Don't split hairs--read through some of my other commentary (click my name, click comments) and you'll see that I feel differently. If you're willing to instead jump to inane conclusions, I guess I can't help you out there.
That said, it wasn't my intention to make it sound like it's WikiLeak's fault; I just happen to find it much easier to refer to this particular fiasco as the "WikiLeaks fiasco," because there are so many stupid things the US government has done this year that it's almost hard to keep track of. So in that case, yes, I apologize for being specific about which fiasco I was referring to. How horrible that I would dare clarify anything in particular. Oh, the horror.
Ultimately, the responsibility of censorship falls on the shoulders of the government. It just so happens that because of this situation, there are a lot of congress critters who are no doubt thinking that they can take advantage of this to push for stricter regulations on the flow of information. That isn't WikiLeak's fault, and I'm kind of angry that you'd pin me with blaming it on them.
Okay, I know you posted this earlier and you're an AC (either to troll or to protect your identity--I'm not so bashful) so 1) you've already been lynched by a village of angry Slashdotters and 2) no one's going to bother reading my post, but I feel the need to address these for reasons that are not commonly espoused here on Slashdot. Your post happens to be an excellent one to bounce my thoughts off of to get them out there.
First, I need to get some political disclaimers out of my system (and some of you self-described American liberals will probably mod me down for my honesty):
One, I'm about as right wing, in terms of the American political system, as they come. I'm pro-Second Amendment, I'm a self-described conservative, and I generally find agreement with the majority of conservative pundits--except in some cases. This is one of them.
Two, I think it's fantastic what Assange and WikiLeaks have been doing. I see liberty, freedom of speech, and transparency as an all-or-nothing. You either have it or you don't. Yes, this may present a national security risk, but there are far, far worse things that could have happened (I'll address this in a moment).
Three, WikiLeaks has taught the US government a very important lesson about security, and it is one that I do not think our leadership has fully realized. I'm talking of course about how an enlisted man--a private--was able to gain access to so many secretive diplomatic cables. That alone is lax security, and if nothing else, I think the US government should consider hiring real security consultants to address the system (including people) as a whole. WikiLeaks has done us a favor in terms of exposing a very real flaw in national security protocol, and if we don't fix it, well, we get what we deserve.
The WikiLeaks issue is not nearly as bad as many conservative pundits are making it out to be. Don't listen to Huckabee, Palin, or any of the others. Much of the information that has been released has had identifiable information redacted. Anyone who claims this is putting a great deal of people at risk has either not read any of the releases or is falling for the fear mongering that the US media is insanely good at. (I also suspect that these same people probably feel the TSA really is keeping us safe.) And, really, there's nothing in the leaked cables that didn't surprise me or that I couldn't have already suspected based on my readings elsewhere and discussions with friends and family. The WikiLeaks stuff is interesting, but it isn't ground breaking by any stretch of the imagination. For example, we already knew the US government was insanely paranoid of everyone--the TSA groping and nude scanning pretty well proves this point--it's just enlightening to see how paranoid we are of our own allies. That kinda sucks for those of us who are citizens, because it means that we're liable to move closer toward a police state than we already are. Thank you endemic paranoia.
Secondly, and I think this is important to add, but truly secret information isn't handled in a manner that can be leaked like this. The only thing that was released here was still secret but not-so-secret-that-it-could-still-be-copied diplomatic wires and a few other things. Big deal. It's embarrassing, but I think it's well deserved.
I might also add that if you really want someone to hang for this, you should go after that army private. Going after Assange is just shooting the messenger. What would have happened if that private leaked it instead to the New York Times? To Al Qaida? That it was leaked to WikiLeaks was something of a blessing. Given the journalistic integrity of the US media, I certainly can't believe that they would have given it as much of a fair shake as it has, and I also cannot guarantee that they would have put so much effort into redacting sensitive information as WikiLeaks has. Plus, if he leaked it to the genuine enemies of the free world, all bets would have been off. (I should also add that much of
How long until the US People remember the constitution and their founding fathers' courage and ideas! Get up and let your "representatives" know how you feel about the "Great Chinese Firewall" and censoring of websites in the US...
I'm afraid people are too apathetic to care about a couple hundred year old document anymore. With the unemployment extensions that it sounds like have been granted, even fewer people are going to care.
So long as the average American can put food on the table and (if they're not collecting unemployment) drive to work in the morning, they have no need to be concerned about such things. Sadly.
Its my private and secret hope that Obama is the leaker:)
I wouldn't bet on it. He's too busy taking vacations and playing basketball/golf/whatever to care, and his compatriots are too busy listening to the MPAA/RIAA to do anything else but draft legislation that may drastically shape the face of the Internet in the US.
And mark my words, this WikiLeaks fiasco is going to result in a significant push by both political parties to gain greater control over the Internet.
A ridiculous, trumped up case even under Sweden's somewhat broad definition of rape/sexual assault. And for this he makes Interpol's most wanted list? Something smells awfully fishy....
I've been saying this for a while now, but what they're doing is basically shooting the messenger. The individual who really needs to be dragged through the coals is already in prison, and we're not hearing anything about it precisely because it would probably impact the trial (even though it'll be a military tribunal, of course). I'm talking, of course, of the individual who leaked this information to WikiLeaks.
Something that I haven't heard however is how this has impacted protocol. There's a lot of room for improvement, and this should send a signal to the US military that they've been doing something pretty wrong if one individual could collect all this information.
Well, maybe the handing over thing was part of the transparency -the only way Obamacould do this without getting impeached/court martialled/JFK'ed
I doubt it, because it would be easy to spin these leaks as either 1) an inept administration, 2) a paranoid administration, or 3) an administration that doesn't particularly care and isn't interested in diplomacy (yes, I know, some of these wires are from the Bush administration but that only marginally matters at this point). Personally, I don't think Obama particularly cares.
The only significant use these leaks have for Obama is in 2012. With Hillary as the Secretary of State and most of this burden falling on her, Obama can easily use this against her if she were to choose to run against him. Clinton hinted on a talk show just this last week that this would be her last public stint. I think she sees the writing on the wall--the administration could easily use this against her if she were to try running.
