And the US vetos the.xxx TLD. The.xxx TLD is a terrible idea, and the US (and anyone else who torpedo it) should be applauded for their actions. It's one of those too-stupid-to-die schemes that gets run up the flag pole every year or so, necessitating a lot of time and hot air to be expended in order to put it down again.
Except as part of some totally unfeasible net-censorship scheme, it would serve no purpose. No good can come of it.
Ummm Sooo. This is common practice. Even in America or [Gasp] Europe! Most bribary laws punish the person to accecpts the bribes not the person who gives the bribes, unless it is extortion. Bringing Clients to an expensive luch, giving them tickes to a sports game. It happends, and because the laws are targted at the reciever not the giver there is no reason for Microsoft not to try. So they lost the Deal, They wouldn't have gotten it in the first place if they didn't try. IT is really a no loss situation for them and it gave them a better chance of winning. It is not big news... Sorry. No, you're incorrect. It is illegal for a U.S. firm to bribe foreign officials, even if the bribery is legal in that country. This is because of a piece of legislation called the "Foreign Corrupt Practices Act," or FCPA.
Now personally, setting aside Microsoft, I think the FCPA is stupid, and tends to just put U.S. businesses at a disadvantage versus businesses from other countries that don't try to apply their own laws extra-territorially, or just generally have a more relaxed attitude towards bribery. It's a piece of legislation that was made at at time when the U.S. world leadership position was a lot stronger; now, it's just shooting ourselves in the foot.
But anyway, despite being stupid, the FCPA is law, and I strongly suspect that what Microsoft did was blatantly illegal under it. Not that they'll be punished or anything, but it's illegal.
Agreed. I think the long-term solution is to design OSes so that each application can only write to a limited subset of the filesystem; either each app is kept in some sort of individual sandbox, or maybe it can only write to files it creates, or files of a certain type that are associated with it, or some similar scheme. You could probably fudge something like this into a current OS with enough chroots/jails/runases and ACLs, but I think it's the sort of thing that's going to require a ground-up rewrite for an entirely new security model. I'm not even sure that it would be compatible with the idea of a single 'filesystem' as we currently think of it; you might instead have segregated applications each with their own sets of files, and a single 'browser' that allowed you to move/share files between applications as necessary. From a user's perspective, such a machine might be entirely 'task-oriented' rather than file-oriented.
I think there's a research OS or two around that have been designed like this, but it's a long way off for most mainstream ones. Of any of the commercial vendors, I could probably see Apple doing it first, because they seem to be the ballsiest when it comes to just breaking backwards-compatibility and rewriting things for the sake of rewriting them (and which arguably "weren't broken" according to others, e.g. launchd), but I still have a hard time imagining it within the next decade. Windows is and will always be a slave to its software base, and most of the Unices tend to be evolutionary rather than revolutionary in their design (which is fine, it's just a different approach).
Yeah actually I think SimEarth would really be a nice one, since it sets the stage for a lot of science concepts that can be tough to get across to students in a traditional lecture. I've always thought it was a pretty neat program. And it'd be a neat way of giving kids who may have never had the opportunity to travel very far from their home, an idea of global ecosystems and of global-scale problems and relationships.
I was never totally impressed with the original SimCity. I know that must make me some sort of soulless bastard, but I just never found the gameplay to be all that great. Now, SimCity 2000, that was a great game; a lot of the gameplay annoyances got fixed between the original and that one (and I spent untold hours playing it; it was in no way a kids' game, IMO). I don't know if they're still marketing the 2k version, but it'd be really nice if they open-sourced it. (Actually the engine could probably be reused for all sorts of other grid-based construction games.)
Do you honestly think everyone switching to a different OS would solve the problem?
Well, not if the other OS was as braindead as Windows, but that'd be tough to pull off...:)
But more seriously, the biggest security improvement we could make today would probably be to eliminate executable code from web content. Full stop. Or if not that, then at least kill ActiveX and JavaScript, and only use schemes that run in secure sandboxes...although even they have their problems, and you always have to worry about jailbreaking vulnerabilities. Better to just get rid of the whole business, IMO.
(The only really interesting use of JS I've ever seen is an implementation of GPG totally in client-side code...now that's pretty neat. But as cool as that is, nobody uses it, and 99% of the rest of JS is used for stupid stuff that either shouldn't exist at all, or should wait for the next revision to X/HTML and the associated web browsers if so many people really want it.)
The other big security is Trojans, but that's just PEBKAC; you really can't do much to guard against it. You can make specific attacks more difficult or impossible (not allow files to hide the fact that they're executable, perform hash-checks on all updates, etc.) but if you've got stupid users, you're always going to have to deal with it. (Perhaps the solution is just to make computers much harder to use?)
