Backwards compatibility when it comes to roads is:
- keeping them straight
- keeping them a minimum width
- keeping them relatively flat
My car, bicycle, and horse can all travel down a dirt road, a cobbled road, a paved road, and a freeway.
> Do you know who else is great at keeping backwards > compatibility? Microsoft Windows...and that system > is fucked up right from the ground.
65% of the entire market, despite it's high cost and "horrible underpinnings". XP alone still commands 22% of the entire desktop market, and I can still run most software released for Windows on it, and vice versa.
I'm a software developer, and yes getting to re-write everything and fixing past mistakes* is nice -- but the market and users do not give a damn.
We're not going to use something that keeps "breaking" every 12 months. We're not going to use something that forces us to stop driving cars and go into flight school to learn how to fly some new p.o.s. that's no better than the damn car we just had.
Instead, we'll switch models of cars.
(*) Are you in fact fixing past mistakes? Or are you making new and more horrible ones like Gnome3?
That's neat, but I think calmofthestorm and also I would like to know -- if a semi-hostile, already-complete court order arrives saying "hand over all of your data" -- how do you do backups such that you do NOT have to hand over the backups themselves, and thus not have any ability to continue business?
See what I mean? A court order saying "hand over all data" means we need to hand over backups too. Even worse is if the sherrifs arrive with that order, they're not going to trust you that these two backup tapes are identical and thus leave you with one to continue business.
( Maybe you didn't actually mean this most extreme form of demand... but just accidentally implied it in your original paragraph.... )
Ooooh, maybe you can help me with something - the manager of our sysadmin group is always harping about "data older than 3 years should be destroyed so your own data can't be used against you".
Do you have any good authoritative references explaining what data should be deleted and when, and what other types of data should be "kept forever" and why?
I mean a best practices or published book or something. Something that is a distillation of what everyone else has learned, not merely professional opinions that can be "argued for and against"...
So... reading up on this stuff... it's *very* clear that what they are talking about is an RFID tag.
Yay, put rfid tags everywhere and have everyone tap their phones against them to "receive information"....and who determines what information is transferred back and forth and what types of exploitable holes are there in their protocol?
WAIT wait wait. What the researcheres in Korea "discovered" is how to PRINT rfid tags with magnetic inks.
Jeezus, this is what you get when you cross marketing droids with non-technical reporters in news organizations.
This whole slashdot article should be deleted. And the BBC should be ashamed, aren't there some PhDs driving cabs that they could hire to cover their technology news stories?
Neat thing about is you don't have to go through 10 years of environmental reviews just to get it torpedoed by NIMBYs, and you know what, I like the idea of having that stuff above ground and *easy* to monitor and remediate. (The only negative is that it assumes that our high-tech society holds together for the long long term...)
> I believe other uranium mines in Canada were also in bedrock, but could be mistaken
No such luck at the big mines in Saskatchewan - all sandstone containing high pressure water. They've had three floods at the Cigar Lake mine, one of which might have caused the global spike in uranium prices in 2006, and the flood just last year has again prevented production from starting.
> I can even be my own single sign on service provider if I have my own domain name.
But Google and Yahoo and Facebook and Twitter are NOT going to allow you to use a *different* service to authenticate your sessions with them, not your own service provider and *certainly* not each other.
Because THEY want the monopoly position, and they don't want people to NOT create an account with them.
And that's why SSO will never fly. The websites that "matter" won't let us do what we want, and N of us will not have a google account (not since they went to the dark side and/or are based in the USA), and M of us won't touch facebook with a 1000 foot pole.
And if the techies won't use something, the millions of techies won't tell their non-techie friends and relatives to use it either. End of story.
> is that when silvery metal thorium is heated by an external source, it becomes so dense its molecules give off considerable heat. > > Small blocks of thorium generate heat surges that are configured as a thorium-based laser
I'm on your side, I am, but I'm seeing more and more things that make me think the Germans do in fact know what they're talking about. (Hey, they've always been good with technology and engineering).