Well, it is a major concern when you have a family. But I would add another reason for this apathy : it's the staggering amount of propaganda by all possible means, in favour of the so-called superiority of liberalism.
You're right. I wish you weren't, but you are.
I'm afraid that the problem is going to be compounded here in the US because of further extensions of the "nanny state" that are intended almost exclusively to create greater dependence upon the government. Such dependence breeds greater apathy, and I'm not really sure we're going to be able to recover. Ever since the "Affordable Healthcare and Patient Protection Act" of this year, (which includes a great deal of new tax legislation--in 2012, the IRS will be forcing 1099 forms to be issued by anyone who receives credit card payments in excess of $600) I think it's become obvious that we here in the US have absolutely no clue whatsoever how to run any kind of social program. We're not even interested in looking at examples overseas, because somehow our notion of what it should involve is clearly superior.
And yet, the population remains blissfully apathetic about what is happening. Sigh.
I guess it's easier to pay a for a few writers of FUD than to actually do good products.
You know, I bet they write that off as advertising costs....I'm not joking.
But yes, absolutely. F/OSS has proven, in my mind, that amazing things can be accomplished by a disparate group of individual volunteers from around the globe. I think that's what has caused a lot of corporations grief that aren't really sure what specifically to do about it (or whether they should adopt it). Yet, the influence of F/OSS has forced a number of those same companies to rethink past strategies (MSIE may be a bad example, but look what Firefox has scared MS into doing--or trying, rather).
IMO, F/OSS represents, really by extension of the Internet, the ultimate human freedom. Free flow of information, free exchange; the only thing halting this progress is the establishment. It's not surprising to me that the COICA and other efforts by the US Congress have been focused on stopping much of this.
They're afraid.
I really wish I knew what the answer was. Thank you for the thought provoking post.
While true, it is not in wikileaks interest for this to become commonly known. Assange's job is to be the shit-shield for wikileaks, while everybody wastes their time hurling smear campaigns and arrest warrants against him, wikileaks is able to continue it's mission as before.
I just really hope you're right, and that they continue operating as before. Originally, I was opposed to some of their methodologies until this incident. Then I realized that a little transparency with the government now and again is a healthy thing. More so if it is a huge embarrassment.
If nothing else, this has simply explained a great deal more about the domestic paranoia the US has demonstrated (with the TSA for example). If we treat foreign policy in this manner, just think of what the domestic wires are like...
"They're all a bunch of terrorists," said one shadowy figure to the other. "Why do you say that, Senator?" asked the other. "Look at them," the first continued, "they're voting; they're practicing their Constitutional rights. By God, I know a terrorist when I see one!"
The only thing preventing me from believing that is the entirety of modern history. If diplomacy wasn't built on lies, it wouldn't break down and cause war all of the time. If everyone knew that that Saddam Hussein was a US henchman, there would be no public support for the Iraq War in 2003. (Support had to be manufactured from forged documents obtained diplomatically from Britain.) If everyone knew that Saudi Arabia was the leading funder of Al Qaeda, we wouldn't be in Afghanistan. We wouldn't have just sold Saudi Arabia sixty billion dollars in advanced weaponry.
I agree with your assertion of Saudi Arabia. I do, however, feel that you're greatly over simplifying the matter with Hussein. Remember: Many of these individuals were the result of US relations in the area largely due to the USSR and the Cold War. Yes, it came back to bite us, but sometimes such policies are generally short sighted at best. I realize that this is how it appears to be today, but it's often very important to take things into the context of history at the time in which they occurred.
Other than that, I generally agree.
You have no reason to plead fealty to power, but you choose to do it out of sheer cowardice and apathy. Apparently your civil liberties will have to be entirely destroyed before you value them again.
Two or three months ago, I would have dismissed you as mildly angsty. Two years ago, I would have dismissed you as insane.
Today, I feel that you're exactly correct. The biggest problem we have here in the US is that the majority of people don't give a damn about anything, so long as they get a pay check, can put food on the table, and can drive to work in the morning. I was sincerely hoping that the idiocy that occurred with the TSA would shock my fellow countrymen into realizing that our government is pushing us closer and closer toward tyranny. This Thanksgiving holiday proved my hope to be misplaced. No one cares.
We have a Constitution--it's the supreme law of the land--but we're ignoring it, our leaders are trampling it, and our judges are dismissing it as invalid. So yes, you're absolutely right. Americans are losing their civil rights every day. Worse, most people actively and openly express that they feel this is a good thing.
You know what really bugs me, though? I was reading the ACLU's response to the TSA stuff, and someone commented on there: "I don't care what they do as long as I'm safe."
I think that should tell you everything you need to know. This is why I feel the WikiLeaks situation is really quite entertaining. It humors me to watch my leadership squirm.
Never have mod points when I really need them. I've never seen people so terrified of the truth since.....well....hmmm.... I'd REALLY like to get a look at those Cheney Energy Task Force documents that they've been hiding from us for 10 years. I can hope that these will be leaked eventually.
What I find funny is that a lot of Americans find this leak to be quite a relief. The only people who seem so pissed off about it are those in positions of power. They don't want us to know the truth, and at this point, I'd expect next year to see increasing pressure on things like the COICA and/or other measures to grant the Federal government the ability to censor information. Can't have the people finding out what their leadership is up to! Even some people on the right of the political spectrum here in the US (*raises hand*) are in favor of what WikiLeaks is doing; although, as I see it, you can't pick and choose your battles in pursuit of liberty, transparency, and fairness. That's why I see this as both hilariously entertaining and, generally, a good thing.
It is comedic to me that the Obama administration has only managed to live up to their promise of offering the most transparent administration in history by way of an Australian foreign national leaking secretive wires that were handed over to him.
It's not so much that the US think little of some European leaders that's the "scandal". That was to be expected, ok? Duh, you could see it in the way they act.
The humorous thing to me, and I'm speaking as an American here, is that the paranoia of the TSA makes a great deal more sense when taken under the context of the WikiLeaks info. If our leadership is this insanely paranoid about other nations, it makes me wonder what they've been saying internally (within our border) about average Americans ("they're all terrorists!"). That's stuff we'll probably never find out, but if it's anything like what's been released...
