So, if I were by far the most intelligent man on the planet, you wouldn't mind me stealing the election and running the country just to benefit my friends and myself?
Don't mistake intelligence alone for an automatically benign and positive thing for everyone else involved - there are seriously smart people you might want in charge, but there are also seriously smart psychopaths you might not want to run the country or even have a bigger say in the decision on who does.
Well, I would think it depends on how they do it - in Switzerland, Cablecom does the same - as a subscriber you get one of their routers, and apart from your own connection (which you get at the full advertised speed), there is another channel using which they turn your modem into a "free" wifi hotspot.
The catch in this case comes with the word "free" - it is free to their paying subscribers: i.e. at home I have my own connection, but everywherelse in Switzerland, within wifi distance from any of their other customer's cable routers, I can access the internet through wifi at no extra cost.
Non-subscribers do not get access to this wifi...
In this case, my "reason to pay" them is for the (better) access I have for myself at home but it also includes the convenience of having free wifi across many places in Switzerland...
Sorry, the pre-announcement does have a point - if the security hole is major, then you want admins to be ready to patch their systems pretty much immediately.
If you just released the "fixed" version together with a description of the vulnerability - it might give extra time to potential attackers to figure out how to exploit the problem before an admin becomes aware that there even IS a new version.
In this case, the certificate verification might not have sounded like a big thing to you - but think where client certificates are being used - not that many places, but usually "important" ones, and often ones that have real economic consequences for the parties involved if they were to be broken (like many VPNs between businesses; or protected services that require client certificates for authentication. If it were "easy" to forge one, the protection would be harder to maintain (if it were even still possible to maintain).
Well, yes, the BBC is a non-profit - but the cash cow argument still stands. Top Gear has been making a lot of money for BBC that the non-profit BBC could then channel back into other productions, right?
Therefore Top Gear did give the BBC something more to work with, that is now at risk.
On the other hand - since the BBC is publicly funded, any further Clarkson stunts will also negatively impact BBC's image (apart from in the eyes of the xx million petrol-heads that worship the show.
So, if a pickpocket picks it from your trouser pocket while you're walking along the street you quickly and easily dash after him to press the lock button on the phone while he's trying to make a getaway?
Are you sure, it's the COUNTRY that absolutely loves to censor stuff - and not its (elected) government?
Turkey is a large and very diverse nation - been there twice so far and absolutely loved the parts around Istanbul we visited and the people we met. I just don't think it does the normal people there any justice to leave statements like "their country loves censoring" unchallenged.
While here in Europe there were some long post 9/11 discussions on whether muslim headscarves should be banned - at the same time in (muslim) Turkey, there were demonstrations against the government, because their government wanted to LIFT a headscarf ban at Turkish universities.
Hmm - there are PCMCIA card readers - used one for photography a long time ago... If you have memory cards you're using in a camera, see whether there is a PCMCIA card reader for that type of card (used compact flash at the time). In that case you could at least use stuff you mostly have already...
That example isn't quite the same - noone will have a problem with Microsoft offering you a free coffee on their premises.
But, if Microsoft decided that Starbucks was a threat to them and started distributing free coffee everywhere just to screw up SBUX, then that would likely be an antitrust matter.
The same could be argued for a search engine offering a free office toolkit - as it's not really the typical pairing that has anything to do with their normal search business.
The free bag service is an anemity that you might come to expect from a hotel and AT the hotel's premises; or the free chauffeur service that they might offer to and from their hotel for your arrival and departure.
Indeed - no "stack"... yet - unless google starts "integrating" the services into each other (integrate - not just share a home page as a starting point).
The stack example, indeed, seems misleading here.
On the other hand - while you defend google here - think back to some of the issues in the MS anti-trust case:
- MS used proceeds from other areas to funnel huge amounts of money into IE development - much more, than any start-up could hope to match.
- By including IE into Windows, for many people (normal users, not people working in IT) they eliminated the need to even look for other browsers - no matter, whether other browsers might have been better.
- The inclusion of IE also meant the end for commercial browser makers - as they wouldn't have an alternative source of income. "Netscape" failed, their browser ultimately only growing because it was completely freed and open-sourced: In effect, MS might still channel more money into IE; but against the open source community that would not necessarily help, as the open-source author doesn't need to "show quarterly numbers"; quarterly profit reports, etc -- as long as the open source developer gets an income (which in many cases may stem from an unrelated day-job)...