> they are trying to control the food supply... like a Mafia every time you take a bite of food
Those bits are gross hyperbole and utter BS. The mafia force you to pay them or else you're not allowed to eat at all.
If Monsanto can invent a form of potatos that have a 50% higher yield, why shouldn't they be allowed to take 20% of that as profit, and we end up with 30% cheaper potatos? Or 50% more potatos for just 20% more cost?
If you don't want to use Monsanto potatos, don't. They can't force you to pay them. Even without labelling laws (which I'd support btw), you just have to go to the nearest farmers market and there's tons of people selling non-monsanto product. Enough people do that and supermarkets will be forced to sell non-monsanto product too, labelling laws or not.
And, after saying all that, I'd still agree that Monsanto is much... "too evil"... for a corporation. But stick to facts, not gross hyperbole.
> "..buyers of used gear typically have to send the product in for inspection by Cisco before they can purchase a new contract, which can be an expensive process"..sounds a bit anti-competitive (or something), effectively making it impossible to sell or buy used cisco hardware.
The right responsible thing for website and application developers/owners to do is NOT allow users to create their own passwords. Generate one for them.
But that doesn't mean the passwords have to be hard to remember. Four randomly chosen 3-5 character words from the standard 25k word dictionary on Solaris is identical in strength to an 8 character purely random password that that uses all possible keyboard characters (26 lower case, 26 uppper case, 10 numbers, 12 special characters). Three of those is identical in strength to a 6 character password, which is certainly far more secure than 95% of the stuff I see people using, even "professionals".
ex: fuse larva elite scare
Question -- why doesn't Firefox or Windows or Linux come with a little application that GENERATES a secure password for the user? Why do people who make operating systems and Browsers expect USERS to generate passwords themselves, and then you wonder why they are so insecure?
In my professional opinion -- the professionals are to blame.
*** WHERE is an average user supposed to get a properly generated secure password? ***
Linux has a perfectly good random number generator based on proper entropy collection, does Windows? Unfortunately, neither is usable as is by an end user. Don't point me to some idiot website run by who knows who. Unless someone big like google or yahoo have an SSL page that I know I can trust to have done it right and/or not be tracking IPs and passwords for latter exposure.
(Disclaimer - I am a professional, and in the small company that I work at, I've been slowly eliminating all of the "luser generated" passwords for quite some time now, and forcing them to use ones that have been properly generated.)
The second thing to do would be to get things like OpenID working and make users aware of them, do things to encourage them to use it. Unfortunately I tried to use OpenID myself (as a user) a year ago -- and I was *really* unhappy with how hard it was. There's no way in hell I can recommend friends and family to use it. There's huge usability problems with it impo. It requires way way too much expertise and willingness to screw around.
We need something conceptually simple to USE, but that still doesn't present a single target that would result in all of the end user's accounts being violated if a single site is penetrated. This is an excercise left to the reader.:)
And for every one instance of that, how many other homeowners and/or their family members were killed by return gunfire from the rest of the officers on scene?
> The bottom line is that Windows was never designed to be secure
Oooh, that makes me wonder. Can Linux/Solaris/Unix be attacked *simply* using the PATH environment variable? Forget limiting the attack to shared objects, anything that is loaded or exec'd by any other binary/scripts.
The complicated thing is many applications build their own PATHs, and you're looking for a directory on that path that is writable to whatever user you are, one that you can put a file that doesn't yet appear that high up on the PATH.
Which suddenly makes it brilliantly clear that perhaps this isn't an OS problem. Not unless you're going to ALSO blame all the Unix/Linux authors 10-40 years ago for "(not) consider(ing) security at all when (using PATHs)", and for somehow magically making sure applications and installers don't accidentially leave directories writable by other users.
It used to be an important/useful feature of the web/html -- until "website designers" decided that they didn't like the look and started making certain that all links looked the same, and other things that also made it stop working.
I have a question - why the ****** does a website need to have/see/retreive the list of URLs I've been at in order to do this - coloring links is a browser side feature! The only thing a website needs to do is suggest which colors to use for said links.