Like many others, I really wasn't all that surprised with what the WikiLeaks data contained. The releases concerning Iraqi "abuse" were largely just a reflection of the Sunni/Shia split post hand-over and the US forces turning a blind eye (though, really, what could be done once you've officially handed something over?). The more significant abuses (think Abu Ghraib) were fairly well covered by the media and were leaked shortly after discovery; lesser ones, like what was in these leaks, weren't really as bad as some sources claimed. Though, the diplomatic wires were laughable and explain a great deal about what the idiot State Department seems to think of our own allies. Suffice it to say: The only thing that surprises me is how long we kept this under wraps.
Now, ultimately, there's only one person in this world who deserves the justice he'll soon face, and that's the guy who was entrusted with this information who leaked it to Assange. I'm afraid though that this entire effort to arrest Assange is essentially an elaborate witch hunt, because someone, somewhere really wants to shoot the messenger.
I've generally been quite supportive of the US (it's my home after all), but I think we deserve a bit of international embarrassment with the inane antics we've been playing. I can't say we didn't have it coming.
America: We fondle our citizens and make fun of your leaders.
The future won't be decided with a gun, but with a videocam. The winning of hearts and minds by using the massive power of propaganda against the very ones that currently wield it against us. THAT is how you can change things now, not writing some OS that 90%+ won't use because it won't play their game o' the week.
That's actually a brilliant idea. It's a shame we couldn't get some independent director and/or studio to shoot a brief commercial and then pool resources together to show it during prime time television (since most of the population isn't aware of anything unless they're fed the information via TV--sadly). Better yet, make it look like a movie preview with a dark overture of sorts, including the same baritone narration style common to previews. I'd imagine it could start off something like this:
[Camera pans through a dark office complex or government building with people in suits walking passed. Perhaps a gray haired actor playing the part of a high powered government official could be seen shaking hands with a corporate CEO of sorts.]
Narrator: Drafted in the darkest bowels of the US federal government lurks a treaty...
[Scene shifts to a young 13-14 year old boy basking in the soft glow of his monitor.] Boy [sounding panicked]: Oh... no... [The breaking of glass can be heard in the background as his mother screams. Trampling boots thunder through the house before the door to his room is broken down and armed agents grab the child, dragging him away.]
Narrator:...that threatens the very essence of our freedoms.
[Scene shifts to a group of scruffy and clearly homeless individuals gathered around a burning barrel sharing stories.]
Bearded homeless man 1: I remember back when I used to be able to buy anything I wanted on the Internet. Homeless man 2: Yeah, then they took it all away from us for sharing music. Now, we can't even buy groceries. Ol' Jack over here was forced to give up a kidney for sharing a movie, weren't you Jack? *laughter* Homeless woman 1: Oh yeah? They took everything away from me just for feeling up a TSA agent. *more laughter*
--
(Okay, that last part was stretching it a bit.)
Anyway, you see where this is going--and maybe it's even a little overboard. Regardless, I think your idea is excellent! It needs to be professionally produced, written, and directed in order to capture the attention of the average viewer. Then it needs to be posted to Youtube.
The secret to surviving a deer is to drive a truck of 1/2 ton or heavier, with the optional 4X4 package that jacks the truck up a few inches so the deer doesn't go over the hood.
Obligatory warning: The video linked above is pretty graphic as it was captured from the dash cam of a speeding patrol car. In spite of the deer quite literally exploding and its small size, it still does a noticeable amount of damage to the vehicle--and that's in spite of the guard assembly on the front.
I may get modded down for posting this, but I think it's educational. If you doubt that even small deer are potentially hazardous, you really need to watch this.
This is a measure of how much people are talking about a language online, not a measure of how many jobs there are for it. I don't think that there are many jobs available for NXT-G despite it being a fast riser:)
Exactly. Some of the sub-percentile languages only require a small (very marginal) bump or drop in results to affect whether they appear to be rising (or falling) quickly.
Take SAS for example. I'd bet on a small spike for December as the fall semester at universities trails off, and students begin whining about their final projects for classes that require it. (I'm half-joking here, but it ties into the quote above--the TIOBE index is a useful metric but don't base your life choices on it.)
though it burdened Java with kind of a clunky syntax.
It is somewhat humorous that this "clunkyness" is largely due to Java's age and the comparison against newer/cleaner languages recently introduced or gained in popularity. Isn't it funny how retrospect sometimes changes our interpretation all these years later?
I'm also certain that at least part of the success lurks in the JVM's ability to catch a wide assortment of silly mistakes during compilation that several other languages/interpreters/VMs would likely miss. Being garbage collected is also a definite plus (certainly compared to other GCs like CPython's which drives me nuts for long running applications).
Regardless, you're absolutely right. Familiarity is often more important than innovation! (Though innovation disguised by familiarity is often better!)
I have nowhere near a fragment of the experience you do in the realm of application programming. I do want to tip my hat to you for being one of the (few!) sensible voices in this discussion that has unsurprisingly turned anti-Java. (Incidentally, I love the signature link--I recall reading it quite some time ago from another thread you posted in and found it highly entertaining, mostly because it's true!) I suspect I know why...
Being a good language is about getting stuff done not being buzzword compliant or "state of the art". If you judge the worth of a programming language by how cool it is
Zing! You caught it! Ruby fits more or less into this description (especially from the "cool" factor). Yet didn't Twitter migrate their message queuing away from Ruby and into Scala? (Which is just the JVM anyway...) So much for "cool" really making a huge difference...
It's used to actually make large stable systems, not for being pretentious about what whizzy features your language supports.
You make a ton of great points, and I think this one is the best. It's also possibly one of the reasons why some factions really dislike Java. Admittedly, I even fell into that camp when I was first learning it.