In google's case, there is no full integration of services - but:
- income from the advertising (which the search engine generates / facilitates) supports an ecosystem of other software - a free calendar or documents - services that _depend_ on their ad business generating the income for them. Same as MS Office paying the bills for IE.
- the same landing page (www.google.com) being a straight entry point to not just the search, but other free offerings unrelated to search (like the news, play,...) gives those extra services a big head-start over their competition - and one they can't hope to match (no ad space sold on the landing page).
These things make it more difficult for new enterprises to form - and it's reasonable to expect that any new area popping up on the web, google will not just also try to profit from (which would be fair enough), but they can (easily ab)use their position to help their apps further by giving them privileged exposure on their search page and continue to fund them for extended periods of time to prevent other entrants getting into that area.
Question: How much of that complexity can you hide from the normal user? Or - how much of that complexity is even visible to the normal user?
Complexity often comes into two parts - the complexity for the developer or admin; and the complexity for the end-user.
If I use a Mac Desktop, you can bet I don't give much of a toss over how much extra work that might mean for a developer - as long as my user experience is better.
Do you drive a car?...despite over how much more complex it is than, say, a horse-drawn carriage?
I may agree with your point, that systemd is only useful for a subset of linux ecosystems - but from this, deriving that it shouldn't be default seems bizarre.
The "try to cover every possible thing" aspect that you so seem to hate for servers could be a boon for people installing it on laptops; or even their normal home PC; anyone starting out with linux. In short - this could be a boon for a lot of people coming to Linux anew and don't know init.
So, why not leave systemd in "user centric" distros like standard ubuntu ; but keep init as default in server-distros - at least for the time being - since those are usually aimed at more experienced Unix users - who already know init.
If we can keep distros with and without a graphical desktop separate - why not do the systemd / init split along the same lines - as the desktop distros need to cater to being more user-friendly and more at home on very disparate hardware setups.
As for the optional step - if systemd may be more newbie friendly, how easy will it be to switch from init to systemd? And one of those two needs to be default - but if switching around between the two is tricky, then by all means take the more user-friendly one as standard - if the user-friendly option is difficult to install, you don't need to package it at all - as the newbie at whom you might aim it is probably the last person with the technical knowledge of what the switch means or how it could be done.
Hmm - strange how "nuking" people or places can be deemed a solution worthy of discussion.
Nukes are so well targetted - so, not just do you say "Turkey, UAE, and Saudi Arabia" support ISIL - but at the same time, that those countries have noone opposing any support for ISIL or radical islamics - and so if you nuke them, you're not going to hit anyone "innocent".
The only things nukes or other more military action do is to feed radicalism - and with rising radicalism on the other side, you will find more radical policies on our side "Nuke them!".
Military support is needed to help clean up the conflict - but it does need a longer term engagement, and it needs something else than airstrikes - but actual boots on the ground to prevent massacres. This is dangerous - it puts "our" soldiers sent there right in harms way, but we can't show people there a "better alternative" by delivering it in warheads.
Just like the ridiculous corporate taxes and corporate tax avoidance schemes, isn't it nice how we are worried about costs all the time - from TFA:
"Such changes could impact legitimate taxpayers by delaying refunds, extending tax season and likely adding costs to the IRS."
Sure, changes incur costs...
But, before you worry too much about possible costs - how much of "(the IRS) paid $5.2 billion in fraudulent identity theft refunds in filing season 2013" would the IRS need to block in future tax years to more than offset that cost?
If they're losing $5.2 bn a year - don't you think any reasonable costs invested to prevent those "losses" might not be a good investment?
Strange how, just a knee-jerk you'll find some people defending the science, there are those that have the same knee-jerk reaction against any findings in this area. With all that uncontrollable knee-jerking on both sides - it seems that we have another great argument for universal health care, to get people's knees fixed again... But I digress...
Whether climate change is man-made or not - I don't think there is too much debate left on the matter. But, I'm no climate scientist, so for me personally it's a matter of "belief" that mankind is behind this. We may get some theories and models wrong on how fast global warming works - or why there may be a hiatus in it.
