Don't forget the fact that Red Flag (I still have my version 2.0 in shrink-wrap on my desk) is sponsored in part by money from the Chinese government. It began back when the Chinese were making noises about not being able to trust American hardware (probably more for the fact that 90% of it was from Taiwan than the fact that it was sold by Americans, but there's some concern in the latter too).
Not that any of that really means much, but it's useful historical context to keep in mind.
Hrm... monopoly is a funny word when you're talking about single-sourcing.
and they weren't colluding with competitors to raise prices.
Nope, they were colluding with the market, which is still a violation of anti-trust laws.
Who cares if Enron was shutting down their generators.
No they were not. Enron is a re-seller. Those aren't their generators.
If it wasn't for regulation the market would simply restablish equilibrium.
It's very hard for a free market to establish equilibrium over a utility. They tend to require long ramp-up periods to add capacity, which provides competition with ample opportunity to kill your company in its crib through various (entirely legal) long-term pricing maneuvers.
It's also true that the public cannot afford lapses in the service, which the free market can sometimes produce.
Regulation is often required to solve these problems. If you have some means of resolving them without regulation, I'm all ears.
Wow, congratulations, you just posted an article full of explicits, lacking any facts what-so-ever.
And from the article in question:
"If you took down the steamer, how long would it take to get it back up?" an Enron worker is heard saying.
"Oh, it's not something you want to just be turning on and off every hour. Let's put it that way," another says.
"Well, why don't you just go ahead and shut her down."
Officials with the Snohomish Public Utility District near Seattle received the tapes from the Justice Department.
"This is the evidence we've all been waiting for. This proves they manipulated the market," said Eric Christensen, a spokesman for the utility.
I don't have a "side" in this, as I think Enron is unfairly blamed for much that was a result of both state and federal corruption. However, I certainly don't agree with the notion that they weren't in significant control of the situation. The state's lack of action put them in a spot to be manipulated and Enron saw to it that they were manipulated to the fullest extent possible.
Wow, been a long time since I was moderated as a troll, and to get modded that way for posting about the chance that Sony would take advantage of the chance to run software on your box.... wow, Slashdot moderation has certainly changed.
Of course, this is Sony, and people are allowing them to run software on their box that "phones out".... Who wants to bet there will be extra data sent out if you've ever played an unlicensed game or media in the console?
Obviously, that first sentence should have ended with, "across single statements." I'm surprised that no one called me on the fact that MySQL has not had transactions for 10 years. Perhaps everyone just got what I meant from context...?
Here's the thing: in all of those cases, someone lost billions for the company *and* trashed their reputation, incurring further loss in the marketplace. That's a mistake that that company is not going to want to repeat. Are you saying that you think a federally-managed oil distribution network would never have had a major oil spill? Are you saying that you think that government-run tool factories would never have created an environmental disaster? Can you imagine the abuse and outright privacy disasters that would ensue if your credit cards were directly managed by the government?
No thanks, I'll continue to attempt to put political and financial pressure on these companies to do the right thing, but I'll never be so foolish as to think that the job would be done better if it weren't in the private sector. For confirmation of that, I have only to look at the atrocities committed by damn near every government ever.
Essentially, they'd check the mark next to all the candidates, making the ballot worthless.
Then it was a useless ballot. The ballot should have an entry specifically for "none of the above." The mandate of a candidate should *always* be judged on the basis of the amount by which they beat their opponent(s) *and* the percentage of the population that felt that *any* of the candidates were appropriate.
Nullifying a ballot because someone didn't want to vote for any of the candidates is throwing away information, which in an election should be criminal.
Typical for Slashdot. The first people to post take what's in the blurb and run with it, as if it encompasses the full spectrum of the planned concept.
Think about it. You work for an ad company, and you know that people using TiVos and other DVRs are skipping commercials. What would you do to get your message to them?
Would you up the expense of the ads to capture a wider audience. No, you would probably loose all of your customers doing that.
Would you move toward product placements? Yep, and notice that product placements in TV shows have been on the up-swing.
