Why would you want to do that? Seriously. Who wants a half patched system?
BTW. You can do this with windows too. It applies the patches, anything that can't be replaced is scheduled to be replaced at next reboot. Then it tells you that you need to reboot and gives you the option of telling it again in a few minutes that you want to reboot later.
This creates a file, opens it for read+write and immediately deletes it. It is available as a temp file until it is fclose'ed.
Not according to my man pages (which could be wrong):
The tmpfile() function generates a unique temporary filename. The temporary file is then opened in binary read/write (w+b) mode. The file will be automatically deleted when it is closed or the program terminates normally.
Fundamentally it's a bad idea anyway. As programmers we need to stop thinking we're clever and start thinking about operational issues. If you've got a bunch of applications on your system all consuming invisible data, how can you choose which one to kill to resolve an out of space situation? Yes, I know there are ways to figure it out by inspecting private kernel data structures with tools like lsof, or waddling around in/proc, or even just loading up your favorite debugger. But get real.
I understand what he said, I just don't think it really makes any sense. Any piece of software can have an exploit of limited publicity (eg. known only to black hats.) In fact you should be assuming that every piece of software you have does have bugs. And acting accordingly.
Microsoft's process serves multiple purposes. First, it lets them have a process in place for developing patches, regression testing, packages, getting sign-offs from management, etc. all under a known schedule, process and time table. Secondly it allows people to know when to expect to receive patches. So your own internal processes can accommodate this.
Microsoft has released patches for issues that are considered high risk outside of their regular schedules. So it's not like you're going to be stuck waiting when there is a major and significant issue.
Another consideration is that end users have already planned their security environments around the idea that all software has bugs and vulnerabilities. A remote exploit in SQL server doesn't mean that the system is suddenly owned by every script kiddie on the internet. Anyone running SQL server is going to have deployed it under some controls. Their vulnerability will be limited. Getting it patched will be a priority, but not the most important thing associated with that particular deployed system. The is to say, day to day operations will continue until IT has scheduled time to apply the patch. As such, the exact delivery date of the patch is usually not the most important thing in the world, Friday... Tuesday... same difference.
I still love the ability to replace in-use libraries.
You can't replace in use libraries. You can only choose to run multiple versions of the same libraries. And it can cause problems. Private interfaces can change and next thing you know you've randomly shuffled line items between thousands of invoices.
Otherwise, it maximises the uptime of your server, so that you only need to restart programs that actually use your library when you want to.
Don't take this wrong, but I'd never hire you as my server admin. The uptime of your server is irrelevant. Patch when it suits your needs, follow the proper procedure. Don't sit around playing thought experiments on your production systems.
How do you know you haven't introduced a significant probability of data corruption with your X.org patches? You have active processes using old libraries and new processes using new libraries. Unless you personally have audited every line of code changed and understand the entirety of the change and how it interacts with the rest of the system, it's impossible to know that your system is not silently eating your data.
Unix doesn't really have the capability of deleting an in use file. You can get rid of the name but anything that had the file open will continue to use the original file. If the application uses dlopen then you can easily enter into a situation where you have mismatches between patched library X and unpatched library Y.
I'm a unix admin by trade. Just wanted to get that out there before I said my next bit....
I'd be very impressed by any unix system that allows you to patch libc or the run-time linker without requiring a reboot to get the patch active in all processes.
This is a stupid idea though. It saves the administrators some hassle, but if Microsoft is putting out a patch for a vulnerability then don't you think that maybe, just maybe, the hackers already know about the vulnerability and are actively exploiting it?
That's a nonsensical argument. You could make the same argument for any piece of software at anytime. So it's a useless factor in your analysis of the criticality of the particular issues addressed by any particular patch.
Each individual user should be deciding how important a particular patch is. For the vast majority of consumers this is pretty much impossible. For them it makes plenty of sense for Microsoft to establish the patching process and schedule, eg. to provide a service that a business IT department would typically provide.
For businesses, again, it's up to them to determine what their exposure happens to be for each software application and OS. There's no way that a statement can be made that is relevant to industry as a whole.