This was grossly unintentional right? Someone didn't choose to implement this specific behaviour, right?
I only use a bootable encrypted USB key to do my online banking - and that's the only thing I used that OS image for. It'd be a pain shutting down your home PC while you boot to the secure environment just to check the e-mail...
Another option, boot from a read-only CDR of Knoppix.
In both cases you will have to go an extra step to ensure the Linux firewall is up by default and root gets assigned a password, and that the OS doesn't automatically find and use a local HDD linux swap partition for swap space, as that would "leak" unencrypted data to the local hard disk. With the USB key OS that's easy, as it can persist itself, but you'd have to re-master/re-image Knoppix to get it to do that. Coming up on a strange network with no firewall and a blank root password -- bad idea...
I really liked "Dies the Fire", by S.M. Stirling. In it some of the constants of nature change - and even combustion is affected - no more electricity, gunpowder, explosives, or combustion engines, etc. (Although I think they could perhaps make gunpowder out of former-explosives, but so far as I've read in the ensuing series they haven't hit on that idea yet)
A bit more survivalist and post-apocalyptic semi-fantasy in nature, but I suppose most such books are.
I deleted my gmail account as soon as I heard about the horrific gross absent-minded violation of my privacy. "fixing things after the fact" doesn't cut it when it comes to things like this. If they're this utterly stupid once, then they'll be this stupid again.
Seriously, google at one time was "I trust them more than anyone, do no evil and they seem to mean it", but then lately over to "maybe kinda not trust" - but this throws them all the way right through to "trust less that Microsoft, and no where f***** near as trustworthy as Yahoo".
I will not under any circumstances ever trust them with anything important ever again.
7-11 speakout baby. Pre-paid that don't expire for one year. If you top up, all minutes roll over to one more year. I can't recall what the minimum purchase is, probably $25, and there's a minimum $1/mo 911 charge, so that's the base.
> This sort of atheism is a religious belief system
You are technically correct in that when I go to dictionary.com, the word "religion" as it's defined there could be used to describe ANYTHING. You are using that as an excuse to attempt to surrepticiously equate our logic with your lack of logic, and claim they're the same, or at least imply that our belief system is just as groundless as yours.
This is what you are saying: "Hey look, we've got a belief system, you've got a belief system, that means you're just like us! How dare you criticize our position, how dare you impune the names of people who have a belief system."
So let's stop using the word religion, as technically you are correct, it clearly does not differentiate the two positions. (( I strongly object to the use of the term Religion to describe my belief system, as it's primary use (despite what dictionaries say) is equated with "belief in imaginary deities", and my belief system clearly does not include that. I strongly object to having my belief system associated with your belief system. That's what calling it "a religion" does. ))
So what shall we call your religion or belief system? I suggest "magic".
What shall we call my religion or belief system? I suggest "science".
There. No way in hell you can claim science is magic and thus suggest we've got anything in common, other than the fact that we both have a "belief system". You believe in magic. I believe in science.
Yeah no shit, EVERYONE's comments and the original ctv article outright Chicken Little in nature. Every single post except yours don't deserve a single damn mod point.
Right now, if you have flu, you have swine flu. Only something like 1/1,000 flu cases is "some other" flu. 99% of all cases tested, test positive for swine flu.
Slashdot Mirror
What?
That is SUCH a horrific comparison.
Backwards compatibility when it comes to roads is:
- keeping them straight
- keeping them a minimum width
- keeping them relatively flat
My car, bicycle, and horse can all travel down a dirt road, a cobbled road, a paved road, and a freeway.
> Do you know who else is great at keeping backwards
> compatibility? Microsoft Windows...and that system
> is fucked up right from the ground.
65% of the entire market, despite it's high cost and "horrible underpinnings". XP alone still commands 22% of the entire desktop market, and I can still run most software released for Windows on it, and vice versa.
The reason most techies have abandoned Firefox?
Firefox deciding AddOn "compatibility" wasn't important.
I'm a software developer, and yes getting to re-write everything and fixing past mistakes* is nice -- but the market and users do not give a damn.