Would you try to build ads that get their message across in a longer format AND a shorter format? Yep, and that's what this will probably end up being in the end. Watch for normal looking ads that, for arbitrary reasons, happen to have a logo and product name in the same place for the full duration of the ad.
This will work on me. I use an Echostar DVR (for as long as they still exist, now that they're losing the suit), and I press the skip-forward button several times to go to the end of a commercial break. In any ad with a logo that shows up for more than 10 or so seconds, I'll typically end up seeing the logo. Theme songs that repeat the name of the product are also a good way to catch folks like me (Wanna Fanta?) Of course, like most other smart folks, I want to think that the fact that I see these ads doesn't mean that they have any effect, and of course, I'm wrong. I don't buy Fanta, but I probably wouldn't have no matter what. I *do* look for a brand of sneaker that I know when I go shopping because too many times I've bought an off-brand and been screwed, so now if a sneaker wants to get my money they have to find a way to get their name into my head. It's an unfortunate state of affairs that I would like to counter by watching and reading more consumer-friendly sources of information (America's Test Kitchen (PBS) and Consumer Reports come to mind), but I typically don't have the time.
And every reference work in the next 100 years is pretty much going to have to say, "Eris, which was originally designated UB313 and nicknamed Xena by its discoverers..." So, why bother? What harm could letting the guy who discovered it name it actually do? Certainly, if he'd named it after himself or his pet cat, that would be questionable, but naming it after a popular culture icon seems as fair as naming it after an ancient religion... no, scratch that; it seems a lot better to me.
This isn't D&D. You can't say, basically, "oh, I've done 3 good deeds this month, for 4 'good' alignment points total
What the hell game are you playing?! D&D has never had any mechanic even remotely like that.
But more importantly, Google's motto doesn't work that way. It says "do no evil", _not_ "keep the balance by doing as much evil as good stuff". So exactly how and what are they, in your opinion, balancing there? Surely not their motto and promise.
What's to balance? Someone found that google hired a firm that they had a political problem with. Google also does business with Doubleclick and Sony. However, they attempt to interact with these companies in an honest and forthright manner that will not harm the interests of their users or otherwise harm the community at large. If doing business with companies that have "done evil" made one evil, then Google would have no choice but to go out of business. Hell, they certainly wouldn't be able to pay taxes. They do their best within the constraints that the existing market provides them, and that's leaps and bounds better than anyone else in the industry does.
Hello, and welcome to the world of beta software. Shockingly, such software does not always work on every platform from day one. Typically, it works on the primary platform that the developers use first, and then is ported to other platforms as a release nears. Not surprisingly, Slashdot developers target open source software first.
Of course, then there's the fact that "losing" in the "sub-optimal" sense has been popular jargon in the computing sub-culture of the east-coast of the United States (and increasingly, the rest of the planet) for over 20 years... but far be it for me to stand in the way of a good rant.
It's a good article. Too bad it ends in a sales pitch. That really colors my reading of the rest of it as rather self-serving.
Still, the original DVD masters MUST have a lower bound of resolution once transfered from their analog NTSC video format to a digital MPEG2 format than the giant, 70mm print that I watched at the Wang Centre in Boston. I mean, if you absolutely had to go to a presentation copy, that would be the one to use, and there's probably a master floating around LucasFilms from which that was derived.
It just seems odd that they would have to go to the LaserDiscs.
That said, I own the Definitive Collection on LaserDisc, and it's beautiful for a 1977 film on LD. It's not as insane as it sounds to transfer this to DVD, just hard to buy into the idea that it was the BEST choice.
Just wait until the first time that ruling is cited in a case where some company sues a person who emails various management to complain about a product, or in response to a consumer advocasy drive. "Damages" will, of course, be assessed in terms of 3 days of the company's entire IT staff's salaries and the price of several mail servers.
It's happened all too often that an organization spent so much energy downplaying a security issue that it made me wonder if it wouldn't have been cheaper for them to fix it.
I agree, and I think that a lot of the problem with security work these days is that the public has been so badly burned by that sort of problem that they are no longer even as rational as an uninformed public can be expected to be. That means that reasonable statements like, "X is a minor security issue," sound like a fire alarm to most consumers. That's a sad state of affairs.