But the mixing of executable code and content on the web is a problem, and it breaks down the separation of content and display software in a way that's almost bound to cause eventual problems.
I agree with you wrt the uselessness of soft-power settings on computer monitors. I habitually hit the "real" power switch on my (circa 1998 or so, so it has both) monitor when I'm going to leave for a while, rather than just leaving it to go into standby. Mostly because it tends to come out of 'sleep' at the slightest whim.
But the real reason for all those soft-power settings I think has less to do with powering on than it does with powering off. Most devices don't like to be daisy-chained and controlled by a remote source, like lots of analog electronics were, because they can't stand having their power cut abruptly.
In other words, it's the "shut down" procedure that's the killer, not the "start up" one. Lots of devices perform little rituals when you turn them off, writing settings to non-volatile memory for instance, that analog electronics just don't have to do. Because of this, you need to make sure that the user doesn't really have control over the device's whole power. So instead of a real switch, the user gets a soft-power button. That way, they can press it, and the device can start shutting down, and do its thing. But this basically necessitates 'standby' rather than 'off,' in order to be able to start up from the soft power button.
Remote controls are the other driving force, but there are lots of devices that do 'standby' now, that don't have remotes. I think it's often because they have a power-off procedure; if you designed devices so that they could be unplugged at any time without consequence, then you could go back to centrally-controlled, daisy-chained power supplies.
I think the device you're looking for is called a "nanny." Although they may be available for purchase in other parts of the world for $400, that is unfortunately prohibited by law here, and importation or acquisition on the gray market is strongly discouraged.
There are, however, models available for lease, rental, or timeshare at affordable prices, with correspondingly varied quality.
They have no way to know or prove -- unless you tell them -- that there's more than one key. You can't look at a TrueCrypt volume and determine that it has multiple keys, and you can't look at the volume that's opened by a TrueCrypt key and know that it's not the only thing in there.
(Although, I suppose if the.tc file was 600MB and your "password" opened up a volume that only had 1MB worth of stuff in it, that'd be a pretty damning sign.)
I'm not really sure why you think other people will let you store a lot of your crap on their systems, and let you use a lot of bandwidth to access it.
That said, distributed, encrypted file systems are nothing new; Freenet works like that. Each node downloads a few MB of encrypted files and stores them, and is totally unaware of what's being stored. There is a complicated system for pulling up pages from other nodes, letting you navigate it in a way similar to the WWW. But it's all run basically on charity. If you started using it as your personal file-storage vault, at the expense of local storage, and everyone else did, too, it would break down.
IMO, the main reason that doesn't happen to Freenet is because it's almost unusably slow. (Or at least it was the last time I tried it, about 2 years ago.)
Whoever pays for the research ought to own the results. If that's the NIH, than the taxpayers, the public, own the results.
If you work for the public for less than you'd work for substantially less than you'd work for a corporation, then either you're very generous or you're a fool. But it's not the NIH's fault if you underbid yourself.
The point of funding basic research with public money is because it's generally not profitable. If there's profit to be made as the result of it, maybe you should be looking for industrial funding instead. But since it's generally assumed to not be the sort of thing you can patent and turn into a revenue stream, there ought not be a lot of problem putting it into the public domain.
What you seem to be asking for is to have your cake and eat it, too: you want the public to pay for your research, but then you want to own it at the end, and prevent the public from getting what it paid for. Sorry, but I don't think it should work that way. If you want to own the results of your research, and you think it has profit potential, go find some venture capitalists. The public's purse is not your bank.
Well, how other countries want the fruits of their tax-funded research dealt with is a decision for those countries' citizens. If the Brits or the Finns or the Chinese or whomever want to pay for research and keep it locked up in a vault, bully for them. But I think we need to lead by example.
And frankly, since we have such a large portion of the medical-research industry in this country anyway, we're not giving up a whole lot by just putting it into the public domain. And a research industry isn't built on a vault full of arcane knowledge; it's built on laboratories and people, and perhaps most of all, a culture of inquiry and challenge. You can't copy that by ripping off a few scientific papers.
Also, a restriction that somehow limited U.S.-taxpayer-funded research to only being used by U.S. corporations and entities wouldn't exactly be enforceable against companies in China or Russia. So at best, you'd only be hurting those companies who play by the rules anyway. (Probably the only companies you'd end up hindering are the multinationals who have offices in the U.S., and are the ones doing the research in the first place -- so they're the last ones you want to get in the way of.)
By putting research funded by our tax dollars into the public domain, we'd be setting an example to the rest of the world, and positioning ourselves to benefit the most from international collaboration.