The question of whether we're behind this - take two past events and see how much influence we might have:
Remember the Icelandic volcano a few years back - in response to the volcanic ash, we grounded a lot of flights for a few days - and even in that time, we could measure how much the air changed - just by taking planes out of the picture for a few days.
Secondly, if you think mankind's influence isn't large enough given the size of the planet - look back at climate records around the time Krakatoa blew up - that one mountain exploding had a measurable impact on temperature and weather for 5 years; so, if a _single_ mountain on one day can create that kind of change -- are you sure, all of our industries around the world together over the course of years CAN'T?
What the planet is "too large for", is for us to do some quick and easy experiments to actually test our hypotheses quickly - so climate science does what it can mostly from observation and trying to identify as many factors as possible that DO have a measurable impact in order to MODEL what's going to happen and then wait and see how close these models correlate with what's happening.
To some degree obviously, there is a lack of incentives for ISPs to change - if they still have enough addresses for themselves, then switching to IPv6 is only costs, not benefits.
Maybe some of the larger sites, like youtube, facebook, wikipedia should have a meeting to discuss the switch-over and then start shaping IPv4 traffic - just reduce capacity on IPv4 by 5% every month and see how long it will be, before ISPs will lose customers if they DON'T switch to IPv6...
I would guess they mean it's longer because they count its length as one piece - not as a lower leg and a foot.
Still - in terms of dimensions, it needs to be a good match with his other leg -- unlike Pistorius who would have been able to go for optimized prosthetics on both legs that would be better than "normal" legs might be... (i.e. watch the Aimee Mullins TED talk on how she can vary her height fairly significantly just through the choice of legs she wears)...
Hmm - I could partially understand the extra strength and mechanical advantage in the Pistorius case - I can't quite see it with Markus Rehm.
Pistorius had BOTH legs amputated, so you can potentially improve on both sides. Rehm had ONE leg amputated - adding extra length doesn't make any sense one one side only. Similarly, I would guess it would make it very difficult to run evenly, if the prosthetic leg doesn't about match the other one in length, in "bounce" (in the step),...
I did not say purely that reading about -- should tell you about security alone. IIRC my original incident with -- was a colleague setting me a teaser on trying to find out how to delete a file called '-f'; and me first having to figure out, that 'rm ??' reads like delete all files with two character filenames (of which there was only the '-f' file), but not seeing that the ?? actually gets expanded to all the two character filenames by the shell; rm never sees the '??' but instead only sees the filenames - and obviously, it can't discern whether a parameter of '-f' was expanded from the filename -f or intentionally given as a parameter.
If you learn that - you'll get a better understanding of how the system works - and that _in turn_ will help you get a better grasp on what could or would go on and particularly, what could go WRONG, in a system.
Sorry, if that appears harsh - but sometimes it pays to read manuals and try and understand what you're doing and how the stuff works.
I don't exactly remember when I learnt it first - but I DID already know when I also got told about it during my CS BSc degree course (probably 1st or 2nd year - which would place it about 1998-2000).
If you need to code stuff "securely", you need to understand how stuff works -- I don't think of myself as a particularly apt security coder or hacker - I mainly specialise on internal systems integration, not so much web or other front-end stuff, so I have the luxury that I already know the data is "sane", before it gets to me - and I "only" need to figure out how to transform it and where to send it on to.
Here are a few pointers, where you might read about it:
http://pubs.opengroup.org/onli... "Guideline 10:
The first -- argument that is not an option-argument should be accepted as a delimiter indicating the end of options. Any following arguments should be treated as operands, even if they begin with the '-' character."
Even wikipedia mentions it - even though not strictly a "developer" resource:
"In Unix-like systems, the ASCII hyphen-minus is commonly used to specify options. The character is usually followed by one or more letters. Two hyphen-minus characters ( -- ) often indicate that the remaining arguments should not be treated as options, which is useful for example if a file name itself begins with a hyphen, or if further arguments are meant for an inner command. Double hyphen-minuses are also sometimes used to prefix "long options" where more descriptive option names are used. This is a common feature of GNU software. The getopt function and program, and the getopts command are usually used for parsing command-line options."