Open source software doesn't "play by the same rules" in the sense that one cannot always direct effort, and thus risk analysis isn't going to be the driving factor for decisions as often as it would be in most singular companies that worked on a closed-source product, but that's misleading, since the sorts of risks that closed source companies deal with are often not based on criteria with which the majority of customers would agree.
Your analysis of the ability for each type of organization to adequately assess risk, however, is probably not as useful as you think. There are practically infinite factors to be considered here. What happens when closed source companies have access to security information that open source companies would not? What about the situation where security bugs exist in tiny side-projects without nearly so many eyes?
No, I think open source and closed source companies are on an equal footing in all but one respect: anyone who wants to can do a security audit of an open source product. That's the defining difference, IMHO.
New to the business? You don't block anything in this situation; You mark it with a header ( that's part of the email message that you would likely never see. Most mailers won't display them unless you ask it specifically to do so ), and leave the blocking/filtering up to the end user.
Most businesses do not do this. Most use a spam-filtering appliance that uses a very conservative blacklist (often run by the appliance provider in conjunction with a service contract), fingerprinting and some heuristics to assess spam probability (much like SpamAssassin, and often using SpamAssassin), and then leaves the choice of what to do to the messages up to the administrator. Typical installs that I have seen discard all of the mail that's high probability spam. Some appliances keep such "discarded" mail for some period in a quarantine, and periodically give the user a list of held messgaes, making it possible to retrieve those that are mis-identified.
The setup where headers are added so that users can do their own filtering really only works in a highly technical environment, and even then there will be administrative staff for which this is not a reasonable option.
Yes, blacklists are tricky. You need to find one whose philosophy you and your users are willing to live with. This is why I use Spamhaus's SBL/XBL list which excludes only those hosts which are known problems. I happen not to agree with the philosophy that I should not be allowed to recieve mail from a network that has one spammer on it. Others disagree and wish to exclude the whole network. Salt to taste.
Rule #2 of security: there is no such thing as "mild security issues".
This is unreasonable in the extreme. Security analysis is a matter of risk analysis, and to say that there's no such thing as a mild security issue is about the same as saying there's no such thing as a mild risk. Risks of all forms are multi-dimensional quantities, and yes it is possible to have a risk that is so mild that the trade-offs involved in fixing it are not worth the pain.
Here's a great example: I can stand over your shoulder and watch you type your password to your 401k account in your browser. Firefox could address this "mild security issue" by having you pre-assign a dummy string which it removes from typed passwords. In any other browser that was not so configured the password you typed would fail to work, and the security problem would be greatly reduced.
This is, however, not enough of an issue that it's worth it to firefox to take the lead in addressing it. Perhaps if some particular OS or desktop provided such an option as a user-level setting, then it would be worth picking it up and using it, but as it stands, there are bigger fish to fry.
But these guys would have you change the Theory of Gravitation because they can't grasp that maybe there are weird states of matter that exist just outside our physical grasp.
I don't think there's anything approaching reasonable in that statement. This is a theory. It is either a good theory or a bad theory on its own merits, and you don't introduce a theory because you feel that no other competing theory could be correct, you introduce a theory because you can demonstrate that it could be correct.
Science is the process of breaking existing theory, and there is nothing wrong with attacking the existing model for gravitation. In fact, attacking existing theory is one of the most important tasks in the scientific method. How correct this theory turns out to be is still anyone's guess, and our speculation without either mathematical proof or experimentation is moot.
Dark matter is a theory not because we are sure it's there, but because some scientist can't imagine any other explanation
This is incorrect. Theory exists regardless of the existance of any one theorist who believes that the theory must be true or is the only explanation available.
To re-state: dark matter is a theory becuase it was a hypothesis which has endured the gathering of some experimental data, but there is not yet enough experimental data to exclude other possibilities. This is, in no way, a matter of faith. It's certainly a matter of speculation and experimentation, and anyone who tells you "dark matter exists" is over-simplifying to the point of error.