Hell, I'm running XP Home and only went to the extent of saying "notify me of patches, but don't download or install them." It pops up the balloon saying "we got patches for you" and then I can choose when to download and install. It doesn't take much in the way of rupert science.
While it's not exactly a security problem (if you don't count self inflicted DOS attacks) but the continuing lack of a linux sky2 ethernet driver that doesn't lock up sets the bar pretty low.
But ultimately, you have to decide. Are you going to compare a transmission to a car? Or are you going to compare a car to a car?
Now all you've got to do is fake up an email from your bank, send it to yourself. Then when you fall for the trick you'll have your username/account number and passwords. You are truly a l33t hax0r.
I think your are painting an overly rosy picture. ext vs. ffs or ext vs. ufs. Either one would have been sufficient to never had had extfs except that somebody had NIH syndrome. You also have two (or three depending on how you look at it) different efforts to get NTFS working. The funniest bit is that two of the three efforts are from one team of people, the code just sucked enough to throw it entirely away and start from scratch, and just for giggles give the appearance of a new project.
In generally commercial software development is always more efficient than ad-hoc open source development, if only because there is a real budget that is being spent. People don't amble through the project quite as much.
* And now that I look at that wikipedia page, I get to wondering why the GP linked to it as some list of Linux supported filesystems....
Tell me again how OSS teams aren't reinventing the wheel?
(Also, I like how "supported" file systems seems to mean anything that may read some data from some type of files off of the target FS. Let's forget about writing, or supporting some of the esoteric oddities that have been developed.)
I'll buy that, to some extent, but how does that go so far as to posting his email address and phone number? I wouldn't have had a problem had you said something along the lines of 'Looking at his website, QuantumG works for an antivirus company and writes programs and writes software for a living. It seems hypocritical to, on the one hand, benefit from the copyright system and, on the other hand, blast that same system as being not in line with what society wants.' (Please correct me if that's not your opinion. I think it's in line with what you've been saying, but I could be wrong.) But you chose to post specifically personal information (email address and phone number) rather than generally personal information (area and focus of work and website). I still hold that this is potentially harassing behavior and moved into libelous when you said, as QuantumG, "I'm about the least creative human being on the planet as all my interests revolve around taking other people's work."
But your phrasing of what you would have felt better about isn't the same at all as saying QuantumG's real name is X, his current phone number is Y, and his email is Z. Providing three pieces of information, well four really, makes it possible for people who have an interest in Trent to recognize that he is QuantumG as opposed to just someone with the same name. (The fourth piece of information is that he lives in Australia which can be gleaned from the country code on the phone number.) He links to two different sources of information about himself on every post he makes here. Going to those you can find his real name, phone number, and address. You have a legally unsupported view of what constitutes harassment if you consider posting publicly available information harassment. If you read his areas of interest, it's all reverse engineering, decompiling, and duplicating someone else's product. Adding that to his expressed desires to get free entertainment, I think a case can be made for his not being creative and wants the results of other people's labor for free. (Yes, I know that some creativity can be expressed through reverse engineering, but less than is expressed from creating something new.)
A whopping three replies (four, counting yourself) doesn't really make for overwhemling evidence either way. And I think the way you phrased that is telling. I'm saying your position on copyright was not evident from what you posted.
Yeah, three compared to zero (one counting you) in this little subthread. On a website that generally favors entitlements, socialism, and ignoring copyright. Three people disagreed and zero took the time and effort to agree. Other people have disagreed with him in other parts of this story. Sorry that the way I phrased my response was unclear to you. If you'd read my other posts in those story, my position is quite clear.
Going the opposite direction, there are definite cases in US history where laws have been changed in direct contrast to "what society wants" for "its own good." (Civil rights being the primary case that comes to mind, but there are others.) Likewise, there are cases where the government bowed to private interest at the expense of the electorate: prohibition - of alcohol and other substances - bowing in to use of publicly funded property by cable companies and phone companies, etc. The US is a republic, not direct democracy. What you're saying sounds strikingly similar to Liebniz' "best of all possible worlds" rationalization and I'd say it's as naive a concept as his was.