But you're absolutely spot on. Java is where it is precisely because of its strong type checking and generally brilliant design. The complaints I see here seem mostly directed toward the "clunkiness" that Java seems to represent, and I think that's more a fault of Java's age--not that I'd really label it as a fault..NET and the CLR regardless of their shortcomings seem to me to be a nod in the direction of Java. That MS jumped onto the bytecode VM bandwagon and borrowed an overwhelming majority of their ideas from the JVM says something about the latter's influence. I know you were probably being modest in this regard, possibly so some of the anti-Java crowd didn't see it as a glaring bias, but Java's influence (and maybe more specifically the JVM's) is understated far too much.
Thanks for the perspective from someone of your esteem! It's educational to me.
However, I wanted to clarify that java being suitable for 3D stuff doet not mean it can do _everything_. I don't think the seismographs that provide input for JavaSeis run java;-)
This actually made me smile, because it reminds me of a story.
When I was an undergrad, I recall an instructor of mine once demonstrating a research project of his that was superficially written entirely in Java. That is, the UI and much of the frontend was Java with the exception of the number crunching libraries. Being as it was a project with a major national laboratory, he and his assistants used Java wrappers around Fortran to interface with libraries (surprise! written in Fortran many years prior) that did the heavy lifting. Unsurprisingly, the Fortran code had changed little over the years and was well-tested, well-established, and very fast. I don't know the specifics since he had merely demonstrated it to us, but I thought it was a pretty impressive display of intelligent code reuse that seems lost on a lot of people these days. It also illustrated that certain domains are better left to certain languages, or more correctly, libraries that have been around long enough to have a highly deterministic and well understood nature when the object of the project isn't necessarily to rewrite everything.
I realize this is slightly tangential to your point, but I wanted to share since I feel it is relevant and maybe vaguely interesting to you.
True, it's an unusual network configuration to be "exposed by default"; however I still haven't seen any rational explanation why "listen on all interfaces" is a better default than "listen only on loopback".
I can think of a number of network-facing software packages in the *nix world that are usually configured, by default, to listen on all interfaces, because that's usually what the end user wants. There are some particular issues I'd like to point out, but if you're feeling exceptionally annoyed you may find it more rewarding to skip to the last paragraph, as I answer more directly (and seriously) your point related to culture. Hopefully, you'll read this and take away some education related to other distributions outside the somewhat walled gardens of Debian. (As an aside, it does bug me that most Debian users tend to feel that Debian is the One True Distro and that differences of opinion to the contrary as expressed via other distributions are therefore wrong; that is the primary reason for my "scathing sarcasm" in an earlier post.)
But be warned! There is sarcasm ahead. You really should skip to the last paragraph.
Because the config file section that needs to be modified has comments explaining the risk? Not everyone is going to go and read external documentation on a piece of software before installing it.
They don't need to read external documentation if the configuration file explains the risks of a particular configuration. Furthermore, that same configuration file is installed with the application; therefore, if they were going to "read external documentation," chances are they'd be doing it after the installation and presumably after they've encountered the warning in the config. Such external documentation may or may not be read anyway since it would appear that opening something as simple as a textual configuration file in one's favorite editor is such a tremendous burden. I cannot imagine what great pains it would place upon the shoulders of such an individual to be forced to read manpages or other informative resources provided by the software developer(s).
Any documentation you read is likely to be helpful, but may refer to paths that are different because the maintainer for your distro's version of the software has changed it; or may be for a different version; or may not have certain patches applied; and may very likely have a different default configuration.
I'm not sure what distros you're using, but most of them tend to ship the manpages that the developer provided with the original distribution whenever you install the package, particularly for most major software. FreeBSD and Gentoo have identical manpages for the current version of Memcached, for instance.
On the other hand, your last point related to "different default configuration[s]" makes me chuckle. Since all distros are different, the only thing you're arguing is in favor of checking the configuration to ensure it does what is expected--which is what the end user should be doing in the first place, particularly in a mixed environment. After all, it might be different!
It's very common for people's first real exposure to the configuration of a piece of a software to come after having installed it from their distribution's repository. It makes sense for that initial configuration to be as conservative as it can reasonably be made, and to guide the administrator through the correct configuration of it to meet their needs.
This point bugs me, because it smacks of the hand-holding the poster you're replying to was stating Gentoo explicitly does NOT do.
First, some education about Memcached: It has no configuration file; those distributions that do provide one provide something that is effectively a wrapper around Memcached's command line arguments. Gentoo's configuration file comes largely without configuration (hence
The Gentoo example appears to install a functional but insecure configuration by default. If the user simply starts the service (or possibly reboots the server without doing further configuration and it auto-starts at the next boot), then tests their application, they will be overjoyed that it's working and move on to their next task. The admin may not be aware that memcached is not designed to be exposed directly to the internet.
Insecure is in the eyes of the beholder. If the machine is on a firewalled network (e.g. inaccessible to the outside world) it is secure.
This whole point is moot, however, because Gentoo doesn't start services by default. You have to explicitly start them (that is, manually). Presumably, you understand the security implications of relying on preinstalled configurations to work precisely as expected. If you don't, shame on you and you have no business being a sysadmin in the first place. (No, really, you don't.)
I vehemently disagree on the premise that if someone knows enough to be running Memcached, he or she probably knows and understands enough to configure Memcached appropriately. By default, Memcached on most distributions I've seen is configured to use 64 megs of RAM for caching. If someone needs--really NEEDS--Memcached to be running, 64 megs may or may not suit their needs, so they will likely be reading the configuration file anyway.
FreeBSD goes a step further and reminds users that a particular package has installed a network service that may invoke security implications if it's enabled.
Or, they may doing a small install with the web server being on the same machine, and it may never even occur to them that the software might be listening on all network interfaces (given they've configured their web application to talk it to via loopback). Or, they may have simply had a momentary lapse in concentration and forgotten about it. People are fallible, after all.
Fallible? Certainly. Stupid? Possibly.
If someone is running a web server that is neither firewalled nor correctly configured, they probably shouldn't be running it in the first place. Better yet, they should probably switch to another vendor that takes sufficient precautions to assume the end user is too inept to verify their configurations in the first place. After all, if they're unwilling or unable to bother running something as simple as a firewall, they probably haven't bothered to configure SSH to accept key-based authentication, moved it to another port, and they're very likely to be one user away from having a successful SSH scan hit and possibly root their box. ("But Uncle Joe is really computer literate and wanted a shell! I had no idea he used "asdf" for his login "joe" on every box he connects to!")