Now, this hypothesis that we're discussing is a different beast. It's a mathematical model that may or may not preclude dark matter by chaning the rules slightly. Changing the rules of gravity isn't that much of a big deal (we assume that the unification of gravity with the other forces will probably come with some surprises), but one does not speculate about those changes lightly. To wit, this theory is being greated with skepticism, not because it offends some faith in dark matter, but because it requires some heavy thinking about existing mechanics.
This is what science is all about. You build a model, and then you tear it down. You repeat this process until you have a model for which the difference between "sturdy" and "unassailable" is indistiguishable. At that point, you refer to the model as a "law". That is, "a very sturdy model". Then you move on to the implications of that model, and start building new models.
Slashdot Mirror
Don't forget the fact that Red Flag (I still have my version 2.0 in shrink-wrap on my desk) is sponsored in part by money from the Chinese government. It began back when the Chinese were making noises about not being able to trust American hardware (probably more for the fact that 90% of it was from Taiwan than the fact that it was sold by Americans, but there's some concern in the latter too).
Not that any of that really means much, but it's useful historical context to keep in mind.
Hrm... monopoly is a funny word when you're talking about single-sourcing.
Nope, they were colluding with the market, which is still a violation of anti-trust laws.
No they were not. Enron is a re-seller. Those aren't their generators.
It's very hard for a free market to establish equilibrium over a utility. They tend to require long ramp-up periods to add capacity, which provides competition with ample opportunity to kill your company in its crib through various (entirely legal) long-term pricing maneuvers.
It's also true that the public cannot afford lapses in the service, which the free market can sometimes produce.
Regulation is often required to solve these problems. If you have some means of resolving them without regulation, I'm all ears.
And from the article in question:
I don't have a "side" in this, as I think Enron is unfairly blamed for much that was a result of both state and federal corruption. However, I certainly don't agree with the notion that they weren't in significant control of the situation. The state's lack of action put them in a spot to be manipulated and Enron saw to it that they were manipulated to the fullest extent possible.
Wow, been a long time since I was moderated as a troll, and to get modded that way for posting about the chance that Sony would take advantage of the chance to run software on your box.... wow, Slashdot moderation has certainly changed.
Of course, this is Sony, and people are allowing them to run software on their box that "phones out".... Who wants to bet there will be extra data sent out if you've ever played an unlicensed game or media in the console?
Obviously, that first sentence should have ended with, "across single statements." I'm surprised that no one called me on the fact that MySQL has not had transactions for 10 years. Perhaps everyone just got what I meant from context...?
Here's the thing: in all of those cases, someone lost billions for the company *and* trashed their reputation, incurring further loss in the marketplace. That's a mistake that that company is not going to want to repeat. Are you saying that you think a federally-managed oil distribution network would never have had a major oil spill? Are you saying that you think that government-run tool factories would never have created an environmental disaster? Can you imagine the abuse and outright privacy disasters that would ensue if your credit cards were directly managed by the government?
No thanks, I'll continue to attempt to put political and financial pressure on these companies to do the right thing, but I'll never be so foolish as to think that the job would be done better if it weren't in the private sector. For confirmation of that, I have only to look at the atrocities committed by damn near every government ever.
Then it was a useless ballot. The ballot should have an entry specifically for "none of the above." The mandate of a candidate should *always* be judged on the basis of the amount by which they beat their opponent(s) *and* the percentage of the population that felt that *any* of the candidates were appropriate.
Nullifying a ballot because someone didn't want to vote for any of the candidates is throwing away information, which in an election should be criminal.
For the last 10 years, MySQL data has been atomic across single transactions.
For the last 5 years, MySQL data has been atomic across transactions.
For the last 2-3 years, MySQL has supported the full gammut of ACID features.
Can we PLEASE stop beating this particular dead horse?
The MySQL 5.0 FAQ
MySQL still lacks many of the high-level features of databases like Oracle, and for that many of us, the USERS of MySQL are generally greatful.
Typical for Slashdot. The first people to post take what's in the blurb and run with it, as if it encompasses the full spectrum of the planned concept.
Think about it. You work for an ad company, and you know that people using TiVos and other DVRs are skipping commercials. What would you do to get your message to them?