We're not going to use something that keeps "breaking" every 12 months. We're not going to use something that forces us to stop driving cars and go into flight school to learn how to fly some new p.o.s. that's no better than the damn car we just had.
Instead, we'll switch models of cars.
(*) Are you in fact fixing past mistakes? Or are you making new and more horrible ones like Gnome3?
That's neat, but I think calmofthestorm and also I would like to know -- if a semi-hostile, already-complete court order arrives saying "hand over all of your data" -- how do you do backups such that you do NOT have to hand over the backups themselves, and thus not have any ability to continue business?
See what I mean? A court order saying "hand over all data" means we need to hand over backups too. Even worse is if the sherrifs arrive with that order, they're not going to trust you that these two backup tapes are identical and thus leave you with one to continue business.
( Maybe you didn't actually mean this most extreme form of demand ... but just accidentally implied it in your original paragraph.... )
Ooooh, maybe you can help me with something - the manager of our sysadmin group is always harping about "data older than 3 years should be destroyed so your own data can't be used against you".
Do you have any good authoritative references explaining what data should be deleted and when, and what other types of data should be "kept forever" and why?
I mean a best practices or published book or something. Something that is a distillation of what everyone else has learned, not merely professional opinions that can be "argued for and against"...
So... reading up on this stuff... it's *very* clear that what they are talking about is an RFID tag.
Yay, put rfid tags everywhere and have everyone tap their phones against them to "receive information". ...and who determines what information is transferred back and forth and what types of exploitable holes are there in their protocol?
WAIT wait wait. What the researcheres in Korea "discovered" is how to PRINT rfid tags with magnetic inks.
Jeezus, this is what you get when you cross marketing droids with non-technical reporters in news organizations.
This whole slashdot article should be deleted. And the BBC should be ashamed, aren't there some PhDs driving cabs that they could hire to cover their technology news stories?
Dry cask storage on site seems pretty interesting.
http://en.wikipedia.org/wiki/Dry_cask_storage
Neat thing about is you don't have to go through 10 years of environmental reviews just to get it torpedoed by NIMBYs, and you know what, I like the idea of having that stuff above ground and *easy* to monitor and remediate. (The only negative is that it assumes that our high-tech society holds together for the long long term...)
> I believe other uranium mines in Canada were also in bedrock, but could be mistaken
No such luck at the big mines in Saskatchewan - all sandstone containing high pressure water. They've had three floods at the Cigar Lake mine, one of which might have caused the global spike in uranium prices in 2006, and the flood just last year has again prevented production from starting.
http://en.wikipedia.org/wiki/Cigar_Lake_Mine
http://www.canada.com/edmontonjournal/news/story.html?id=bc3d9f35-ab74-4235-a751-1bdf904fad96&k=88454
> I can even be my own single sign on service provider if I have my own domain name.
But Google and Yahoo and Facebook and Twitter are NOT going to allow you to use a *different* service to authenticate your sessions with them, not your own service provider and *certainly* not each other.
Because THEY want the monopoly position, and they don't want people to NOT create an account with them.
And that's why SSO will never fly. The websites that "matter" won't let us do what we want, and N of us will not have a google account (not since they went to the dark side and/or are based in the USA), and M of us won't touch facebook with a 1000 foot pole.
And if the techies won't use something, the millions of techies won't tell their non-techie friends and relatives to use it either. End of story.
No shit. Look at this pile of b.s.:
> is that when silvery metal thorium is heated by an external source, it becomes so dense its molecules give off considerable heat.
>
> Small blocks of thorium generate heat surges that are configured as a thorium-based laser
[MSc Physics] WHAT?!??? [/MSc]
I'm on your side, I am, but I'm seeing more and more things that make me think the Germans do in fact know what they're talking about. (Hey, they've always been good with technology and engineering).
> Wind .. requires vast area to harness it.
Have you taken a train ride across Germany any time in the past 5 years? Their countryside is jam packed with 2MW windmills. http://en.wikipedia.org/wiki/Wind_power_in_Germany
> Solar ...requires vast areas to harness it.
http://imgur.com/nu9D7 and they're installing 7GW more each year.
