To Mr Heskett's point/challenge of: In the open source world it becomes difficult if you want to work with a compiler 6 years old, let alone 2 or 3 or 4 years old. As a test, get the latest glibc and compile it with a 3 year old copy of GCC.
My point/contention was that this problem is not limited to the open source world. Maybe glibc is a bad choice for a library compilation challenge, but the issue holds true of trying to compile most any modern C library on a 3 year old C compiler be it Linux, *nix, or Windows.
Embedded systems vendors are moving to Linux to keep up with the changing hardware and needs of their customers.
Does this address the needs of all embedded systems users? Of course not. I can see in really high-security fields you need to have 100% control of things. The critical embedded devices in power plants come to mind in that case where you may be replacing a 10 year old device and need to ensure that you have exact compatability.
However, these are outlying cases and will strain almost ANY OS group to satisfy. (Especially as they still need to move forward with their technology as well.)
I would say that the OSS route in that case may actually provide you better security as long as you archive both the code and the software used to build the code (including the OS and the hardware if necessary too). If your requirements are in fact that strict then you're going to either have to have complete control of the code you're relying on or have escrow agreements that ensure you'll be able to obtain the code if your vendor happens to go out of business.
It's possible, and HAS happened that KNOWN, and TRUSTED engineers have put bits of code that would pass initial scrutiny and still be dangerous.
Wasn't there recently an article about a router with a backdoor shipped out in its code? How about all those darn "easter eggs" floating around in Windows and Office and other programs?
I would challenge you to compile a new Intel C library using a Microsoft C compiler from 6 years ago too. Heck, compile glibc using an IRIX compiler from six years ago.
You can drag out all the scenarios you want and whether it's Linux or it's *nix or BSD or Windows you're going to have the same audit challenges and not even have access to the source code without negotiating with all your suppliers.
Giskard had actually been "reprogramming" Daneel for some time before the Zeroth law went into effect for Daneel.
In Giskard's case (as in another telepathic robot in the I, Robot books) the problem was that telepathy and the Three Laws clashed badly. First was that he found he could alter people's behavior but didn't understand the consequences. So, he went and invented Psychohistory to help him map out the changes. (Well, he influenced its invention when he observed how he could actually make changes in larger groups easier than in individuals.) The final straw was when he ended up having to kill a human to stop the destruction of the Earth (in the end he only delayed the destruction instead).
In the end, however, there did seem to be a lot of effort in justifying a number of events in his universe and tieing them together in a neat little package at the expense of the great discovery of Harry Seldon.
Go ahead, read through that whole thing and tell me where Win.Forms and ASP.Net are.
This is the challenge/danger of Mono. They are reverse engineer implementing equivalents of these packages using OSS pieces. This is currently working but they'll always be playing catch-up and there's got to be at least one or two buried patent mines waiting to bite them in the arse.
I would imagine that most VIN handling DB's use the VIN as the unique code right now. So, either you're going to have to introduce a new unique key or something to support the lookup/reference to the overflow table and entry.
This is an interesting area of data aggregation. If all the information they're using is publically accessible than the big thing they're doing is gathering and combining it.
Now that means two services: 1) Knowing who to ask/where to look to get the data. Would you know how to get cell phone info and registration info? How about where the various criminal registration info is?
2) How to combine that information. I'd be pretty upset if my cell phone number along with my social security number is available publically. So are they then doing name matches and what happens on duplicates?
I guess the thing would be to attempt an FOIA request for the information and see where that went.
Either that or you simply don't understand contract law.
A state marriage license is a contract. The two parties who enter into it make certain representations and guarantees and have certain responsibilities under the contract. Additionally, as a married couple the contractees gain certain benefits such as joint health insurance, power of attorney, inheritance, tax status, etc. You're not marrying the state, you're not licensing yourself with the state.
Miramax paid for the production of the film. Disney merely exercised it's rights over the subsidiary to refuse distribution.
A few points: Disney has done this with SEVERAL Miramax films. This just means that another company needs to handle the costs and benefits of distribution. (Disney forewent a lot of potential profit by refusing to distribute the film.)
Additionally, Disney had informed Miramax of this decision at least a year ago. Moore must have "forgotten" that fact when he went crying conspiracy to the press. Note how they still have the "the film the government doesn't want you to see" BS in the trailers.