Would you up the expense of the ads to capture a wider audience. No, you would probably loose all of your customers doing that.
Would you move toward product placements? Yep, and notice that product placements in TV shows have been on the up-swing.
Would you try to build ads that get their message across in a longer format AND a shorter format? Yep, and that's what this will probably end up being in the end. Watch for normal looking ads that, for arbitrary reasons, happen to have a logo and product name in the same place for the full duration of the ad.
This will work on me. I use an Echostar DVR (for as long as they still exist, now that they're losing the suit), and I press the skip-forward button several times to go to the end of a commercial break. In any ad with a logo that shows up for more than 10 or so seconds, I'll typically end up seeing the logo. Theme songs that repeat the name of the product are also a good way to catch folks like me (Wanna Fanta?) Of course, like most other smart folks, I want to think that the fact that I see these ads doesn't mean that they have any effect, and of course, I'm wrong. I don't buy Fanta, but I probably wouldn't have no matter what. I *do* look for a brand of sneaker that I know when I go shopping because too many times I've bought an off-brand and been screwed, so now if a sneaker wants to get my money they have to find a way to get their name into my head. It's an unfortunate state of affairs that I would like to counter by watching and reading more consumer-friendly sources of information (America's Test Kitchen (PBS) and Consumer Reports come to mind), but I typically don't have the time.
And every reference work in the next 100 years is pretty much going to have to say, "Eris, which was originally designated UB313 and nicknamed Xena by its discoverers..." So, why bother? What harm could letting the guy who discovered it name it actually do? Certainly, if he'd named it after himself or his pet cat, that would be questionable, but naming it after a popular culture icon seems as fair as naming it after an ancient religion... no, scratch that; it seems a lot better to me.
What the hell game are you playing?! D&D has never had any mechanic even remotely like that.
What's to balance? Someone found that google hired a firm that they had a political problem with. Google also does business with Doubleclick and Sony. However, they attempt to interact with these companies in an honest and forthright manner that will not harm the interests of their users or otherwise harm the community at large. If doing business with companies that have "done evil" made one evil, then Google would have no choice but to go out of business. Hell, they certainly wouldn't be able to pay taxes. They do their best within the constraints that the existing market provides them, and that's leaps and bounds better than anyone else in the industry does.
Hello, and welcome to the world of beta software. Shockingly, such software does not always work on every platform from day one. Typically, it works on the primary platform that the developers use first, and then is ported to other platforms as a release nears. Not surprisingly, Slashdot developers target open source software first.
Of course, then there's the fact that "losing" in the "sub-optimal" sense has been popular jargon in the computing sub-culture of the east-coast of the United States (and increasingly, the rest of the planet) for over 20 years... but far be it for me to stand in the way of a good rant.
It's a good article. Too bad it ends in a sales pitch. That really colors my reading of the rest of it as rather self-serving.
Still, the original DVD masters MUST have a lower bound of resolution once transfered from their analog NTSC video format to a digital MPEG2 format than the giant, 70mm print that I watched at the Wang Centre in Boston. I mean, if you absolutely had to go to a presentation copy, that would be the one to use, and there's probably a master floating around LucasFilms from which that was derived.
It just seems odd that they would have to go to the LaserDiscs.
That said, I own the Definitive Collection on LaserDisc, and it's beautiful for a 1977 film on LD. It's not as insane as it sounds to transfer this to DVD, just hard to buy into the idea that it was the BEST choice.
Just wait until the first time that ruling is cited in a case where some company sues a person who emails various management to complain about a product, or in response to a consumer advocasy drive. "Damages" will, of course, be assessed in terms of 3 days of the company's entire IT staff's salaries and the price of several mail servers.
I agree, and I think that a lot of the problem with security work these days is that the public has been so badly burned by that sort of problem that they are no longer even as rational as an uninformed public can be expected to be. That means that reasonable statements like, "X is a minor security issue," sound like a fire alarm to most consumers. That's a sad state of affairs.