And if, on the off chance, other countries became obnoxiously bad with funding their drug companies with public money and not releasing the fruits of it to the rest of the world, we could deal with it and show our disapproval through trade sanctions on a case-by-case basis.
Nobody is saying that a company can't pay for research itself and reap the benefits of it.
Pardon? I must have missed a memo... slashbots insist privately funded science is bunk. Just ask any of them the next time an oil company funds a study on climate change. Hell, these crackpots have even decided the evil cigarette companies are in on the 'scam' too!
Well, you have to consider the motives of the company funding the research. Sure, an oil company funding research on global warming is suspicious, as is a cigarette company funding research on lung cancer. But would I trust an oil company's research on advanced petroleum distillation processes? Sure -- they benefit directly from that knowledge, and it doesn't do them any good (and much harm) if it's falsified.
Likewise, as long as you have a drug-approval process that ensures that drugs must actually be effective, drug companies benefit from finding effective drugs, and therefore they have good reason to do research into it.
It's when you see a private company funding research that's counterproductive to its financial goals (or where one conclusion from the research is beneficial to them, while the other conclusion is not) that you need to be suspicious. Although to be honest, you need to consider these sort of motivations in the public sector, also. If a scientist knows that they're only going to get renewed grant funding if their research finds something 'interesting' or anomalous, then they're going to have a lot of motivation to massage the data to make it appear that way.
But in either case, you can protect against researcher bias by making sure that experiments and trials are well-documented, that the data is open to examination, and that it can be repeated by disinterested parties who'll find the same result.
I don't think the parent was talking about putting privately-funded research into the public domain; the issue is research funded with public monies, by the NIH.
American public funds it, but placing it into public domain — as GGP poster wants — would make it automatically freely available to the rest of the world too.
...who will probably just take it anyway, regardless of patent or copyright restrictions. So all we're doing by locking it up legally, is punishing other, law-abiding U.S. companies (who are subject to our inane IP law system).
Besides which, the sort of isolationism you're supporting is counterproductive. U.S. industry (in particular, the big corporations that do pharmaceutical research) benefits from lower trans-national barriers to information. While you might be able to hurt medical advancement in other parts of the world with such a policy, you would also retard it here: the end result would be knowledge in the U.S. that's perhaps more advanced than elsewhere, but it would still be behind where it'd be if you didn't have the idiotic restrictions in the first place. Talk about cutting off your nose to spite your face.
And if special interest funding is the only thing that moves legislation in Congress, our country has truly lost its way. Nice to see that you've been paying such close attention.
Nixon? I'm not here to defend the guy, but he was never impeached. He resigned in the face of a likely impeachment proceeding.
You may have Nixon confused with Andrew Johnson the 17th president who was impeached. In fact impeachment proceedings failed to make it out of committee in 1867 and then impeachment was successful in 1868. Johnson was acquitted by one vote in the Senate by Edmund G. Ross of Kansas. Not to be terribly pedantic, but that sentence as written doesn't parse correctly.
What I think you meant was "You may have Nixon confused with Andrew Johnson, the 17th president, who was impeached."
(He was the 17th President, and was impeached; he was not the 17th President to be impeached. As of right now, I think it's only he and Bill Clinton who have actually faced impeachment proceedings, although there may have been others, like Nixon, who resigned when it became clear that they would be.)
I don't think the parent was talking about putting privately-funded research into the public domain; the issue is research funded with public monies, by the NIH.
I agree with him, that research paid for by the public ought to belong to the public; you shouldn't be able to get the government to pay for your research and then use it to get a patent that lets you deprive others of the fruits of that research for a few decades.
Nobody is saying that a company can't pay for research itself and reap the benefits of it.
Sure, you can boycott. And you can also, in theory, lobby your democratically-elected government to regulate the corporations more directly, in order to produce outcomes that you find more pleasant. That's both within your right as a consumer (to boycott) and a voter (to vote), and it's a legitimate function of government besides.
However, the corporation doesn't act 'ethically' as a result of this, at least in the same sense than an individual does. It just responds to market and regulatory pressures and does whatever happens to be profitable. If ethical behavior is profitable, that's what happens. If unethical behavior is more profitable...well, you get the idea.
And yes, I'm aware that corporations are made up of people, etc. etc. However, they don't act like people, and shouldn't really be anthropomorphised; since no single individual controls more than a small fraction of their overall actions, their behavior can't be modeled by the same factors that drive an individual's decision-making. E.g., an individual may avoid doing something because he or she knows they will feel guilty about it later; a corporation doesn't have that problem, because people who feel guilty (and thus stop participating) can easily be removed and replaced, or leave of their own accord.