...I'm sure we would have seen MUCH less of this whole social issue crusading, eh?
The FCC didn't raise the fine, Congress did. The FCC doesn't have the power to do things like that unilateraly. You'd probably be disappointed to see the number of D's in the Aye column on that one...
Patents must also be non-obvious to experts in the field.
MS's button response patent: Let me hold down the power button on my Palm Pilot so I can get a back-light. How about holding down the power button on an ATX case for 5 seconds to force a power-off. Two examples of how we already have reactions based on length of time that a button is depressed. Combine that with the ol' double click mouse speed adjustments and it's obvious to experts in the field.
The To-Do list patent. This is a variation on two things. First, the context-based features in IDE's where the methods and variables that you declare are added to GUI trees as you go along. You can click on one of those elements and jump right to the code in question. Second, the idea of specialized comments to indicate things in code. JavaDoc, SGML, etc are examples of this. Again, obvious to an expert in the field. (Apparently MS had this ToDo functionality in their IDE years before they filed for the patent to boot.)
Let's see you're saying that we don't know if things will get hot or cold and we don't know what is causing these changes...
So what do we do to stop the changes that we don't know are happening or what they're doing?
That's the real debate that's raging right now. What if the sun's overall output has decreased of late and we're actually overdue for an iceage? Wouldn't stopping the creation of green house gases ensure an ice age then?
What if our production of green house gases isn't sufficient to effect the global climate? We could make large-scale expansive changes to the global economy and get no benefit from them.
Action for the sake of action isn't a wise policy.
You realize that while jobs are being shipped overseas by US corporations, foreign corporations are creating jobs right here in the US don't you? I've read some statistics that put it at a 3 to 1 ratio with more jobs coming to the US.
Manufacturing work has been leaving the US for over a decade that's a simple fact of the world economic situation. You can lay a lot of the blame right at the feet of the unions. Look at the debacle that went on in CA with the long shoreman who went on strike to try to keep computerized manifests from being used. (Instead they had people keying in the data pulling down near $100,000/year for the work.)
Frankly the last business cycle was an incredibly distorted one. Look at the salaries that IT professionals (and not quite so professional) were hauling down with the.COM businesses.
You may in fact be right about the unemployment statistics, the point I was making that was any complaints/issues with the statistics and the press's use of those statistics has been ongoing for a long time. This isn't something new, there isn't a spike in discouraged workers in the last few years.
Consider first your "analysis" by looking at the statistics being presented. Did the structural problems that you're now discussing suddenly emerge during this recent time? If the methodology has not changed then the built-in error in the report remains the same.
So, then you can go back and analyze the other portions of the report covering part-time, discouraged, and other categories and you'll find that there is no historically high numbers in this area either.
The simple fact is that these statistics have been used for awhile and thus are the ones that need to be used for any analysis. If the numbers have been lowballed then they've been lowballed for a long time. (At least since the '95 redefinition.)
Actually the figures do take into account people who have "left the workforce" along with everything else. You'll notice that there's both a household survey and an employer survey and the two can give you a relatively accurate picture.
I was actually picked for the household survey and we got a phone call every month and they asked a whole bunch of questions about all the peope in the house, who was working, who was looking for work, and who wasn't and why they weren't.
So, any attempt to say that the rate is higher because "so many people have simply given up looking for work" is complete hogwash. Do some research and look at the historical trends and you'll see that the rate is neither high in absolute terms nor historical terms either.
Sorry for the delay. I haven't been able to dig up the report that I did read (can't bookmark everything after all) but here's an article from Salon that talks about the purge rolls and notes that neither Palm Beach nor Duval used the roles: http://archive.salon.com/politics/feature/ 2000/12/ 04/voter_file/
News coverage has focused on some maverick Florida counties that decided not to use the central voter file, essentially breaking the law and possibly letting some ineligible felons vote. On Friday, the Miami Herald reported that after researching voter records in 12 Florida counties -- but primarily in Palm Beach and Duval counties, which didn't use the file -- it found that more than 445 felons had apparently cast ballots in the presidential election.
