Suicide is unfortunetly very common. My mum was a whole mix of things, including a schizo. About 6 or 7 of her friends committed suicide, and a few others 'attempted'. (attempted in quotes because often it's a cry of help rather than a serious attempt.)
I think you misread what he was saying. He said that the belief of the value of P for a weak agnostic has to be >50%. Not exactly 50%. So someone who thought that there was a 1% belief of there being a God would count as an agnostic.
My problem with saying that I'm agnostic, is that it seems to imply that I'm assigning equal probability to the existance of God, and nonexistance.
Take the realm of unicorns. I do think there are unicorns, but I suppose that there is a non-zero chance that there is one in the forests somewhere, magical and all. After all, we cannot disprove it since we can argue that magic keeps it hidden.
Does that make me unicorn-agnostic, or unicorn-athiest, so to speak.
Perhaps I should have phrased it better, and said "Where are the practical security flaws in that?".
I compared it to windows security because what you would need to do is very similiar. In both cases you would have to somehow crack into the cvs server, modify it without being noticed, and then that code being pulled downstream into a package.
Yes it could be done, but there's no weakness in this system that isn't in the system already. It's no less secure than it is as the moment.
Perhaps I should have said "What new security flaws does this easy and automated system introduce?"
people can break into debian servers all they want. They still can't put up their own package that will be downloaded and installed. The debian developers are extremely anal about security.
I'm not talking about whether is it theoritcally possible to crack the system - of course it is. But realistically, I think it's going to be very difficult for someone to.
Theoritically you could put a back door in the MS Windows's source code. But it's going to be damn difficult to do so.
The program is in the distribution. I keep saying this. For something like this, it's going to be extremely difficult to get a backdoor in. Take debian for example. Something like this is going to have it's source code checked over before it's signed. It's going to be very difficult to get a hacked packaged signed by a debian developer.
So far, I don't think any cracked package has ever managed to make it into debian.
We were talking about the program getting them automatically. There is no threat of someone just creating a key and signing against it. The program will check the signature and know it's not trusted.
How exactly do you do step 2? And if it's easy, why hasn't anyone managed to get any of the 800 or so debian developers private keys and signed a bad package.
You have the distro come with a pgp key, the drivers are signed against that, and put on some website. The url of that website is also put in the tools. The tools grab the ID's of your hardware, grab the ID's of the supported hardware on the remote site, compare them, and download the drivers where they match.
You check the signed drivers, and install.
Where are the security flaws in that extremely easy and automated system?
"MS thinks they're the ones who ``embrace and extend''? HA! OSS has been doing this for years, far more efficiently than MS has."
Hmm. The term "embrace and extend" generally refers to the practice of taking on standard, and extending it to break it. For example the various extensions to html, kerbaros, javascript, java, etc etc.
It is much harder to accuse open source of the same thing.
Say that MS managed to stop all the kids from writing viruses due to fear of being caught. The incentive for them to secure the system goes down a lot. This could mean that when there is a new virus, it's going to be a lot more damaging due to more lax security.
Well one cool thing is compiling to native code. Another is being able to do optimisations to make it run faster than sun's. (Stuff like zero-copy which sun can't be bothered to do)
The situation is much worse than that. You get can get fined a _lot_ more (tripple I think) if it can be shown that you infringe on a patent knowingly. This includes if your developers are shown to have looked through the patent database and read the patent (and then perhaps decided it didn't apply, or didn't read it right, etc).
well what about parrot? That's a very advanced VM that's comming along nicely, and more powerful than.net or java. (More powerful being of course subject, but.net and java are designed for statically typed languages, as opposed to parrot which is for perl and python and other scripting, dynamically typed, languages.)
Slashdot Mirror
Suicide is unfortunetly very common.
:-\
My mum was a whole mix of things, including a schizo. About 6 or 7 of her friends committed suicide, and a few others 'attempted'. (attempted in quotes because often it's a cry of help rather than a serious attempt.)
Very scary shit for me.
If I remember correctly, in art, even if you buy a masterpiece, you are still not allowed to damage/destroy it.
I disagree. It shows his angle and his feelings.
indeed. see my sig.
(out of curiosity, did you find that out from my sig?)
I think you misread what he was saying. He said that the belief of the value of P for a weak agnostic has to be >50%. Not exactly 50%. So someone who thought that there was a 1% belief of there being a God would count as an agnostic.