Corporations -- big ones, anyway; ones that aren't chiefly run by a single person -- are predictable in that they always flow towards profit in the same way water always flows down hill. And, like water, they can be a benefit or a hazard depending on the situation. It is the job of individuals, both while acting as consumers in the marketplace and voters in the booth, to create the conditions that produce the most desirable outcomes. There is no reason to simply allow the corporations to run wherever they please, or assume simply because one set of conditions led to one outcome, that it's the only possible, or most desirable, one.
If the people are displeased with what corporations are doing, and feel as though they can't change their behavior in the marketplace, then it says to me that our government has obviously failed at some point.
Patents have not had much to do with novelty or ingenuity in a long time.
The iPhone is a brilliant piece of product design and marketing; there's nothing earth-shattering about it on the technological front, even when you include the interface.
Its inclusion in the list seems like a cheap shot to get the article Slashdotted and FPed on Digg.
Those test suites are nice, but none of them actually cause a hardware failure or disconnect. If that's what causes the data-loss issue (and it seems that there are other ways that you could cause/simulate it in this case, because it's happening on a higher level of abstraction than the bare metal), then you'd need to do some actual testing where you actually messed around with the hardware in order to determine the interaction.
I'm not arguing against automated testing; automated testing is great. But I'm saying that you also need to do simulated real-world testing, with the actual hardware, and let people try to break it. If you're only testing using software tools you're always going to have a blind spot at the very bottom levels.
If they're the exact same message just relayed to you twice, then it doesn't make sense to deliver two copies; you should get one -- and the problem you're describing regarding filing is a MUA one, not an MTA issue. (IMO, a good MUA would let you have the same message in two views/folders, and show it in multiple threaded discussions if it's referred to there.)
But anyway, aside from that, I agree that qmail sucks and I hate it for many reasons besides its handling of duplicate messages. I prefer postfix.
After I wrote the last post above in the thread, I did a little research on JavaScript implementations of GPG. It turns out that people have gone there before, and there are several working examples.
I wrote a post about it on my blog, but I'll save you and anyone else who might be interested the click and give you the two best examples:
This one is one-way (encrypt only) but is quite fast. It's made for the submission of forms (e.g. "Contact me" on websites) using insecure CGI-to-mail gateways. You can view all the code in your browser, and there are no remote binaries or anything.
That version is based, I believe, on this more general implementation by John Walker (the AutoDesk guy), which does both encryption and decryption of OpenPGP messages right in the browser. Also licensed pretty broadly, I think.
So basically, you could take that JavaScript, and build it into a webmail system: as long as the user had a JS-capable browser, they'd be able to work with encrypted messages without sending any unencrypted data to the server. This is a much more secure model than what I think is used by Hushmail (where the plaintext gets to and from the user via an SSL pipe, but only gets packaged up into a GPG message on the server side). Also, it allows you to keep all your stored messages (Sent Mail, Received Mail, etc.) kept on the server, encrypted to yourself, so that your ISP can't sell you down the river, but you get the convenience of using IMAP.
All you'd need to do, as a user, would be to carry around your private key. Alternately I suppose you could keep an encrypted copy of your private key on the server and then unlock/decrypt it in the browser with a passphrase, but that's much less secure.
There are still a lot of possible attack vectors against such a system (Walker gets into them on his page; basically you constantly have to worry about whether the JS applet has been changed and isn't what you think it is), but it's a hell of a lot better than plaintext or plaintext+SSL.
Scenarios that involve physical disturbance to the hardware are not easily testable by automated regression-test systems. I have no idea what Apple uses internally, but "bump the hard drive" is not an option I've seen in most products.
It's the sort of thing you expect to find in human-driven system testing, where you actually set somebody loose and tell them to try and find ways of breaking things.
It's exactly the sort of thing I'd expect to slip through if an organization was depending too heavily on automated test strategies and not giving enough time to more holistic ones.
1. Programmers get lazy. If you don't have to optimize, you don't. So if you're told to make it run on a 1GHz machine with 1GB of RAM, that's going to be pretty close to the minimum requirements.
2. In the case of Microsoft, I strongly suspect they have an informal arrangement with the hardware manufacturers, whereby they continually drive hardware purchases, and the hardware manufacturers continue to prepackage Windows on the new machines. Even if there isn't an actual quid pro quo, Microsoft's products are nearly ubiquitous, and they benefit quite directly from new hardware purchases.
Hence, they have no reason not to bloat.
Bloat isn't universal, though. I have an old P166 that's running OpenBSD 4.1, and prior to that it was running Debian Stable; both are modern operating systems with a lot of features that didn't exist ten years ago when the machine itself was produced. If you look around, there are still programmers who know how to squeeze performance out of the hardware they have available, but you just don't see them employed by Microsoft. (At least not in the Office division, apparently.)