As a side note, FreeBSD does roughly the same thing as Gentoo in that it runs Memcached entirely without configuration (meaning attaching to all interfaces) if you launch it from/usr/local/rc.d/memcached. Thusfar, that's two vendors that appear to ascribe to the same notion that correct configuration is the user's responsibility.
I must say that I agree, but I think your disappointment with my "scathing sarcasm" may have colored your opinion of my beliefs.
~8 years is a lot of time. Also, I believe there was another researcher in that third link who mentioned having reported a similar exploit with HCP some years later.
I do think there's plenty of misreporting from both angles. As you're greatly concerned with ad hominem attacks, I'll let you decide the implications of this for yourself.
The Learning Channel is now Tender Loving Care (babies, brides, and bullshit).
Wow, I stand corrected. This entire time, I thought TLC stood for "Terribly Loud Children" since it seems out of control, screaming little brats run rampant all over that stupid channel.
While each of your reasons apply to me for using steam:
a) They regularly have sales, even on relatively new titles.
...is probably the most significant for me, and many of their indie titles are actually quite fun (and inexpensive).
One other reason that comes to mind is the convenience. If I buy something from Steam, I can start downloading it immediately. Gone are the days of spending about twice as much for a boxed copy of a game and having to make a special trip to the local electronics retailer and dealing with such mundane things as a) pedestrians, b) parking, c) grumpy clerks, and d) standing in lines.
Sure, Steam is a form of DRM. Sure, if Valve goes under we're all screwed, but I suppose those are the risks you take for convenience. I really dislike some of the local chain retailers, so it's a win for me! (Mind you, I absolutely refuse to buy any Ubisoft titles via Steam--two levels of DRM seems a little... excessive to me.
Slashdot Mirror
Don't split hairs--read through some of my other commentary (click my name, click comments) and you'll see that I feel differently. If you're willing to instead jump to inane conclusions, I guess I can't help you out there.
That said, it wasn't my intention to make it sound like it's WikiLeak's fault; I just happen to find it much easier to refer to this particular fiasco as the "WikiLeaks fiasco," because there are so many stupid things the US government has done this year that it's almost hard to keep track of. So in that case, yes, I apologize for being specific about which fiasco I was referring to. How horrible that I would dare clarify anything in particular. Oh, the horror.
Ultimately, the responsibility of censorship falls on the shoulders of the government. It just so happens that because of this situation, there are a lot of congress critters who are no doubt thinking that they can take advantage of this to push for stricter regulations on the flow of information. That isn't WikiLeak's fault, and I'm kind of angry that you'd pin me with blaming it on them.
Okay, I know you posted this earlier and you're an AC (either to troll or to protect your identity--I'm not so bashful) so 1) you've already been lynched by a village of angry Slashdotters and 2) no one's going to bother reading my post, but I feel the need to address these for reasons that are not commonly espoused here on Slashdot. Your post happens to be an excellent one to bounce my thoughts off of to get them out there.
First, I need to get some political disclaimers out of my system (and some of you self-described American liberals will probably mod me down for my honesty):
One, I'm about as right wing, in terms of the American political system, as they come. I'm pro-Second Amendment, I'm a self-described conservative, and I generally find agreement with the majority of conservative pundits--except in some cases. This is one of them.
Two, I think it's fantastic what Assange and WikiLeaks have been doing. I see liberty, freedom of speech, and transparency as an all-or-nothing. You either have it or you don't. Yes, this may present a national security risk, but there are far, far worse things that could have happened (I'll address this in a moment).
Three, WikiLeaks has taught the US government a very important lesson about security, and it is one that I do not think our leadership has fully realized. I'm talking of course about how an enlisted man--a private--was able to gain access to so many secretive diplomatic cables. That alone is lax security, and if nothing else, I think the US government should consider hiring real security consultants to address the system (including people) as a whole. WikiLeaks has done us a favor in terms of exposing a very real flaw in national security protocol, and if we don't fix it, well, we get what we deserve.
The WikiLeaks issue is not nearly as bad as many conservative pundits are making it out to be. Don't listen to Huckabee, Palin, or any of the others. Much of the information that has been released has had identifiable information redacted. Anyone who claims this is putting a great deal of people at risk has either not read any of the releases or is falling for the fear mongering that the US media is insanely good at. (I also suspect that these same people probably feel the TSA really is keeping us safe.) And, really, there's nothing in the leaked cables that didn't surprise me or that I couldn't have already suspected based on my readings elsewhere and discussions with friends and family. The WikiLeaks stuff is interesting, but it isn't ground breaking by any stretch of the imagination. For example, we already knew the US government was insanely paranoid of everyone--the TSA groping and nude scanning pretty well proves this point--it's just enlightening to see how paranoid we are of our own allies. That kinda sucks for those of us who are citizens, because it means that we're liable to move closer toward a police state than we already are. Thank you endemic paranoia.
Secondly, and I think this is important to add, but truly secret information isn't handled in a manner that can be leaked like this. The only thing that was released here was still secret but not-so-secret-that-it-could-still-be-copied diplomatic wires and a few other things. Big deal. It's embarrassing, but I think it's well deserved.
I might also add that if you really want someone to hang for this, you should go after that army private. Going after Assange is just shooting the messenger. What would have happened if that private leaked it instead to the New York Times? To Al Qaida? That it was leaked to WikiLeaks was something of a blessing. Given the journalistic integrity of the US media, I certainly can't believe that they would have given it as much of a fair shake as it has, and I also cannot guarantee that they would have put so much effort into redacting sensitive information as WikiLeaks has. Plus, if he leaked it to the genuine enemies of the free world, all bets would have been off. (I should also add that much of
I'm afraid people are too apathetic to care about a couple hundred year old document anymore. With the unemployment extensions that it sounds like have been granted, even fewer people are going to care.
So long as the average American can put food on the table and (if they're not collecting unemployment) drive to work in the morning, they have no need to be concerned about such things. Sadly.