But say P is the probability that you feel that there is a God.
So you say when P = 0, you're an athiest.
When P != 0, you're agnostic.
But what about as P tends to zero?
So P = 0.00000001 still makes me agnostic, but that last little push to P = 0 makes me athiest..
I think that the only sensible way to define agnostic is when P > say 0.01 or something, and define athiest is P 0.01
My problem with saying that I'm agnostic, is that it seems to imply that I'm assigning equal probability to the existance of God, and nonexistance.
Take the realm of unicorns. I do think there are unicorns, but I suppose that there is a non-zero chance that there is one in the forests somewhere, magical and all. After all, we cannot disprove it since we can argue that magic keeps it hidden.
Does that make me unicorn-agnostic, or unicorn-athiest, so to speak.
If I look at stolen code, then write my own version, then my own version is totally legit?
Perhaps I should have phrased it better, and said "Where are the practical security flaws in that?".
I compared it to windows security because what you would need to do is very similiar. In both cases you would have to somehow crack into the cvs server, modify it without being noticed, and then that code being pulled downstream into a package.
Yes it could be done, but there's no weakness in this system that isn't in the system already. It's no less secure than it is as the moment.
Perhaps I should have said "What new security flaws does this easy and automated system introduce?"
wouldn't the comparision be to not read stolen books, and not listen to stolen music?
people can break into debian servers all they want. They still can't put up their own package that will be downloaded and installed.
The debian developers are extremely anal about security.
I'm not talking about whether is it theoritcally possible to crack the system - of course it is.
But realistically, I think it's going to be very difficult for someone to.
Theoritically you could put a back door in the MS Windows's source code. But it's going to be damn difficult to do so.
Don't touch it, don't see it, don't breathe near it, if you ever plan on contributing to linux.
Leaked code is very dangerous to open source software.
The program is in the distribution. I keep saying this.
For something like this, it's going to be extremely difficult to get a backdoor in.
Take debian for example. Something like this is going to have it's source code checked over before it's signed. It's going to be very difficult to get a hacked packaged signed by a debian developer.
So far, I don't think any cracked package has ever managed to make it into debian.
We were talking about the program getting them automatically.
There is no threat of someone just creating a key and signing against it. The program will check the signature and know it's not trusted.
I specifically said that the the signature would be checked against the public key that would come as part of the distro.
Why? Can't they just fine the owner of the car, and let them sort it out?
How exactly do you do step 2?
And if it's easy, why hasn't anyone managed to get any of the 800 or so debian developers private keys and signed a bad package.
I agree that they are not mutually exclusive.
You have the distro come with a pgp key, the drivers are signed against that, and put on some website. The url of that website is also put in the tools. The tools grab the ID's of your hardware, grab the ID's of the supported hardware on the remote site, compare them, and download the drivers where they match.
You check the signed drivers, and install.
Where are the security flaws in that extremely easy and automated system?
"MS thinks they're the ones who ``embrace and extend''? HA! OSS has been doing this for years, far more efficiently than MS has."
Hmm. The term "embrace and extend" generally refers to the practice of taking on standard, and extending it to break it. For example the various extensions to html, kerbaros, javascript, java, etc etc.
It is much harder to accuse open source of the same thing.
Also imagine a viruses like real world viruses.
Say that MS managed to stop all the kids from writing viruses due to fear of being caught. The incentive for them to secure the system goes down a lot.
This could mean that when there is a new virus, it's going to be a lot more damaging due to more lax security.
Well one cool thing is compiling to native code. Another is being able to do optimisations to make it run faster than sun's. (Stuff like zero-copy which sun can't be bothered to do)
The situation is much worse than that.
You get can get fined a _lot_ more (tripple I think) if it can be shown that you infringe on a patent knowingly.
This includes if your developers are shown to have looked through the patent database and read the patent (and then perhaps decided it didn't apply, or didn't read it right, etc).
This is flaimbait.
Why would saying that poor countries pirate more be racist? It's economics, not race.
It's been brought up lots of times, and indeed there are patches in the wild that do it.
As far as I understand it, it's not that good.
It's possible to get round, and so it's only use would be to obscure things.
well what about parrot? That's a very advanced VM that's comming along nicely, and more powerful than .net or java. (More powerful being of course subject, but .net and java are designed for statically typed languages, as opposed to parrot which is for perl and python and other scripting, dynamically typed, languages.)