I think it boils down to your definition of "remarkable."
Something might be technically unremarkable, by today's standards, but still hugely remarkable in the historical sense, because it was the first of its kind.
As a more extreme example, I have a pocket calculator that can do more than the original ENIAC, but that doesn't mean that ENIAC is any less remarkable, when considered in the context of when it was developed.
Slashdot Mirror
Except as part of some totally unfeasible net-censorship scheme, it would serve no purpose. No good can come of it.
Most bribary laws punish the person to accecpts the bribes not the person who gives the bribes, unless it is extortion. Bringing Clients to an expensive luch, giving them tickes to a sports game. It happends, and because the laws are targted at the reciever not the giver there is no reason for Microsoft not to try. So they lost the Deal, They wouldn't have gotten it in the first place if they didn't try. IT is really a no loss situation for them and it gave them a better chance of winning. It is not big news... Sorry. No, you're incorrect. It is illegal for a U.S. firm to bribe foreign officials, even if the bribery is legal in that country. This is because of a piece of legislation called the "Foreign Corrupt Practices Act," or FCPA.
Now personally, setting aside Microsoft, I think the FCPA is stupid, and tends to just put U.S. businesses at a disadvantage versus businesses from other countries that don't try to apply their own laws extra-territorially, or just generally have a more relaxed attitude towards bribery. It's a piece of legislation that was made at at time when the U.S. world leadership position was a lot stronger; now, it's just shooting ourselves in the foot.
But anyway, despite being stupid, the FCPA is law, and I strongly suspect that what Microsoft did was blatantly illegal under it. Not that they'll be punished or anything, but it's illegal.
Agreed. I think the long-term solution is to design OSes so that each application can only write to a limited subset of the filesystem; either each app is kept in some sort of individual sandbox, or maybe it can only write to files it creates, or files of a certain type that are associated with it, or some similar scheme. You could probably fudge something like this into a current OS with enough chroots/jails/runases and ACLs, but I think it's the sort of thing that's going to require a ground-up rewrite for an entirely new security model. I'm not even sure that it would be compatible with the idea of a single 'filesystem' as we currently think of it; you might instead have segregated applications each with their own sets of files, and a single 'browser' that allowed you to move/share files between applications as necessary. From a user's perspective, such a machine might be entirely 'task-oriented' rather than file-oriented.
I think there's a research OS or two around that have been designed like this, but it's a long way off for most mainstream ones. Of any of the commercial vendors, I could probably see Apple doing it first, because they seem to be the ballsiest when it comes to just breaking backwards-compatibility and rewriting things for the sake of rewriting them (and which arguably "weren't broken" according to others, e.g. launchd), but I still have a hard time imagining it within the next decade. Windows is and will always be a slave to its software base, and most of the Unices tend to be evolutionary rather than revolutionary in their design (which is fine, it's just a different approach).
Yeah actually I think SimEarth would really be a nice one, since it sets the stage for a lot of science concepts that can be tough to get across to students in a traditional lecture. I've always thought it was a pretty neat program. And it'd be a neat way of giving kids who may have never had the opportunity to travel very far from their home, an idea of global ecosystems and of global-scale problems and relationships.
I was never totally impressed with the original SimCity. I know that must make me some sort of soulless bastard, but I just never found the gameplay to be all that great. Now, SimCity 2000, that was a great game; a lot of the gameplay annoyances got fixed between the original and that one (and I spent untold hours playing it; it was in no way a kids' game, IMO). I don't know if they're still marketing the 2k version, but it'd be really nice if they open-sourced it. (Actually the engine could probably be reused for all sorts of other grid-based construction games.)
Do you honestly think everyone switching to a different OS would solve the problem?
:)
Well, not if the other OS was as braindead as Windows, but that'd be tough to pull off...
But more seriously, the biggest security improvement we could make today would probably be to eliminate executable code from web content. Full stop. Or if not that, then at least kill ActiveX and JavaScript, and only use schemes that run in secure sandboxes...although even they have their problems, and you always have to worry about jailbreaking vulnerabilities. Better to just get rid of the whole business, IMO.
(The only really interesting use of JS I've ever seen is an implementation of GPG totally in client-side code...now that's pretty neat. But as cool as that is, nobody uses it, and 99% of the rest of JS is used for stupid stuff that either shouldn't exist at all, or should wait for the next revision to X/HTML and the associated web browsers if so many people really want it.)
The other big security is Trojans, but that's just PEBKAC; you really can't do much to guard against it. You can make specific attacks more difficult or impossible (not allow files to hide the fact that they're executable, perform hash-checks on all updates, etc.) but if you've got stupid users, you're always going to have to deal with it. (Perhaps the solution is just to make computers much harder to use?)