If that's too far to go - try "man getopt" on your linux machine:
"
The parameters getopt is called with can be divided into two parts:
options which modify the way getopt will parse (options and
-o|--options optstring in the SYNOPSIS), and the parameters which are
to be parsed (parameters in the SYNOPSIS). The second part will start
at the first non-option parameter that is not an option argument, or
after the first occurrence of `--'. If no `-o' or `--options' option
is found in the first part, the first parameter of the second part is
used as the short options string. "
man rm - and even rm --help on linux show it: "
To remove a file whose name starts with a '-', for example '-foo', use
one of these commands:
rm -- -foo "...though without explaining the "--" in general...
man chown doesn't mention it, but refers to the full documentation in texinfo and how to access it - that one says under "Common options"
"
`--'
Delimit the option list. Later arguments, if any, are treated as
operands even if they begin with `-'. For example, `sort -- -r'
reads from the file named `-r'. "
The information is there - and in _lots_ of places - but it DOES requ
Who does NOT use -- in their scripts, if they're safety conscious?
rm -i -- *
Problem solved?
Normal programs should stop processing options after a (standalone) "--" and take everything following it as regular parameters. getopt and similar libraries handle this automatically.
I really wouldn't class the "use of wildcards" as a security risk - the security risk is the developer that doesn't know what he's doing. Would command line handling be a security risk, if someone would add a --superuser-rm option to his code and execute "rm -rf/" as root immediately afterwards?
Think about it this way - before Apple made their inroads into the phone market, the dominant players were companies you don't even hear much about as phone makers any more (Nokia, Ericsson,...) and back then people thought, Apple wouldn't be able to make any significant inroads into that market either.
In fact, they pretty much disrupted the entire sector in the process - they may not be the market leader by market share, but they managed to build up and retain the "premium" brand image in the market - and keep the highest share of profits in that market.
As for Amazon - there are two things at play here: Sure, anyone can install amazon's app on the iphone - but it doesn't come pre-installed; the iTunes store does; so on the app side, they can only profit from people who go and install their app first - and somehow I can't see Jeff Bezos talking Apple into _please_ include the Amazon store into the default apps on the phone. Apple would probably rather start entering Amazon's business rather than allowing amazon to add an app to the base iOS which will be in part competition to the iTunes store.
Secondly, I would expect Apple to move more into the cloud market - which will be tied in nicely with iOS - and which might end up being a threat to Amazon's cloud services.
Amazon is large enough and has the technical background to try and successfully bring a new phone to the market - I'm not quite sure, though, whether they have something really new to bring to the table that others don't have and which would allow them to disrupt the market in a way large enough to make it pay off...
I think the problem is more that many (most?) people seem to think that being creative and being innovative is the same thing. It isn't.
Steve Jobs may not have been the most creative person on the planet - but he was possibly one of the most innovative.
It's all well and good if you think of an idea on how to beat cancer - but the idea is nothing if you can't realize it.
Maybe Xerox had the first graphical user interface - but they had fairly little idea on what to do with it - Jobs did - and while many people will happily point out that Xerox had a mouse and GUI before Apple got there (and they're right) - how many can honestly say they had heard of a mouse and graphical user interfaces BEFORE they had seen one on an Apple computer or one of the countless GUIs that followed?
How many phones today would have touch screens and controls that look eerily similar to the iPhone ones, if the iPhone wouldn't have shown it before? (it doesn't matter, if you know a single phone before that had a touch screen - physically having the touch screen is not the same as seeing how it was all put together first).
Tablets had been around before the iPad - but what kind of sales did they have before? And what kind of sales do they have now? And - those that are selling the best now, in terms of their usability, do they look a damn sight more like the iPad, or more like whatever tablets were there before?
All those are cases of INNOVATIONs brought by Apple and which ultimately massively changed the face of the markets that they went into.
Another pointer on how Apple did something great and something new?
Name the last Samsung product launched that had a significant number of other players in the industry immediately clamoring to make something similar or "better"? When was the last time LG did? Google? Google possibly did with gmail - but search engines were there before, even large and well known ones.
Jobs was great in seeing something and seeing how it could be made useful far beyond what their original creators might have done.
Slashdot Mirror
Does that also go for your choice of quantity (2 m in Demming) as opposed to quality (His name was Deming - 1 m)? ;-)
So, if I were by far the most intelligent man on the planet, you wouldn't mind me stealing the election and running the country just to benefit my friends and myself?