Are you sure they can't use natural gas to backfill? Russia provides huge amounts of it to Europe...
> they are trying to control the food supply ... like a Mafia every time you take a bite of food
Those bits are gross hyperbole and utter BS. The mafia force you to pay them or else you're not allowed to eat at all.
If Monsanto can invent a form of potatos that have a 50% higher yield, why shouldn't they be allowed to take 20% of that as profit, and we end up with 30% cheaper potatos? Or 50% more potatos for just 20% more cost?
If you don't want to use Monsanto potatos, don't. They can't force you to pay them. Even without labelling laws (which I'd support btw), you just have to go to the nearest farmers market and there's tons of people selling non-monsanto product. Enough people do that and supermarkets will be forced to sell non-monsanto product too, labelling laws or not.
And, after saying all that, I'd still agree that Monsanto is much ... "too evil" ... for a corporation. But stick to facts, not gross hyperbole.
Very true. But this bit:
> "..buyers of used gear typically have to send the product in for inspection by Cisco before they can purchase a new contract, which can be an expensive process" ..sounds a bit anti-competitive (or something), effectively making it impossible to sell or buy used cisco hardware.
The right responsible thing for website and application developers/owners to do is NOT allow users to create their own passwords. Generate one for them.
But that doesn't mean the passwords have to be hard to remember. Four randomly chosen 3-5 character words from the standard 25k word dictionary on Solaris is identical in strength to an 8 character purely random password that that uses all possible keyboard characters (26 lower case, 26 uppper case, 10 numbers, 12 special characters). Three of those is identical in strength to a 6 character password, which is certainly far more secure than 95% of the stuff I see people using, even "professionals".
ex: fuse larva elite scare
Question -- why doesn't Firefox or Windows or Linux come with a little application that GENERATES a secure password for the user? Why do people who make operating systems and Browsers expect USERS to generate passwords themselves, and then you wonder why they are so insecure?
In my professional opinion -- the professionals are to blame.
*** WHERE is an average user supposed to get a properly generated secure password? ***
Linux has a perfectly good random number generator based on proper entropy collection, does Windows? Unfortunately, neither is usable as is by an end user. Don't point me to some idiot website run by who knows who. Unless someone big like google or yahoo have an SSL page that I know I can trust to have done it right and/or not be tracking IPs and passwords for latter exposure.
(Disclaimer - I am a professional, and in the small company that I work at, I've been slowly eliminating all of the "luser generated" passwords for quite some time now, and forcing them to use ones that have been properly generated.)
The second thing to do would be to get things like OpenID working and make users aware of them, do things to encourage them to use it. Unfortunately I tried to use OpenID myself (as a user) a year ago -- and I was *really* unhappy with how hard it was. There's no way in hell I can recommend friends and family to use it. There's huge usability problems with it impo. It requires way way too much expertise and willingness to screw around.
We need something conceptually simple to USE, but that still doesn't present a single target that would result in all of the end user's accounts being violated if a single site is penetrated. This is an excercise left to the reader. :)
And for every one instance of that, how many other homeowners and/or their family members were killed by return gunfire from the rest of the officers on scene?
I wonder how long it would take with dtrace/truss/strace/etc to build a similar tool on Unix/Linux.
(( Sorry for the quick re-reply (Slashdot, isn't it time for an edit button?) ))
> The bottom line is that Windows was never designed to be secure
Oooh, that makes me wonder. Can Linux/Solaris/Unix be attacked *simply* using the PATH environment variable? Forget limiting the attack to shared objects, anything that is loaded or exec'd by any other binary/scripts.
The complicated thing is many applications build their own PATHs, and you're looking for a directory on that path that is writable to whatever user you are, one that you can put a file that doesn't yet appear that high up on the PATH.
Which suddenly makes it brilliantly clear that perhaps this isn't an OS problem. Not unless you're going to ALSO blame all the Unix/Linux authors 10-40 years ago for "(not) consider(ing) security at all when (using PATHs)", and for somehow magically making sure applications and installers don't accidentially leave directories writable by other users.