But the mixing of executable code and content on the web is a problem, and it breaks down the separation of content and display software in a way that's almost bound to cause eventual problems.
I agree with you wrt the uselessness of soft-power settings on computer monitors. I habitually hit the "real" power switch on my (circa 1998 or so, so it has both) monitor when I'm going to leave for a while, rather than just leaving it to go into standby. Mostly because it tends to come out of 'sleep' at the slightest whim.
But the real reason for all those soft-power settings I think has less to do with powering on than it does with powering off. Most devices don't like to be daisy-chained and controlled by a remote source, like lots of analog electronics were, because they can't stand having their power cut abruptly.
In other words, it's the "shut down" procedure that's the killer, not the "start up" one. Lots of devices perform little rituals when you turn them off, writing settings to non-volatile memory for instance, that analog electronics just don't have to do. Because of this, you need to make sure that the user doesn't really have control over the device's whole power. So instead of a real switch, the user gets a soft-power button. That way, they can press it, and the device can start shutting down, and do its thing. But this basically necessitates 'standby' rather than 'off,' in order to be able to start up from the soft power button.
Remote controls are the other driving force, but there are lots of devices that do 'standby' now, that don't have remotes. I think it's often because they have a power-off procedure; if you designed devices so that they could be unplugged at any time without consequence, then you could go back to centrally-controlled, daisy-chained power supplies.
I think the device you're looking for is called a "nanny." Although they may be available for purchase in other parts of the world for $400, that is unfortunately prohibited by law here, and importation or acquisition on the gray market is strongly discouraged.
There are, however, models available for lease, rental, or timeshare at affordable prices, with correspondingly varied quality.
They have no way to know or prove -- unless you tell them -- that there's more than one key. You can't look at a TrueCrypt volume and determine that it has multiple keys, and you can't look at the volume that's opened by a TrueCrypt key and know that it's not the only thing in there.
.tc file was 600MB and your "password" opened up a volume that only had 1MB worth of stuff in it, that'd be a pretty damning sign.)
(Although, I suppose if the
I like this tactic.
Can we find a way to accuse the RIAA of supporting terrorism, too?
I'm not really sure why you think other people will let you store a lot of your crap on their systems, and let you use a lot of bandwidth to access it.
That said, distributed, encrypted file systems are nothing new; Freenet works like that. Each node downloads a few MB of encrypted files and stores them, and is totally unaware of what's being stored. There is a complicated system for pulling up pages from other nodes, letting you navigate it in a way similar to the WWW. But it's all run basically on charity. If you started using it as your personal file-storage vault, at the expense of local storage, and everyone else did, too, it would break down.
IMO, the main reason that doesn't happen to Freenet is because it's almost unusably slow. (Or at least it was the last time I tried it, about 2 years ago.)
Whoever pays for the research ought to own the results. If that's the NIH, than the taxpayers, the public, own the results.
If you work for the public for less than you'd work for substantially less than you'd work for a corporation, then either you're very generous or you're a fool. But it's not the NIH's fault if you underbid yourself.
The point of funding basic research with public money is because it's generally not profitable. If there's profit to be made as the result of it, maybe you should be looking for industrial funding instead. But since it's generally assumed to not be the sort of thing you can patent and turn into a revenue stream, there ought not be a lot of problem putting it into the public domain.
What you seem to be asking for is to have your cake and eat it, too: you want the public to pay for your research, but then you want to own it at the end, and prevent the public from getting what it paid for. Sorry, but I don't think it should work that way. If you want to own the results of your research, and you think it has profit potential, go find some venture capitalists. The public's purse is not your bank.
Well, how other countries want the fruits of their tax-funded research dealt with is a decision for those countries' citizens. If the Brits or the Finns or the Chinese or whomever want to pay for research and keep it locked up in a vault, bully for them. But I think we need to lead by example.
And frankly, since we have such a large portion of the medical-research industry in this country anyway, we're not giving up a whole lot by just putting it into the public domain. And a research industry isn't built on a vault full of arcane knowledge; it's built on laboratories and people, and perhaps most of all, a culture of inquiry and challenge. You can't copy that by ripping off a few scientific papers.
Also, a restriction that somehow limited U.S.-taxpayer-funded research to only being used by U.S. corporations and entities wouldn't exactly be enforceable against companies in China or Russia. So at best, you'd only be hurting those companies who play by the rules anyway. (Probably the only companies you'd end up hindering are the multinationals who have offices in the U.S., and are the ones doing the research in the first place -- so they're the last ones you want to get in the way of.)
By putting research funded by our tax dollars into the public domain, we'd be setting an example to the rest of the world, and positioning ourselves to benefit the most from international collaboration.