Don't mistake intelligence alone for an automatically benign and positive thing for everyone else involved - there are seriously smart people you might want in charge, but there are also seriously smart psychopaths you might not want to run the country or even have a bigger say in the decision on who does.
Well, I would think it depends on how they do it - in Switzerland, Cablecom does the same - as a subscriber you get one of their routers, and apart from your own connection (which you get at the full advertised speed), there is another channel using which they turn your modem into a "free" wifi hotspot.
The catch in this case comes with the word "free" - it is free to their paying subscribers: i.e. at home I have my own connection, but everywherelse in Switzerland, within wifi distance from any of their other customer's cable routers, I can access the internet through wifi at no extra cost.
Non-subscribers do not get access to this wifi...
In this case, my "reason to pay" them is for the (better) access I have for myself at home but it also includes the convenience of having free wifi across many places in Switzerland...
Sorry, the pre-announcement does have a point - if the security hole is major, then you want admins to be ready to patch their systems pretty much immediately.
If you just released the "fixed" version together with a description of the vulnerability - it might give extra time to potential attackers to figure out how to exploit the problem before an admin becomes aware that there even IS a new version.
In this case, the certificate verification might not have sounded like a big thing to you - but think where client certificates are being used - not that many places, but usually "important" ones, and often ones that have real economic consequences for the parties involved if they were to be broken (like many VPNs between businesses; or protected services that require client certificates for authentication. If it were "easy" to forge one, the protection would be harder to maintain (if it were even still possible to maintain).
Well, yes, the BBC is a non-profit - but the cash cow argument still stands. Top Gear has been making a lot of money for BBC that the non-profit BBC could then channel back into other productions, right?
Therefore Top Gear did give the BBC something more to work with, that is now at risk.
On the other hand - since the BBC is publicly funded, any further Clarkson stunts will also negatively impact BBC's image (apart from in the eyes of the xx million petrol-heads that worship the show.
Nonsense man!
You should just know, that it ONLY qualifies as a cyber incident, if it hits _OTHERS_.
If we are hit ourselves, it was nothing to begin with and doesn't need reporting... ;-)
So, if a pickpocket picks it from your trouser pocket while you're walking along the street you quickly and easily dash after him to press the lock button on the phone while he's trying to make a getaway?
Are you sure, it's the COUNTRY that absolutely loves to censor stuff - and not its (elected) government?
Turkey is a large and very diverse nation - been there twice so far and absolutely loved the parts around Istanbul we visited and the people we met. I just don't think it does the normal people there any justice to leave statements like "their country loves censoring" unchallenged.
While here in Europe there were some long post 9/11 discussions on whether muslim headscarves should be banned - at the same time in (muslim) Turkey, there were demonstrations against the government, because their government wanted to LIFT a headscarf ban at Turkish universities.
Hmm - there are PCMCIA card readers - used one for photography a long time ago...
If you have memory cards you're using in a camera, see whether there is a PCMCIA card reader for that type of card (used compact flash at the time). In that case you could at least use stuff you mostly have already...
That example isn't quite the same - noone will have a problem with Microsoft offering you a free coffee on their premises.
But, if Microsoft decided that Starbucks was a threat to them and started distributing free coffee everywhere just to screw up SBUX, then that would likely be an antitrust matter.
The same could be argued for a search engine offering a free office toolkit - as it's not really the typical pairing that has anything to do with their normal search business.
The free bag service is an anemity that you might come to expect from a hotel and AT the hotel's premises; or the free chauffeur service that they might offer to and from their hotel for your arrival and departure.
Indeed - no "stack"...
yet - unless google starts "integrating" the services into each other (integrate - not just share a home page as a starting point).
The stack example, indeed, seems misleading here.
On the other hand - while you defend google here - think back to some of the issues in the MS anti-trust case:
- MS used proceeds from other areas to funnel huge amounts of money into IE development - much more, than any start-up could hope to match.
- By including IE into Windows, for many people (normal users, not people working in IT) they eliminated the need to even look for other browsers - no matter, whether other browsers might have been better.