I wouldn't bet on it. He's too busy taking vacations and playing basketball/golf/whatever to care, and his compatriots are too busy listening to the MPAA/RIAA to do anything else but draft legislation that may drastically shape the face of the Internet in the US.
And mark my words, this WikiLeaks fiasco is going to result in a significant push by both political parties to gain greater control over the Internet.
I've been saying this for a while now, but what they're doing is basically shooting the messenger. The individual who really needs to be dragged through the coals is already in prison, and we're not hearing anything about it precisely because it would probably impact the trial (even though it'll be a military tribunal, of course). I'm talking, of course, of the individual who leaked this information to WikiLeaks.
Something that I haven't heard however is how this has impacted protocol. There's a lot of room for improvement, and this should send a signal to the US military that they've been doing something pretty wrong if one individual could collect all this information.
I doubt it, because it would be easy to spin these leaks as either 1) an inept administration, 2) a paranoid administration, or 3) an administration that doesn't particularly care and isn't interested in diplomacy (yes, I know, some of these wires are from the Bush administration but that only marginally matters at this point). Personally, I don't think Obama particularly cares.
The only significant use these leaks have for Obama is in 2012. With Hillary as the Secretary of State and most of this burden falling on her, Obama can easily use this against her if she were to choose to run against him. Clinton hinted on a talk show just this last week that this would be her last public stint. I think she sees the writing on the wall--the administration could easily use this against her if she were to try running.
You're right. I wish you weren't, but you are.
I'm afraid that the problem is going to be compounded here in the US because of further extensions of the "nanny state" that are intended almost exclusively to create greater dependence upon the government. Such dependence breeds greater apathy, and I'm not really sure we're going to be able to recover. Ever since the "Affordable Healthcare and Patient Protection Act" of this year, (which includes a great deal of new tax legislation--in 2012, the IRS will be forcing 1099 forms to be issued by anyone who receives credit card payments in excess of $600) I think it's become obvious that we here in the US have absolutely no clue whatsoever how to run any kind of social program. We're not even interested in looking at examples overseas, because somehow our notion of what it should involve is clearly superior.
And yet, the population remains blissfully apathetic about what is happening. Sigh.
You know, I bet they write that off as advertising costs. ...I'm not joking.
But yes, absolutely. F/OSS has proven, in my mind, that amazing things can be accomplished by a disparate group of individual volunteers from around the globe. I think that's what has caused a lot of corporations grief that aren't really sure what specifically to do about it (or whether they should adopt it). Yet, the influence of F/OSS has forced a number of those same companies to rethink past strategies (MSIE may be a bad example, but look what Firefox has scared MS into doing--or trying, rather).
IMO, F/OSS represents, really by extension of the Internet, the ultimate human freedom. Free flow of information, free exchange; the only thing halting this progress is the establishment. It's not surprising to me that the COICA and other efforts by the US Congress have been focused on stopping much of this.
They're afraid.
I really wish I knew what the answer was. Thank you for the thought provoking post.
I just really hope you're right, and that they continue operating as before. Originally, I was opposed to some of their methodologies until this incident. Then I realized that a little transparency with the government now and again is a healthy thing. More so if it is a huge embarrassment.
If nothing else, this has simply explained a great deal more about the domestic paranoia the US has demonstrated (with the TSA for example). If we treat foreign policy in this manner, just think of what the domestic wires are like...
"They're all a bunch of terrorists," said one shadowy figure to the other.
"Why do you say that, Senator?" asked the other.
"Look at them," the first continued, "they're voting; they're practicing their Constitutional rights. By God, I know a terrorist when I see one!"
I agree with your assertion of Saudi Arabia. I do, however, feel that you're greatly over simplifying the matter with Hussein. Remember: Many of these individuals were the result of US relations in the area largely due to the USSR and the Cold War. Yes, it came back to bite us, but sometimes such policies are generally short sighted at best. I realize that this is how it appears to be today, but it's often very important to take things into the context of history at the time in which they occurred.
Other than that, I generally agree.
Two or three months ago, I would have dismissed you as mildly angsty. Two years ago, I would have dismissed you as insane.
Today, I feel that you're exactly correct. The biggest problem we have here in the US is that the majority of people don't give a damn about anything, so long as they get a pay check, can put food on the table, and can drive to work in the morning. I was sincerely hoping that the idiocy that occurred with the TSA would shock my fellow countrymen into realizing that our government is pushing us closer and closer toward tyranny. This Thanksgiving holiday proved my hope to be misplaced. No one cares.
We have a Constitution--it's the supreme law of the land--but we're ignoring it, our leaders are trampling it, and our judges are dismissing it as invalid. So yes, you're absolutely right. Americans are losing their civil rights every day. Worse, most people actively and openly express that they feel this is a good thing.
You know what really bugs me, though? I was reading the ACLU's response to the TSA stuff, and someone commented on there: "I don't care what they do as long as I'm safe."
I think that should tell you everything you need to know. This is why I feel the WikiLeaks situation is really quite entertaining. It humors me to watch my leadership squirm.
What I find funny is that a lot of Americans find this leak to be quite a relief. The only people who seem so pissed off about it are those in positions of power. They don't want us to know the truth, and at this point, I'd expect next year to see increasing pressure on things like the COICA and/or other measures to grant the Federal government the ability to censor information. Can't have the people finding out what their leadership is up to! Even some people on the right of the political spectrum here in the US (*raises hand*) are in favor of what WikiLeaks is doing; although, as I see it, you can't pick and choose your battles in pursuit of liberty, transparency, and fairness. That's why I see this as both hilariously entertaining and, generally, a good thing.
It is comedic to me that the Obama administration has only managed to live up to their promise of offering the most transparent administration in history by way of an Australian foreign national leaking secretive wires that were handed over to him.
The humorous thing to me, and I'm speaking as an American here, is that the paranoia of the TSA makes a great deal more sense when taken under the context of the WikiLeaks info. If our leadership is this insanely paranoid about other nations, it makes me wonder what they've been saying internally (within our border) about average Americans ("they're all terrorists!"). That's stuff we'll probably never find out, but if it's anything like what's been released...