It's only naive if you want to say that an unfunded, disorganized minority is the same as society. Society as a whole gets what it wants. You provided two great examples yourself. Prohibition, a tiny minority pushed for prohibition, it passed. Then it was repealed when society decided against it. And the civil rights movement succeeded because the majority wanted it. While there was significant and vocal opposition, laws changed because that's is what society as an aggregate wanted.
Because your average rape victim doesn't want to be comforted, supported and counseled by a man shortly after another man has raped them. That's a simplistic statement, but it's generally true.
So they're saying that charging type-1 diabetics more for health insurance is going to become illegal? And no longer will they be able to not hire men for work at rape crisis centers? And sperm banks will be required to accept donations from women? This sounds like socialized medicine via the back door.
I responded to the parts of your post that were worth responding to. Your claim that I did something harassing or libelous is just wrong. Reposting information that someone has chosen to make public is not harassment or libelous. Reading someone's writings and drawing a conclusion is not harassment or libelous. Receiving someone's explicit permission to copy their name, credit report, medical history, etc. is not harassment or libelous. So why would I take time to respond to that?
I did not say "copying (and distributing) information about a specific individual does not benefit society," merely that the way you copied and distributed that information was not beneficial to society. If you'd like to discuss the larger issue, I'd be happy to.
Given that Mr. Waddington is likely to continue to have employment in his chosen field of expertise, I think making the connection between the pseudonym that he uses to express his views on IP and his real life identity is a benefit to society. Since he is a professional software developer, those views are highly relevant to potential employers. And to your claims that I am attacking him, don't be silly. I'm just letting him be accountable for his words and contrasting his actions with his words. Don't you weigh people's actions against their words when judging the person?
As to my opinion on the idea that society doesn't want copyright law, I think the fact that there have been more unique posters responding that disagree with him than have agreed with him supports my evident position.
Additionally I would suggest that the continued existence of copyright laws would demonstrate that society wants them. Some might claim that the copyright lobby is buying legislation to keep laws around in the face of the will of society. That is a fallacy. Society has an option to elect someone who will ignore the financial incentives provided by the copyright lobby. Society has more money that the copyright lobby. So even if they couldn't elect representatives that would enact their will, they could pay more to enact their will. And yet we still have copyright laws.
What I would like to see is somebody giving real numbers as to what portion of society has chosen to ignore copyright law. Instead all I see in posts are vague claims that "much of society" ignores copyright. What does that mean?
The only fundamental difference between your credit report and a Linkin Park compact disc is who wants the information and who wants to receive value for the information. That and the fact that a Linkin Park CD is the creation of a small team of people and your credit report is actually the statements of a series of second parties who are describing their interactions with you. So a Linkin Park CD is arguably their's while your credit report is arguable not yours, but rather about you.
Your last sentence fails to convey useful information because it's too broad. A "reasonable price" for someone who doesn't want to pay for an item is zero. A "reasonable price" for someone who has invested thirty million and five years in the creation of an item might be sixty million. Not to mention that nobody has an obligation to publish, or republish, anything.
More in the vein of this thread, the parent said "Society no longer sees restrictions on copying entertainment to be for its own benefit." This is in contrast to how you copied information which, I would argue, does not benefit society.
I think you'd have a very hard time demonstrating that society sees copyright the way it is being asserted repeatedly in this thread. The reality is is most members of society know that it takes investments of expertise, skill, time, and yes even money to create all this entertainment. That entertainment wouldn't exist without the restrictions that are being claimed to not be in the interest of society.
Additionally, while you could argue that copying (and distributing) information about a specific individual does not benefit society, I would say that there is a very significant number of people who would disagree. Landlords, bankers, employers, investors, girlfriends/boyfriends, neighbors, etc. would all gain from knowing extended biographical and historical information.
Given that the original poster, QuantumG, Trent Waddington, is a software developer at Symantec for a living it's quite ironic that he takes the position that he does regarding copyright law. His entire lifestyle is predicated upon copyright protection. Additionally, future employers would be fully justified in taking his disdain for intellectual property protection into account when considering him for employment.