The point is that the boogy-man role of the purge file isn't half as great as it was played up to be. While the roles were definitely flawed, it was up to the discretion of the local county boards to implement the file in the manner that they saw fit.
You missed the "we can't let the FBI help you search for him" memo in your list.
The fact is that the PC subpoena was turned down because of the worry about the separation of intelligence and criminal prosecutions. That being the mythical situation that drove Gorelick's memo. (Confirmed by others or not, it was still her move to extend the requirements beyond those of the law and she should certainly be testifying before the commission not asking questions. Should we go into the fact that the law firm she works for is defending Saudi princes against 9/11-related law suits?)
Things that PATRIOT did help. Roving wire taps. People use more than one phone these days, being able to tap them all with a single request is important. Sneak and peak. A procedure for performing a search of a suspected terrorist without alerting them. Despite the complaints of many people it STILL requires a judge's approval.
Frankly, all of the objections about the Patriot Act have been based on bad information, hyperbole, or out right lies. This ISP complaint being just that when they claim that there was no judicial oversight.
Let's see, the ones that said that they refused the search warrant for the PC?
How about the one where they said that the FBI couldn't help searching for two of the hijackers the weeks before the attack?
Or maybe we can got back to COMMISIONER Gorelick's memo that "went beyond the requirements of the law" in regards to implementing the "wall" required by FISA.
You see Kerry would proclaim that he actually vetoed one version of the bill before he signed it.
Kerry hasn't taken one firm stand on ANYTHING his entire political career. Right, wrong, or indifferent Bush has his convictions and is sticking to them.
Funny. Considering that Broward and Miami-Dade were heavily Democratic in their voting wouldn't that undermine your assertion that Gore was hurt by voter purges?
The fact remains that an in-depth analysis of those purges found that as many (or more) people illegally remained ON the roles than got improperly purged. (Some counties ignored the roles all-together, other counties did further checks before purging voters, others simply accepted the names supplied by the state. In all cases, it was up to the county voter officials to decide what to do with the names.)
I suppose we'll start whining about the butter-fly ballot next eh? The ballot that btw, was designed by a Democrat and put into the newspaper weeks before the election for review and comment.
Slashdot Mirror
To Mr Heskett's point/challenge of:
In the open source world it becomes difficult if you want to work with a compiler 6 years old, let alone 2 or 3 or 4 years old. As a test, get the latest glibc and compile it with a 3 year old copy of GCC.
My point/contention was that this problem is not limited to the open source world. Maybe glibc is a bad choice for a library compilation challenge, but the issue holds true of trying to compile most any modern C library on a 3 year old C compiler be it Linux, *nix, or Windows.
Embedded systems vendors are moving to Linux to keep up with the changing hardware and needs of their customers.
Does this address the needs of all embedded systems users? Of course not. I can see in really high-security fields you need to have 100% control of things. The critical embedded devices in power plants come to mind in that case where you may be replacing a 10 year old device and need to ensure that you have exact compatability.
However, these are outlying cases and will strain almost ANY OS group to satisfy. (Especially as they still need to move forward with their technology as well.)
I would say that the OSS route in that case may actually provide you better security as long as you archive both the code and the software used to build the code (including the OS and the hardware if necessary too). If your requirements are in fact that strict then you're going to either have to have complete control of the code you're relying on or have escrow agreements that ensure you'll be able to obtain the code if your vendor happens to go out of business.
It's possible, and HAS happened that KNOWN, and TRUSTED engineers have put bits of code that would pass initial scrutiny and still be dangerous.
Wasn't there recently an article about a router with a backdoor shipped out in its code? How about all those darn "easter eggs" floating around in Windows and Office and other programs?
I would challenge you to compile a new Intel C library using a Microsoft C compiler from 6 years ago too. Heck, compile glibc using an IRIX compiler from six years ago.
You can drag out all the scenarios you want and whether it's Linux or it's *nix or BSD or Windows you're going to have the same audit challenges and not even have access to the source code without negotiating with all your suppliers.
of the Register you're seeing. :-D
Giskard had actually been "reprogramming" Daneel for some time before the Zeroth law went into effect for Daneel.