- The inclusion of IE also meant the end for commercial browser makers - as they wouldn't have an alternative source of income. "Netscape" failed, their browser ultimately only growing because it was completely freed and open-sourced: In effect, MS might still channel more money into IE; but against the open source community that would not necessarily help, as the open-source author doesn't need to "show quarterly numbers"; quarterly profit reports, etc -- as long as the open source developer gets an income (which in many cases may stem from an unrelated day-job)...
In google's case, there is no full integration of services - but:
- income from the advertising (which the search engine generates / facilitates) supports an ecosystem of other software - a free calendar or documents - services that _depend_ on their ad business generating the income for them. Same as MS Office paying the bills for IE.
- the same landing page (www.google.com) being a straight entry point to not just the search, but other free offerings unrelated to search (like the news, play, ...) gives those extra services a big head-start over their competition - and one they can't hope to match (no ad space sold on the landing page).
These things make it more difficult for new enterprises to form - and it's reasonable to expect that any new area popping up on the web, google will not just also try to profit from (which would be fair enough), but they can (easily ab)use their position to help their apps further by giving them privileged exposure on their search page and continue to fund them for extended periods of time to prevent other entrants getting into that area.
Apparently, if you understand the seal's dialect, you'll clearly hear them say:
So long, and thanks for all the fish!
Question: How much of that complexity can you hide from the normal user? Or - how much of that complexity is even visible to the normal user?
Complexity often comes into two parts - the complexity for the developer or admin; and the complexity for the end-user.
If I use a Mac Desktop, you can bet I don't give much of a toss over how much extra work that might mean for a developer - as long as my user experience is better.
Do you drive a car? ...despite over how much more complex it is than, say, a horse-drawn carriage?
I may agree with your point, that systemd is only useful for a subset of linux ecosystems - but from this, deriving that it shouldn't be default seems bizarre.
The "try to cover every possible thing" aspect that you so seem to hate for servers could be a boon for people installing it on laptops; or even their normal home PC; anyone starting out with linux.
In short - this could be a boon for a lot of people coming to Linux anew and don't know init.
So, why not leave systemd in "user centric" distros like standard ubuntu ; but keep init as default in server-distros - at least for the time being - since those are usually aimed at more experienced Unix users - who already know init.
If we can keep distros with and without a graphical desktop separate - why not do the systemd / init split along the same lines - as the desktop distros need to cater to being more user-friendly and more at home on very disparate hardware setups.
As for the optional step - if systemd may be more newbie friendly, how easy will it be to switch from init to systemd? And one of those two needs to be default - but if switching around between the two is tricky, then by all means take the more user-friendly one as standard - if the user-friendly option is difficult to install, you don't need to package it at all - as the newbie at whom you might aim it is probably the last person with the technical knowledge of what the switch means or how it could be done.
Hmm - strange how "nuking" people or places can be deemed a solution worthy of discussion.
Nukes are so well targetted - so, not just do you say "Turkey, UAE, and Saudi Arabia" support ISIL - but at the same time, that those countries have noone opposing any support for ISIL or radical islamics - and so if you nuke them, you're not going to hit anyone "innocent".
The only things nukes or other more military action do is to feed radicalism - and with rising radicalism on the other side, you will find more radical policies on our side "Nuke them!".
Military support is needed to help clean up the conflict - but it does need a longer term engagement, and it needs something else than airstrikes - but actual boots on the ground to prevent massacres. This is dangerous - it puts "our" soldiers sent there right in harms way, but we can't show people there a "better alternative" by delivering it in warheads.
Just like the ridiculous corporate taxes and corporate tax avoidance schemes, isn't it nice how we are worried about costs all the time - from TFA:
"Such changes could impact legitimate taxpayers by delaying refunds, extending tax season and likely adding costs to the IRS."
Sure, changes incur costs...
But, before you worry too much about possible costs - how much of "(the IRS) paid $5.2 billion in fraudulent identity theft refunds in filing season 2013" would the IRS need to block in future tax years to more than offset that cost?
If they're losing $5.2 bn a year - don't you think any reasonable costs invested to prevent those "losses" might not be a good investment?
Strange how, just a knee-jerk you'll find some people defending the science, there are those that have the same knee-jerk reaction against any findings in this area. With all that uncontrollable knee-jerking on both sides - it seems that we have another great argument for universal health care, to get people's knees fixed again... But I digress...