Do you think he'll post a license key generator for Veritas Storage Foundation? My guess is he won't because when it comes to peeing in his own drinking water, his beliefs are quite different from when it comes to peeing in somebody else's well.
Everything I posted was already public information available to anyone who took a moment to click around on the net. The only change is that now a simple search on Yahoo, Google, Microsoft, etc. will attach his real name to his posts here on slashdot.
And don't you think that employers might want to see how he has taunted people because of their religion?
Or that he doesn't respect others' physical property rights either. And gloats in his abuses as well.
The difference between the GPL and BSD licenses is not a matter of software freedom. It's a matter of telling other people what to do. If what you cared about was writing and giving aware software for free then you wouldn't need a license at all. What you want is other people's software for free. Big difference. It's kind of like thinking that everybody should have free shelter, like living in someone else's building for a summer without ever paying rent, and then letting any random bum live in your house with you and your wife/SO.
I dunno. But I'd love to take this conversation private. My email address is Trent.Waddington@gmail.com or Trent.Waddington.x@gmail.com. Why don't you sign me up for your newsletter? Or call me at +61-404-020-659. I'm about the least creative human being on the planet as all my interests revolve around taking other people's work.
Slashdot Mirror
Why would you want to do that? Seriously. Who wants a half patched system?
BTW. You can do this with windows too. It applies the patches, anything that can't be replaced is scheduled to be replaced at next reboot. Then it tells you that you need to reboot and gives you the option of telling it again in a few minutes that you want to reboot later.
Effectively the exact same thing. Half patched.
Not according to my man pages (which could be wrong):
Fundamentally it's a bad idea anyway. As programmers we need to stop thinking we're clever and start thinking about operational issues. If you've got a bunch of applications on your system all consuming invisible data, how can you choose which one to kill to resolve an out of space situation? Yes, I know there are ways to figure it out by inspecting private kernel data structures with tools like lsof, or waddling around in
I understand what he said, I just don't think it really makes any sense. Any piece of software can have an exploit of limited publicity (eg. known only to black hats.) In fact you should be assuming that every piece of software you have does have bugs. And acting accordingly.
Microsoft's process serves multiple purposes. First, it lets them have a process in place for developing patches, regression testing, packages, getting sign-offs from management, etc. all under a known schedule, process and time table. Secondly it allows people to know when to expect to receive patches. So your own internal processes can accommodate this.
Microsoft has released patches for issues that are considered high risk outside of their regular schedules. So it's not like you're going to be stuck waiting when there is a major and significant issue.
Another consideration is that end users have already planned their security environments around the idea that all software has bugs and vulnerabilities. A remote exploit in SQL server doesn't mean that the system is suddenly owned by every script kiddie on the internet. Anyone running SQL server is going to have deployed it under some controls. Their vulnerability will be limited. Getting it patched will be a priority, but not the most important thing associated with that particular deployed system. The is to say, day to day operations will continue until IT has scheduled time to apply the patch. As such, the exact delivery date of the patch is usually not the most important thing in the world, Friday... Tuesday... same difference.
You can't replace in use libraries. You can only choose to run multiple versions of the same libraries. And it can cause problems. Private interfaces can change and next thing you know you've randomly shuffled line items between thousands of invoices.
Don't take this wrong, but I'd never hire you as my server admin. The uptime of your server is irrelevant. Patch when it suits your needs, follow the proper procedure. Don't sit around playing thought experiments on your production systems.
How do you know you haven't introduced a significant probability of data corruption with your X.org patches? You have active processes using old libraries and new processes using new libraries. Unless you personally have audited every line of code changed and understand the entirety of the change and how it interacts with the rest of the system, it's impossible to know that your system is not silently eating your data.
Unix doesn't really have the capability of deleting an in use file. You can get rid of the name but anything that had the file open will continue to use the original file. If the application uses dlopen then you can easily enter into a situation where you have mismatches between patched library X and unpatched library Y.
I'm a unix admin by trade. Just wanted to get that out there before I said my next bit....
I'd be very impressed by any unix system that allows you to patch libc or the run-time linker without requiring a reboot to get the patch active in all processes.