In Giskard's case (as in another telepathic robot in the I, Robot books) the problem was that telepathy and the Three Laws clashed badly. First was that he found he could alter people's behavior but didn't understand the consequences. So, he went and invented Psychohistory to help him map out the changes. (Well, he influenced its invention when he observed how he could actually make changes in larger groups easier than in individuals.) The final straw was when he ended up having to kill a human to stop the destruction of the Earth (in the end he only delayed the destruction instead).
In the end, however, there did seem to be a lot of effort in justifying a number of events in his universe and tieing them together in a neat little package at the expense of the great discovery of Harry Seldon.
Not the libraries.
Go ahead, read through that whole thing and tell me where Win.Forms and ASP.Net are.
This is the challenge/danger of Mono. They are reverse engineer implementing equivalents of these packages using OSS pieces. This is currently working but they'll always be playing catch-up and there's got to be at least one or two buried patent mines waiting to bite them in the arse.
I would imagine that most VIN handling DB's use the VIN as the unique code right now. So, either you're going to have to introduce a new unique key or something to support the lookup/reference to the overflow table and entry.
This is an interesting area of data aggregation. If all the information they're using is publically accessible than the big thing they're doing is gathering and combining it.
Now that means two services:
1) Knowing who to ask/where to look to get the data. Would you know how to get cell phone info and registration info? How about where the various criminal registration info is?
2) How to combine that information. I'd be pretty upset if my cell phone number along with my social security number is available publically. So are they then doing name matches and what happens on duplicates?
I guess the thing would be to attempt an FOIA request for the information and see where that went.
Either that or you simply don't understand contract law.
A state marriage license is a contract. The two parties who enter into it make certain representations and guarantees and have certain responsibilities under the contract. Additionally, as a married couple the contractees gain certain benefits such as joint health insurance, power of attorney, inheritance, tax status, etc. You're not marrying the state, you're not licensing yourself with the state.
Miramax paid for the production of the film. Disney merely exercised it's rights over the subsidiary to refuse distribution.
A few points: Disney has done this with SEVERAL Miramax films. This just means that another company needs to handle the costs and benefits of distribution. (Disney forewent a lot of potential profit by refusing to distribute the film.)
Additionally, Disney had informed Miramax of this decision at least a year ago. Moore must have "forgotten" that fact when he went crying conspiracy to the press. Note how they still have the "the film the government doesn't want you to see" BS in the trailers.
...I'm sure we would have seen MUCH less of this whole social issue crusading, eh?
The FCC didn't raise the fine, Congress did. The FCC doesn't have the power to do things like that unilateraly. You'd probably be disappointed to see the number of D's in the Aye column on that one...
think about the embarassment of leaving your "dongle" at home.
They're talking about a Mach 7.5 speed for these rounds.
I suppose the trick will be to build on the inland side of ocean facing mountains to thwart that attack.
So, do you support the LGPL? (Remember if they don't agree to the terms than they can't distribute or accept "code" under those terms.)
The plus side is we can get the soon-to-be-unemployed SCO lawyers to help you with the derivitive works suits.
Patents must also be non-obvious to experts in the field.
MS's button response patent: Let me hold down the power button on my Palm Pilot so I can get a back-light. How about holding down the power button on an ATX case for 5 seconds to force a power-off. Two examples of how we already have reactions based on length of time that a button is depressed. Combine that with the ol' double click mouse speed adjustments and it's obvious to experts in the field.
The To-Do list patent. This is a variation on two things. First, the context-based features in IDE's where the methods and variables that you declare are added to GUI trees as you go along. You can click on one of those elements and jump right to the code in question. Second, the idea of specialized comments to indicate things in code. JavaDoc, SGML, etc are examples of this. Again, obvious to an expert in the field. (Apparently MS had this ToDo functionality in their IDE years before they filed for the patent to boot.)
Let's see you're saying that we don't know if things will get hot or cold and we don't know what is causing these changes...
So what do we do to stop the changes that we don't know are happening or what they're doing?
That's the real debate that's raging right now. What if the sun's overall output has decreased of late and we're actually overdue for an iceage? Wouldn't stopping the creation of green house gases ensure an ice age then?
What if our production of green house gases isn't sufficient to effect the global climate? We could make large-scale expansive changes to the global economy and get no benefit from them.
Action for the sake of action isn't a wise policy.