Like many others, I really wasn't all that surprised with what the WikiLeaks data contained. The releases concerning Iraqi "abuse" were largely just a reflection of the Sunni/Shia split post hand-over and the US forces turning a blind eye (though, really, what could be done once you've officially handed something over?). The more significant abuses (think Abu Ghraib) were fairly well covered by the media and were leaked shortly after discovery; lesser ones, like what was in these leaks, weren't really as bad as some sources claimed. Though, the diplomatic wires were laughable and explain a great deal about what the idiot State Department seems to think of our own allies. Suffice it to say: The only thing that surprises me is how long we kept this under wraps.
Now, ultimately, there's only one person in this world who deserves the justice he'll soon face, and that's the guy who was entrusted with this information who leaked it to Assange. I'm afraid though that this entire effort to arrest Assange is essentially an elaborate witch hunt, because someone, somewhere really wants to shoot the messenger.
I've generally been quite supportive of the US (it's my home after all), but I think we deserve a bit of international embarrassment with the inane antics we've been playing. I can't say we didn't have it coming.
America: We fondle our citizens and make fun of your leaders.
There you go! It could cut to another scene where the kid's mother is visiting him in the hospital after hocking his organs.
I hear they're saving that for the second edition.
That's actually a brilliant idea. It's a shame we couldn't get some independent director and/or studio to shoot a brief commercial and then pool resources together to show it during prime time television (since most of the population isn't aware of anything unless they're fed the information via TV--sadly). Better yet, make it look like a movie preview with a dark overture of sorts, including the same baritone narration style common to previews. I'd imagine it could start off something like this:
[Camera pans through a dark office complex or government building with people in suits walking passed. Perhaps a gray haired actor playing the part of a high powered government official could be seen shaking hands with a corporate CEO of sorts.]
Narrator: Drafted in the darkest bowels of the US federal government lurks a treaty...
[Scene shifts to a young 13-14 year old boy basking in the soft glow of his monitor.]
Boy [sounding panicked]: Oh... no...
[The breaking of glass can be heard in the background as his mother screams. Trampling boots thunder through the house before the door to his room is broken down and armed agents grab the child, dragging him away.]
Narrator: ...that threatens the very essence of our freedoms.
[Scene shifts to a group of scruffy and clearly homeless individuals gathered around a burning barrel sharing stories.]
Bearded homeless man 1: I remember back when I used to be able to buy anything I wanted on the Internet.
Homeless man 2: Yeah, then they took it all away from us for sharing music. Now, we can't even buy groceries. Ol' Jack over here was forced to give up a kidney for sharing a movie, weren't you Jack?
*laughter*
Homeless woman 1: Oh yeah? They took everything away from me just for feeling up a TSA agent.
*more laughter*
--
(Okay, that last part was stretching it a bit.)
Anyway, you see where this is going--and maybe it's even a little overboard. Regardless, I think your idea is excellent! It needs to be professionally produced, written, and directed in order to capture the attention of the average viewer. Then it needs to be posted to Youtube.
Don't forget "saving face," which is supremely important in Asian cultures.
Though I suspect China might just laugh Facebook out the door if they were to slap 'em with a fee...
Or hit a smaller deer:
http://www.youtube.com/watch?v=WGTbJs2RqPQ
Obligatory warning: The video linked above is pretty graphic as it was captured from the dash cam of a speeding patrol car. In spite of the deer quite literally exploding and its small size, it still does a noticeable amount of damage to the vehicle--and that's in spite of the guard assembly on the front.
I may get modded down for posting this, but I think it's educational. If you doubt that even small deer are potentially hazardous, you really need to watch this.
Exactly. Some of the sub-percentile languages only require a small (very marginal) bump or drop in results to affect whether they appear to be rising (or falling) quickly.
Take SAS for example. I'd bet on a small spike for December as the fall semester at universities trails off, and students begin whining about their final projects for classes that require it. (I'm half-joking here, but it ties into the quote above--the TIOBE index is a useful metric but don't base your life choices on it.)
It is somewhat humorous that this "clunkyness" is largely due to Java's age and the comparison against newer/cleaner languages recently introduced or gained in popularity. Isn't it funny how retrospect sometimes changes our interpretation all these years later?
I'm also certain that at least part of the success lurks in the JVM's ability to catch a wide assortment of silly mistakes during compilation that several other languages/interpreters/VMs would likely miss. Being garbage collected is also a definite plus (certainly compared to other GCs like CPython's which drives me nuts for long running applications).
Regardless, you're absolutely right. Familiarity is often more important than innovation! (Though innovation disguised by familiarity is often better!)
I have nowhere near a fragment of the experience you do in the realm of application programming. I do want to tip my hat to you for being one of the (few!) sensible voices in this discussion that has unsurprisingly turned anti-Java. (Incidentally, I love the signature link--I recall reading it quite some time ago from another thread you posted in and found it highly entertaining, mostly because it's true!) I suspect I know why...
Zing! You caught it! Ruby fits more or less into this description (especially from the "cool" factor). Yet didn't Twitter migrate their message queuing away from Ruby and into Scala? (Which is just the JVM anyway...) So much for "cool" really making a huge difference...
You make a ton of great points, and I think this one is the best. It's also possibly one of the reasons why some factions really dislike Java. Admittedly, I even fell into that camp when I was first learning it.
But you're absolutely spot on. Java is where it is precisely because of its strong type checking and generally brilliant design. The complaints I see here seem mostly directed toward the "clunkiness" that Java seems to represent, and I think that's more a fault of Java's age--not that I'd really label it as a fault. .NET and the CLR regardless of their shortcomings seem to me to be a nod in the direction of Java. That MS jumped onto the bytecode VM bandwagon and borrowed an overwhelming majority of their ideas from the JVM says something about the latter's influence. I know you were probably being modest in this regard, possibly so some of the anti-Java crowd didn't see it as a glaring bias, but Java's influence (and maybe more specifically the JVM's) is understated far too much.
Thanks for the perspective from someone of your esteem! It's educational to me.
This actually made me smile, because it reminds me of a story.