It used to be an important/useful feature of the web/html -- until "website designers" decided that they didn't like the look and started making certain that all links looked the same, and other things that also made it stop working.
I have a question - why the ****** does a website need to have/see/retreive the list of URLs I've been at in order to do this - coloring links is a browser side feature! The only thing a website needs to do is suggest which colors to use for said links.
This was grossly unintentional right? Someone didn't choose to implement this specific behaviour, right?
PPphhht, *I* properly encrypt my data.
I only use a bootable encrypted USB key to do my online banking - and that's the only thing I used that OS image for. It'd be a pain shutting down your home PC while you boot to the secure environment just to check the e-mail...
Another option, boot from a read-only CDR of Knoppix.
In both cases you will have to go an extra step to ensure the Linux firewall is up by default and root gets assigned a password, and that the OS doesn't automatically find and use a local HDD linux swap partition for swap space, as that would "leak" unencrypted data to the local hard disk. With the USB key OS that's easy, as it can persist itself, but you'd have to re-master/re-image Knoppix to get it to do that. Coming up on a strange network with no firewall and a blank root password -- bad idea...
I really liked "Dies the Fire", by S.M. Stirling. In it some of the constants of nature change - and even combustion is affected - no more electricity, gunpowder, explosives, or combustion engines, etc. (Although I think they could perhaps make gunpowder out of former-explosives, but so far as I've read in the ensuing series they haven't hit on that idea yet)
A bit more survivalist and post-apocalyptic semi-fantasy in nature, but I suppose most such books are.
I deleted my gmail account as soon as I heard about the horrific gross absent-minded violation of my privacy. "fixing things after the fact" doesn't cut it when it comes to things like this. If they're this utterly stupid once, then they'll be this stupid again.
Seriously, google at one time was "I trust them more than anyone, do no evil and they seem to mean it", but then lately over to "maybe kinda not trust" - but this throws them all the way right through to "trust less that Microsoft, and no where f***** near as trustworthy as Yahoo".
I will not under any circumstances ever trust them with anything important ever again.
7-11 speakout baby. Pre-paid that don't expire for one year. If you top up, all minutes roll over to one more year. I can't recall what the minimum purchase is, probably $25, and there's a minimum $1/mo 911 charge, so that's the base.
..how will you feel when they tell you -- it wasn't a game!
Or when the old fogey in the space car comes to get you, because you're the best and only you can command the fleet and save the galaxy?
> This sort of atheism is a religious belief system
You are technically correct in that when I go to dictionary.com, the word "religion" as it's defined there could be used to describe ANYTHING. You are using that as an excuse to attempt to surrepticiously equate our logic with your lack of logic, and claim they're the same, or at least imply that our belief system is just as groundless as yours.
This is what you are saying: "Hey look, we've got a belief system, you've got a belief system, that means you're just like us! How dare you criticize our position, how dare you impune the names of people who have a belief system."
So let's stop using the word religion, as technically you are correct, it clearly does not differentiate the two positions. (( I strongly object to the use of the term Religion to describe my belief system, as it's primary use (despite what dictionaries say) is equated with "belief in imaginary deities", and my belief system clearly does not include that. I strongly object to having my belief system associated with your belief system. That's what calling it "a religion" does. ))
So what shall we call your religion or belief system? I suggest "magic".
What shall we call my religion or belief system? I suggest "science".
There. No way in hell you can claim science is magic and thus suggest we've got anything in common, other than the fact that we both have a "belief system". You believe in magic. I believe in science.
Where have you been?
http://images.google.com/images?q=coast%20guard%20submersible
Yeah no shit, EVERYONE's comments and the original ctv article outright Chicken Little in nature. Every single post except yours don't deserve a single damn mod point.
Have you not looked at the raw statistics?
Right now, if you have flu, you have swine flu. Only something like 1/1,000 flu cases is "some other" flu. 99% of all cases tested, test positive for swine flu.