And if, on the off chance, other countries became obnoxiously bad with funding their drug companies with public money and not releasing the fruits of it to the rest of the world, we could deal with it and show our disapproval through trade sanctions on a case-by-case basis.
Pardon? I must have missed a memo... slashbots insist privately funded science is bunk. Just ask any of them the next time an oil company funds a study on climate change. Hell, these crackpots have even decided the evil cigarette companies are in on the 'scam' too!
Well, you have to consider the motives of the company funding the research. Sure, an oil company funding research on global warming is suspicious, as is a cigarette company funding research on lung cancer. But would I trust an oil company's research on advanced petroleum distillation processes? Sure -- they benefit directly from that knowledge, and it doesn't do them any good (and much harm) if it's falsified.Likewise, as long as you have a drug-approval process that ensures that drugs must actually be effective, drug companies benefit from finding effective drugs, and therefore they have good reason to do research into it.
It's when you see a private company funding research that's counterproductive to its financial goals (or where one conclusion from the research is beneficial to them, while the other conclusion is not) that you need to be suspicious. Although to be honest, you need to consider these sort of motivations in the public sector, also. If a scientist knows that they're only going to get renewed grant funding if their research finds something 'interesting' or anomalous, then they're going to have a lot of motivation to massage the data to make it appear that way.
But in either case, you can protect against researcher bias by making sure that experiments and trials are well-documented, that the data is open to examination, and that it can be repeated by disinterested parties who'll find the same result.
American public funds it, but placing it into public domain — as GGP poster wants — would make it automatically freely available to the rest of the world too.
...who will probably just take it anyway, regardless of patent or copyright restrictions. So all we're doing by locking it up legally, is punishing other, law-abiding U.S. companies (who are subject to our inane IP law system).Besides which, the sort of isolationism you're supporting is counterproductive. U.S. industry (in particular, the big corporations that do pharmaceutical research) benefits from lower trans-national barriers to information. While you might be able to hurt medical advancement in other parts of the world with such a policy, you would also retard it here: the end result would be knowledge in the U.S. that's perhaps more advanced than elsewhere, but it would still be behind where it'd be if you didn't have the idiotic restrictions in the first place. Talk about cutting off your nose to spite your face.
You may have Nixon confused with Andrew Johnson the 17th president who was impeached. In fact impeachment proceedings failed to make it out of committee in 1867 and then impeachment was successful in 1868. Johnson was acquitted by one vote in the Senate by
Edmund G. Ross of Kansas. Not to be terribly pedantic, but that sentence as written doesn't parse correctly.
What I think you meant was "You may have Nixon confused with Andrew Johnson, the 17th president, who was impeached."
(He was the 17th President, and was impeached; he was not the 17th President to be impeached. As of right now, I think it's only he and Bill Clinton who have actually faced impeachment proceedings, although there may have been others, like Nixon, who resigned when it became clear that they would be.)
I don't think the parent was talking about putting privately-funded research into the public domain; the issue is research funded with public monies, by the NIH.
I agree with him, that research paid for by the public ought to belong to the public; you shouldn't be able to get the government to pay for your research and then use it to get a patent that lets you deprive others of the fruits of that research for a few decades.
Nobody is saying that a company can't pay for research itself and reap the benefits of it.
Sure, you can boycott. And you can also, in theory, lobby your democratically-elected government to regulate the corporations more directly, in order to produce outcomes that you find more pleasant. That's both within your right as a consumer (to boycott) and a voter (to vote), and it's a legitimate function of government besides.
However, the corporation doesn't act 'ethically' as a result of this, at least in the same sense than an individual does. It just responds to market and regulatory pressures and does whatever happens to be profitable. If ethical behavior is profitable, that's what happens. If unethical behavior is more profitable...well, you get the idea.
And yes, I'm aware that corporations are made up of people, etc. etc. However, they don't act like people, and shouldn't really be anthropomorphised; since no single individual controls more than a small fraction of their overall actions, their behavior can't be modeled by the same factors that drive an individual's decision-making. E.g., an individual may avoid doing something because he or she knows they will feel guilty about it later; a corporation doesn't have that problem, because people who feel guilty (and thus stop participating) can easily be removed and replaced, or leave of their own accord.
Corporations -- big ones, anyway; ones that aren't chiefly run by a single person -- are predictable in that they always flow towards profit in the same way water always flows down hill. And, like water, they can be a benefit or a hazard depending on the situation. It is the job of individuals, both while acting as consumers in the marketplace and voters in the booth, to create the conditions that produce the most desirable outcomes. There is no reason to simply allow the corporations to run wherever they please, or assume simply because one set of conditions led to one outcome, that it's the only possible, or most desirable, one.