That's a nonsensical argument. You could make the same argument for any piece of software at anytime. So it's a useless factor in your analysis of the criticality of the particular issues addressed by any particular patch.
Each individual user should be deciding how important a particular patch is. For the vast majority of consumers this is pretty much impossible. For them it makes plenty of sense for Microsoft to establish the patching process and schedule, eg. to provide a service that a business IT department would typically provide.
For businesses, again, it's up to them to determine what their exposure happens to be for each software application and OS. There's no way that a statement can be made that is relevant to industry as a whole.
As long as you don't mind working nights. There's no way an enterprise is going to accept daily, business hours outages.
Hell, I'm running XP Home and only went to the extent of saying "notify me of patches, but don't download or install them." It pops up the balloon saying "we got patches for you" and then I can choose when to download and install. It doesn't take much in the way of rupert science.
While it's not exactly a security problem (if you don't count self inflicted DOS attacks) but the continuing lack of a linux sky2 ethernet driver that doesn't lock up sets the bar pretty low.
But ultimately, you have to decide. Are you going to compare a transmission to a car? Or are you going to compare a car to a car?
Or a relatively giant tarp.
Now all you've got to do is fake up an email from your bank, send it to yourself. Then when you fall for the trick you'll have your username/account number and passwords. You are truly a l33t hax0r.
I think your are painting an overly rosy picture. ext vs. ffs or ext vs. ufs. Either one would have been sufficient to never had had extfs except that somebody had NIH syndrome. You also have two (or three depending on how you look at it) different efforts to get NTFS working. The funniest bit is that two of the three efforts are from one team of people, the code just sucked enough to throw it entirely away and start from scratch, and just for giggles give the appearance of a new project.
In generally commercial software development is always more efficient than ad-hoc open source development, if only because there is a real budget that is being spent. People don't amble through the project quite as much.
* And now that I look at that wikipedia page, I get to wondering why the GP linked to it as some list of Linux supported filesystems....
Tell me again how OSS teams aren't reinventing the wheel?
(Also, I like how "supported" file systems seems to mean anything that may read some data from some type of files off of the target FS. Let's forget about writing, or supporting some of the esoteric oddities that have been developed.)
So your original statement that someone took public domain code and then sued stallman for copyright violation is wrong then?
But your phrasing of what you would have felt better about isn't the same at all as saying QuantumG's real name is X, his current phone number is Y, and his email is Z. Providing three pieces of information, well four really, makes it possible for people who have an interest in Trent to recognize that he is QuantumG as opposed to just someone with the same name. (The fourth piece of information is that he lives in Australia which can be gleaned from the country code on the phone number.) He links to two different sources of information about himself on every post he makes here. Going to those you can find his real name, phone number, and address. You have a legally unsupported view of what constitutes harassment if you consider posting publicly available information harassment. If you read his areas of interest, it's all reverse engineering, decompiling, and duplicating someone else's product. Adding that to his expressed desires to get free entertainment, I think a case can be made for his not being creative and wants the results of other people's labor for free. (Yes, I know that some creativity can be expressed through reverse engineering, but less than is expressed from creating something new.)
Yeah, three compared to zero (one counting you) in this little subthread. On a website that generally favors entitlements, socialism, and ignoring copyright. Three people disagreed and zero took the time and effort to agree. Other people have disagreed with him in other parts of this story. Sorry that the way I phrased my response was unclear to you. If you'd read my other posts in those story, my position is quite clear.
It's only naive if you want to say that an unfunded, disorganized minority is the same as society. Society as a whole gets what it wants. You provided two great examples yourself. Prohibition, a tiny minority pushed for prohibition, it passed. Then it was repealed when society decided against it. And the civil rights movement succeeded because the majority wanted it. While there was significant and vocal opposition, laws changed because that's is what society as an aggregate wanted.
Because your average rape victim doesn't want to be comforted, supported and counseled by a man shortly after another man has raped them. That's a simplistic statement, but it's generally true.
You do know that men and women receive different insurance rates and benefits, right?
So they're saying that charging type-1 diabetics more for health insurance is going to become illegal? And no longer will they be able to not hire men for work at rape crisis centers? And sperm banks will be required to accept donations from women? This sounds like socialized medicine via the back door.