Open source software doesn't "play by the same rules" in the sense that one cannot always direct effort, and thus risk analysis isn't going to be the driving factor for decisions as often as it would be in most singular companies that worked on a closed-source product, but that's misleading, since the sorts of risks that closed source companies deal with are often not based on criteria with which the majority of customers would agree.
Your analysis of the ability for each type of organization to adequately assess risk, however, is probably not as useful as you think. There are practically infinite factors to be considered here. What happens when closed source companies have access to security information that open source companies would not? What about the situation where security bugs exist in tiny side-projects without nearly so many eyes?
No, I think open source and closed source companies are on an equal footing in all but one respect: anyone who wants to can do a security audit of an open source product. That's the defining difference, IMHO.
Most businesses do not do this. Most use a spam-filtering appliance that uses a very conservative blacklist (often run by the appliance provider in conjunction with a service contract), fingerprinting and some heuristics to assess spam probability (much like SpamAssassin, and often using SpamAssassin), and then leaves the choice of what to do to the messages up to the administrator. Typical installs that I have seen discard all of the mail that's high probability spam. Some appliances keep such "discarded" mail for some period in a quarantine, and periodically give the user a list of held messgaes, making it possible to retrieve those that are mis-identified.
The setup where headers are added so that users can do their own filtering really only works in a highly technical environment, and even then there will be administrative staff for which this is not a reasonable option.
Yes, blacklists are tricky. You need to find one whose philosophy you and your users are willing to live with. This is why I use Spamhaus's SBL/XBL list which excludes only those hosts which are known problems. I happen not to agree with the philosophy that I should not be allowed to recieve mail from a network that has one spammer on it. Others disagree and wish to exclude the whole network. Salt to taste.
This is unreasonable in the extreme. Security analysis is a matter of risk analysis, and to say that there's no such thing as a mild security issue is about the same as saying there's no such thing as a mild risk. Risks of all forms are multi-dimensional quantities, and yes it is possible to have a risk that is so mild that the trade-offs involved in fixing it are not worth the pain.
Here's a great example: I can stand over your shoulder and watch you type your password to your 401k account in your browser. Firefox could address this "mild security issue" by having you pre-assign a dummy string which it removes from typed passwords. In any other browser that was not so configured the password you typed would fail to work, and the security problem would be greatly reduced.
This is, however, not enough of an issue that it's worth it to firefox to take the lead in addressing it. Perhaps if some particular OS or desktop provided such an option as a user-level setting, then it would be worth picking it up and using it, but as it stands, there are bigger fish to fry.
I don't think there's anything approaching reasonable in that statement. This is a theory. It is either a good theory or a bad theory on its own merits, and you don't introduce a theory because you feel that no other competing theory could be correct, you introduce a theory because you can demonstrate that it could be correct.
Science is the process of breaking existing theory, and there is nothing wrong with attacking the existing model for gravitation. In fact, attacking existing theory is one of the most important tasks in the scientific method. How correct this theory turns out to be is still anyone's guess, and our speculation without either mathematical proof or experimentation is moot.
This is incorrect. Theory exists regardless of the existance of any one theorist who believes that the theory must be true or is the only explanation available.
To re-state: dark matter is a theory becuase it was a hypothesis which has endured the gathering of some experimental data, but there is not yet enough experimental data to exclude other possibilities. This is, in no way, a matter of faith. It's certainly a matter of speculation and experimentation, and anyone who tells you "dark matter exists" is over-simplifying to the point of error.
Now, this hypothesis that we're discussing is a different beast. It's a mathematical model that may or may not preclude dark matter by chaning the rules slightly. Changing the rules of gravity isn't that much of a big deal (we assume that the unification of gravity with the other forces will probably come with some surprises), but one does not speculate about those changes lightly. To wit, this theory is being greated with skepticism, not because it offends some faith in dark matter, but because it requires some heavy thinking about existing mechanics.
This is what science is all about. You build a model, and then you tear it down. You repeat this process until you have a model for which the difference between "sturdy" and "unassailable" is indistiguishable. At that point, you refer to the model as a "law". That is, "a very sturdy model". Then you move on to the implications of that model, and start building new models.
I'd love to see it automatically {{prod}} them as well.