Can you even fathom the size of the bag of Dorito's we'd need for Gaia?
You realize that while jobs are being shipped overseas by US corporations, foreign corporations are creating jobs right here in the US don't you? I've read some statistics that put it at a 3 to 1 ratio with more jobs coming to the US.
.COM businesses.
Manufacturing work has been leaving the US for over a decade that's a simple fact of the world economic situation. You can lay a lot of the blame right at the feet of the unions. Look at the debacle that went on in CA with the long shoreman who went on strike to try to keep computerized manifests from being used. (Instead they had people keying in the data pulling down near $100,000/year for the work.)
Frankly the last business cycle was an incredibly distorted one. Look at the salaries that IT professionals (and not quite so professional) were hauling down with the
You may in fact be right about the unemployment statistics, the point I was making that was any complaints/issues with the statistics and the press's use of those statistics has been ongoing for a long time. This isn't something new, there isn't a spike in discouraged workers in the last few years.
...numbers.
Consider first your "analysis" by looking at the statistics being presented. Did the structural problems that you're now discussing suddenly emerge during this recent time? If the methodology has not changed then the built-in error in the report remains the same.
So, then you can go back and analyze the other portions of the report covering part-time, discouraged, and other categories and you'll find that there is no historically high numbers in this area either.
The simple fact is that these statistics have been used for awhile and thus are the ones that need to be used for any analysis. If the numbers have been lowballed then they've been lowballed for a long time. (At least since the '95 redefinition.)
Actually the figures do take into account people who have "left the workforce" along with everything else. You'll notice that there's both a household survey and an employer survey and the two can give you a relatively accurate picture.
I was actually picked for the household survey and we got a phone call every month and they asked a whole bunch of questions about all the peope in the house, who was working, who was looking for work, and who wasn't and why they weren't.
So, any attempt to say that the rate is higher because "so many people have simply given up looking for work" is complete hogwash. Do some research and look at the historical trends and you'll see that the rate is neither high in absolute terms nor historical terms either.
http://archive.salon.com/politics/feature
The point is that the boogy-man role of the purge file isn't half as great as it was played up to be. While the roles were definitely flawed, it was up to the discretion of the local county boards to implement the file in the manner that they saw fit.
You missed the "we can't let the FBI help you search for him" memo in your list.
The fact is that the PC subpoena was turned down because of the worry about the separation of intelligence and criminal prosecutions. That being the mythical situation that drove Gorelick's memo. (Confirmed by others or not, it was still her move to extend the requirements beyond those of the law and she should certainly be testifying before the commission not asking questions. Should we go into the fact that the law firm she works for is defending Saudi princes against 9/11-related law suits?)
Things that PATRIOT did help. Roving wire taps. People use more than one phone these days, being able to tap them all with a single request is important. Sneak and peak. A procedure for performing a search of a suspected terrorist without alerting them. Despite the complaints of many people it STILL requires a judge's approval.
Frankly, all of the objections about the Patriot Act have been based on bad information, hyperbole, or out right lies. This ISP complaint being just that when they claim that there was no judicial oversight.
Let's see, the ones that said that they refused the search warrant for the PC?
How about the one where they said that the FBI couldn't help searching for two of the hijackers the weeks before the attack?
Or maybe we can got back to COMMISIONER Gorelick's memo that "went beyond the requirements of the law" in regards to implementing the "wall" required by FISA.
You see Kerry would proclaim that he actually vetoed one version of the bill before he signed it.
Kerry hasn't taken one firm stand on ANYTHING his entire political career. Right, wrong, or indifferent Bush has his convictions and is sticking to them.
Funny. Considering that Broward and Miami-Dade were heavily Democratic in their voting wouldn't that undermine your assertion that Gore was hurt by voter purges?
The fact remains that an in-depth analysis of those purges found that as many (or more) people illegally remained ON the roles than got improperly purged. (Some counties ignored the roles all-together, other counties did further checks before purging voters, others simply accepted the names supplied by the state. In all cases, it was up to the county voter officials to decide what to do with the names.)
I suppose we'll start whining about the butter-fly ballot next eh? The ballot that btw, was designed by a Democrat and put into the newspaper weeks before the election for review and comment.