(if you disagree, post)
Given that Mr. Waddington is likely to continue to have employment in his chosen field of expertise, I think making the connection between the pseudonym that he uses to express his views on IP and his real life identity is a benefit to society. Since he is a professional software developer, those views are highly relevant to potential employers. And to your claims that I am attacking him, don't be silly. I'm just letting him be accountable for his words and contrasting his actions with his words. Don't you weigh people's actions against their words when judging the person?
As to my opinion on the idea that society doesn't want copyright law, I think the fact that there have been more unique posters responding that disagree with him than have agreed with him supports my evident position.
Additionally I would suggest that the continued existence of copyright laws would demonstrate that society wants them. Some might claim that the copyright lobby is buying legislation to keep laws around in the face of the will of society. That is a fallacy. Society has an option to elect someone who will ignore the financial incentives provided by the copyright lobby. Society has more money that the copyright lobby. So even if they couldn't elect representatives that would enact their will, they could pay more to enact their will. And yet we still have copyright laws.
What I would like to see is somebody giving real numbers as to what portion of society has chosen to ignore copyright law. Instead all I see in posts are vague claims that "much of society" ignores copyright. What does that mean?
The only fundamental difference between your credit report and a Linkin Park compact disc is who wants the information and who wants to receive value for the information. That and the fact that a Linkin Park CD is the creation of a small team of people and your credit report is actually the statements of a series of second parties who are describing their interactions with you. So a Linkin Park CD is arguably their's while your credit report is arguable not yours, but rather about you.
Your last sentence fails to convey useful information because it's too broad. A "reasonable price" for someone who doesn't want to pay for an item is zero. A "reasonable price" for someone who has invested thirty million and five years in the creation of an item might be sixty million. Not to mention that nobody has an obligation to publish, or republish, anything.
I think you'd have a very hard time demonstrating that society sees copyright the way it is being asserted repeatedly in this thread. The reality is is most members of society know that it takes investments of expertise, skill, time, and yes even money to create all this entertainment. That entertainment wouldn't exist without the restrictions that are being claimed to not be in the interest of society.
Additionally, while you could argue that copying (and distributing) information about a specific individual does not benefit society, I would say that there is a very significant number of people who would disagree. Landlords, bankers, employers, investors, girlfriends/boyfriends, neighbors, etc. would all gain from knowing extended biographical and historical information.
Given that the original poster, QuantumG, Trent Waddington, is a software developer at Symantec for a living it's quite ironic that he takes the position that he does regarding copyright law. His entire lifestyle is predicated upon copyright protection. Additionally, future employers would be fully justified in taking his disdain for intellectual property protection into account when considering him for employment.
Do you think he'll post a license key generator for Veritas Storage Foundation? My guess is he won't because when it comes to peeing in his own drinking water, his beliefs are quite different from when it comes to peeing in somebody else's well.
Everything I posted was already public information available to anyone who took a moment to click around on the net. The only change is that now a simple search on Yahoo, Google, Microsoft, etc. will attach his real name to his posts here on slashdot.
And don't you think that employers might want to see how he has taunted people because of their religion?
Or that he doesn't respect others' physical property rights either. And gloats in his abuses as well.
As spoken by a habitual criminal, every law is unnecessary.
Google's lead counsel on copyright bills $700/hr. I suspect he's quite good. Probably higher in his field than most of their engineers.
The difference between the GPL and BSD licenses is not a matter of software freedom. It's a matter of telling other people what to do. If what you cared about was writing and giving aware software for free then you wouldn't need a license at all. What you want is other people's software for free. Big difference. It's kind of like thinking that everybody should have free shelter, like living in someone else's building for a summer without ever paying rent, and then letting any random bum live in your house with you and your wife/SO.
I dunno. But I'd love to take this conversation private. My email address is Trent.Waddington@gmail.com or Trent.Waddington.x@gmail.com. Why don't you sign me up for your newsletter? Or call me at +61-404-020-659. I'm about the least creative human being on the planet as all my interests revolve around taking other people's work.