When I was an undergrad, I recall an instructor of mine once demonstrating a research project of his that was superficially written entirely in Java. That is, the UI and much of the frontend was Java with the exception of the number crunching libraries. Being as it was a project with a major national laboratory, he and his assistants used Java wrappers around Fortran to interface with libraries (surprise! written in Fortran many years prior) that did the heavy lifting. Unsurprisingly, the Fortran code had changed little over the years and was well-tested, well-established, and very fast. I don't know the specifics since he had merely demonstrated it to us, but I thought it was a pretty impressive display of intelligent code reuse that seems lost on a lot of people these days. It also illustrated that certain domains are better left to certain languages, or more correctly, libraries that have been around long enough to have a highly deterministic and well understood nature when the object of the project isn't necessarily to rewrite everything.
I realize this is slightly tangential to your point, but I wanted to share since I feel it is relevant and maybe vaguely interesting to you.
I can think of a number of network-facing software packages in the *nix world that are usually configured, by default, to listen on all interfaces, because that's usually what the end user wants. There are some particular issues I'd like to point out, but if you're feeling exceptionally annoyed you may find it more rewarding to skip to the last paragraph, as I answer more directly (and seriously) your point related to culture. Hopefully, you'll read this and take away some education related to other distributions outside the somewhat walled gardens of Debian. (As an aside, it does bug me that most Debian users tend to feel that Debian is the One True Distro and that differences of opinion to the contrary as expressed via other distributions are therefore wrong; that is the primary reason for my "scathing sarcasm" in an earlier post.)
But be warned! There is sarcasm ahead. You really should skip to the last paragraph.
They don't need to read external documentation if the configuration file explains the risks of a particular configuration. Furthermore, that same configuration file is installed with the application; therefore, if they were going to "read external documentation," chances are they'd be doing it after the installation and presumably after they've encountered the warning in the config. Such external documentation may or may not be read anyway since it would appear that opening something as simple as a textual configuration file in one's favorite editor is such a tremendous burden. I cannot imagine what great pains it would place upon the shoulders of such an individual to be forced to read manpages or other informative resources provided by the software developer(s).
I'm not sure what distros you're using, but most of them tend to ship the manpages that the developer provided with the original distribution whenever you install the package, particularly for most major software. FreeBSD and Gentoo have identical manpages for the current version of Memcached, for instance.
On the other hand, your last point related to "different default configuration[s]" makes me chuckle. Since all distros are different, the only thing you're arguing is in favor of checking the configuration to ensure it does what is expected--which is what the end user should be doing in the first place, particularly in a mixed environment. After all, it might be different!
This point bugs me, because it smacks of the hand-holding the poster you're replying to was stating Gentoo explicitly does NOT do.
First, some education about Memcached: It has no configuration file; those distributions that do provide one provide something that is effectively a wrapper around Memcached's command line arguments. Gentoo's configuration file comes largely without configuration (hence
Insecure is in the eyes of the beholder. If the machine is on a firewalled network (e.g. inaccessible to the outside world) it is secure.
This whole point is moot, however, because Gentoo doesn't start services by default. You have to explicitly start them (that is, manually). Presumably, you understand the security implications of relying on preinstalled configurations to work precisely as expected. If you don't, shame on you and you have no business being a sysadmin in the first place. (No, really, you don't.)
I vehemently disagree on the premise that if someone knows enough to be running Memcached, he or she probably knows and understands enough to configure Memcached appropriately. By default, Memcached on most distributions I've seen is configured to use 64 megs of RAM for caching. If someone needs--really NEEDS--Memcached to be running, 64 megs may or may not suit their needs, so they will likely be reading the configuration file anyway.
FreeBSD goes a step further and reminds users that a particular package has installed a network service that may invoke security implications if it's enabled.
Fallible? Certainly. Stupid? Possibly.
If someone is running a web server that is neither firewalled nor correctly configured, they probably shouldn't be running it in the first place. Better yet, they should probably switch to another vendor that takes sufficient precautions to assume the end user is too inept to verify their configurations in the first place. After all, if they're unwilling or unable to bother running something as simple as a firewall, they probably haven't bothered to configure SSH to accept key-based authentication, moved it to another port, and they're very likely to be one user away from having a successful SSH scan hit and possibly root their box. ("But Uncle Joe is really computer literate and wanted a shell! I had no idea he used "asdf" for his login "joe" on every box he connects to!")
As a side note, FreeBSD does roughly the same thing as Gentoo in that it runs Memcached entirely without configuration (meaning attaching to all interfaces) if you launch it from /usr/local/rc.d/memcached. Thusfar, that's two vendors that appear to ascribe to the same notion that correct configuration is the user's responsibility.
I must say that I agree, but I think your disappointment with my "scathing sarcasm" may have colored your opinion of my beliefs.
You may have some points. I present to you some data that supports the notion that Ormandy may have had a right to publicize this particular flaw.
http://tech.slashdot.org/comments.pl?sid=1517630&cid=30833162
And an issue with HCP reported in 2002 that sounds similar to Ormandy's discovery some 8 years later:
http://it.slashdot.org/comments.pl?sid=1687452&cid=32586552
~8 years is a lot of time. Also, I believe there was another researcher in that third link who mentioned having reported a similar exploit with HCP some years later.
I do think there's plenty of misreporting from both angles. As you're greatly concerned with ad hominem attacks, I'll let you decide the implications of this for yourself.
Wow, I stand corrected. This entire time, I thought TLC stood for "Terribly Loud Children" since it seems out of control, screaming little brats run rampant all over that stupid channel.
While each of your reasons apply to me for using steam:
One other reason that comes to mind is the convenience. If I buy something from Steam, I can start downloading it immediately. Gone are the days of spending about twice as much for a boxed copy of a game and having to make a special trip to the local electronics retailer and dealing with such mundane things as a) pedestrians, b) parking, c) grumpy clerks, and d) standing in lines.
Sure, Steam is a form of DRM. Sure, if Valve goes under we're all screwed, but I suppose those are the risks you take for convenience. I really dislike some of the local chain retailers, so it's a win for me! (Mind you, I absolutely refuse to buy any Ubisoft titles via Steam--two levels of DRM seems a little... excessive to me.