If the people are displeased with what corporations are doing, and feel as though they can't change their behavior in the marketplace, then it says to me that our government has obviously failed at some point.
Patents have not had much to do with novelty or ingenuity in a long time.
The iPhone is a brilliant piece of product design and marketing; there's nothing earth-shattering about it on the technological front, even when you include the interface.
Its inclusion in the list seems like a cheap shot to get the article Slashdotted and FPed on Digg.
Those test suites are nice, but none of them actually cause a hardware failure or disconnect. If that's what causes the data-loss issue (and it seems that there are other ways that you could cause/simulate it in this case, because it's happening on a higher level of abstraction than the bare metal), then you'd need to do some actual testing where you actually messed around with the hardware in order to determine the interaction.
I'm not arguing against automated testing; automated testing is great. But I'm saying that you also need to do simulated real-world testing, with the actual hardware, and let people try to break it. If you're only testing using software tools you're always going to have a blind spot at the very bottom levels.
Only if they're actually different messages.
If they're the exact same message just relayed to you twice, then it doesn't make sense to deliver two copies; you should get one -- and the problem you're describing regarding filing is a MUA one, not an MTA issue. (IMO, a good MUA would let you have the same message in two views/folders, and show it in multiple threaded discussions if it's referred to there.)
But anyway, aside from that, I agree that qmail sucks and I hate it for many reasons besides its handling of duplicate messages. I prefer postfix.
After I wrote the last post above in the thread, I did a little research on JavaScript implementations of GPG. It turns out that people have gone there before, and there are several working examples.
I wrote a post about it on my blog, but I'll save you and anyone else who might be interested the click and give you the two best examples:
This one is one-way (encrypt only) but is quite fast. It's made for the submission of forms (e.g. "Contact me" on websites) using insecure CGI-to-mail gateways. You can view all the code in your browser, and there are no remote binaries or anything.
That version is based, I believe, on this more general implementation by John Walker (the AutoDesk guy), which does both encryption and decryption of OpenPGP messages right in the browser. Also licensed pretty broadly, I think.
So basically, you could take that JavaScript, and build it into a webmail system: as long as the user had a JS-capable browser, they'd be able to work with encrypted messages without sending any unencrypted data to the server. This is a much more secure model than what I think is used by Hushmail (where the plaintext gets to and from the user via an SSL pipe, but only gets packaged up into a GPG message on the server side). Also, it allows you to keep all your stored messages (Sent Mail, Received Mail, etc.) kept on the server, encrypted to yourself, so that your ISP can't sell you down the river, but you get the convenience of using IMAP.
All you'd need to do, as a user, would be to carry around your private key. Alternately I suppose you could keep an encrypted copy of your private key on the server and then unlock/decrypt it in the browser with a passphrase, but that's much less secure.
There are still a lot of possible attack vectors against such a system (Walker gets into them on his page; basically you constantly have to worry about whether the JS applet has been changed and isn't what you think it is), but it's a hell of a lot better than plaintext or plaintext+SSL.
Scenarios that involve physical disturbance to the hardware are not easily testable by automated regression-test systems. I have no idea what Apple uses internally, but "bump the hard drive" is not an option I've seen in most products.
It's the sort of thing you expect to find in human-driven system testing, where you actually set somebody loose and tell them to try and find ways of breaking things.
It's exactly the sort of thing I'd expect to slip through if an organization was depending too heavily on automated test strategies and not giving enough time to more holistic ones.
I think, deep down, you already know the answer.
1. Programmers get lazy. If you don't have to optimize, you don't. So if you're told to make it run on a 1GHz machine with 1GB of RAM, that's going to be pretty close to the minimum requirements.
2. In the case of Microsoft, I strongly suspect they have an informal arrangement with the hardware manufacturers, whereby they continually drive hardware purchases, and the hardware manufacturers continue to prepackage Windows on the new machines. Even if there isn't an actual quid pro quo, Microsoft's products are nearly ubiquitous, and they benefit quite directly from new hardware purchases.
Hence, they have no reason not to bloat.
Bloat isn't universal, though. I have an old P166 that's running OpenBSD 4.1, and prior to that it was running Debian Stable; both are modern operating systems with a lot of features that didn't exist ten years ago when the machine itself was produced. If you look around, there are still programmers who know how to squeeze performance out of the hardware they have available, but you just don't see them employed by Microsoft. (At least not in the Office division, apparently.)
I think it boils down to your definition of "remarkable."
Something might be technically unremarkable, by today's standards, but still hugely remarkable in the historical sense, because it was the first of its kind.
As a more extreme example, I have a pocket calculator that can do more than the original ENIAC, but that doesn't mean that ENIAC is any less remarkable, when considered in the context of when it was developed.