems in the first place.
The more people that say, "Product X has too many security problems, I will switch to product Y", the faster the maker of product X will wake up and eliminate security vulnerabilities. Or disappear, leaving room for whoever makes product Y. Making a secure program is not rocket science; the principles have been known since the mid-1970s, and there is lots of freely-available information on how to do it (e.g., see my Secure Programming material). But developers will only do that if there is a reason to do so.
If most users accept whatever product they have, as if it appeared by magic from the heavens, then unsurprisingly, the maker of that product will not improve the product.
People should be rising up and saying, "Your product keeps having security problems, ones your competitors don't have. So I'm switching to a competitor". If enough people do that, security problems will be a rare event. So, let's get people to say "I'm not going to take it any more!!" Then, Adam Smith's invisible hand will cause products to either get better in a hurry, or disappear into their rightly-deserved rubbish bin.
The emancipation proclamation was actually two executive orders, one in 1862 and a follow-on one in 1863. As executive orders, the emancipation proclamation could indeed have been rescinded by a later president. However, on December 6, 1865, the 13th amendment was adopted, forbidding slavery in a way that a future executive order can't undo. Of course, the price of freedom is eternal vigilance.
I agree that handling weird filenames can be tricky; see Fixing Unix/Linux/POSIX Filenames for more. The biggest problems aren't specific to shell, though, but are general complications that apply to all languages: Control Characters (such as Newline), Leading Dashes, and non-UTF-8 characters.
As far as using shell to handle filenames with spaces, double-quotes, and so on, the answer is pretty simple.
First, always begin shell scripts with: IFS=`printf '\n\t'` This means that the "space" character is no longer special, and this eliminates 99% of your problems.
Second, whenever you USE (instead of set) a variable, use "$variablename" instead of $variablename. If variablename can only contain alphanumeric characters, you don't need to do this (though it doesn't hurt).
Third, when you want a list of "filenames in this directory", use for x in ./*
instead of
for x in *
so that filenames beginning with "-" won't get you (this is a problem for all languages, not just shell).
Follow those rules, and the vast majority of "problems" go away. You can have filenames with double-quote characters, for example, as long as you reference them with "$variablename" instead of $variablename, it's not a problem (shell is smart enough to not interpret them twice).
Of course, if you want things even easier, support the idea of limiting filenames in Linux/Unix as I discuss in Fixing Unix/Linux/POSIX Filenames for more.
H.264 is not an open standard. H.264 is a standard, but being a standard doesn't make it open, in the same sense that being a door doesn't make it open :-).
There are
several definitions of "open standard", and patent-encumbered standards like H.264 fail nearly all of them:
We don't need a new "digital divide". The web should be inclusive, not exclusive. The creator of the World Wide Web, Tim Berners-Lee, said: "The decision to make the Web an open system was necessary for it to be universal. You can't propose that something be a universal space and at the same time keep control of it."