Whether climate change is man-made or not - I don't think there is too much debate left on the matter. But, I'm no climate scientist, so for me personally it's a matter of "belief" that mankind is behind this. We may get some theories and models wrong on how fast global warming works - or why there may be a hiatus in it.
The question of whether we're behind this - take two past events and see how much influence we might have:
Remember the Icelandic volcano a few years back - in response to the volcanic ash, we grounded a lot of flights for a few days - and even in that time, we could measure how much the air changed - just by taking planes out of the picture for a few days.
Secondly, if you think mankind's influence isn't large enough given the size of the planet - look back at climate records around the time Krakatoa blew up - that one mountain exploding had a measurable impact on temperature and weather for 5 years; so, if a _single_ mountain on one day can create that kind of change -- are you sure, all of our industries around the world together over the course of years CAN'T?
What the planet is "too large for", is for us to do some quick and easy experiments to actually test our hypotheses quickly - so climate science does what it can mostly from observation and trying to identify as many factors as possible that DO have a measurable impact in order to MODEL what's going to happen and then wait and see how close these models correlate with what's happening.
To some degree obviously, there is a lack of incentives for ISPs to change - if they still have enough addresses for themselves, then switching to IPv6 is only costs, not benefits.
Maybe some of the larger sites, like youtube, facebook, wikipedia should have a meeting to discuss the switch-over and then start shaping IPv4 traffic - just reduce capacity on IPv4 by 5% every month and see how long it will be, before ISPs will lose customers if they DON'T switch to IPv6...
I would guess they mean it's longer because they count its length as one piece - not as a lower leg and a foot.
Still - in terms of dimensions, it needs to be a good match with his other leg -- unlike Pistorius who would have been able to go for optimized prosthetics on both legs that would be better than "normal" legs might be... (i.e. watch the Aimee Mullins TED talk on how she can vary her height fairly significantly just through the choice of legs she wears)...
Hmm - I could partially understand the extra strength and mechanical advantage in the Pistorius case - I can't quite see it with Markus Rehm.
Pistorius had BOTH legs amputated, so you can potentially improve on both sides. Rehm had ONE leg amputated - adding extra length doesn't make any sense one one side only. Similarly, I would guess it would make it very difficult to run evenly, if the prosthetic leg doesn't about match the other one in length, in "bounce" (in the step), ...
I did not say purely that reading about -- should tell you about security alone. IIRC my original incident with -- was a colleague setting me a teaser on trying to find out how to delete a file called '-f'; and me first having to figure out, that 'rm ??' reads like delete all files with two character filenames (of which there was only the '-f' file), but not seeing that the ?? actually gets expanded to all the two character filenames by the shell; rm never sees the '??' but instead only sees the filenames - and obviously, it can't discern whether a parameter of '-f' was expanded from the filename -f or intentionally given as a parameter.
If you learn that - you'll get a better understanding of how the system works - and that _in turn_ will help you get a better grasp on what could or would go on and particularly, what could go WRONG, in a system.
Sorry, if that appears harsh - but sometimes it pays to read manuals and try and understand what you're doing and how the stuff works.
I don't exactly remember when I learnt it first - but I DID already know when I also got told about it during my CS BSc degree course (probably 1st or 2nd year - which would place it about 1998-2000).
If you need to code stuff "securely", you need to understand how stuff works -- I don't think of myself as a particularly apt security coder or hacker - I mainly specialise on internal systems integration, not so much web or other front-end stuff, so I have the luxury that I already know the data is "sane", before it gets to me - and I "only" need to figure out how to transform it and where to send it on to.
Here are a few pointers, where you might read about it:
http://pubs.opengroup.org/onli...
"Guideline 10:
The first -- argument that is not an option-argument should be accepted as a delimiter indicating the end of options. Any following arguments should be treated as operands, even if they begin with the '-' character."
Even wikipedia mentions it - even though not strictly a "developer" resource:
http://en.wikipedia.org/wiki/C...
"In Unix-like systems, the ASCII hyphen-minus is commonly used to specify options. The character is usually followed by one or more letters. Two hyphen-minus characters ( -- ) often indicate that the remaining arguments should not be treated as options, which is useful for example if a file name itself begins with a hyphen, or if further arguments are meant for an inner command. Double hyphen-minuses are also sometimes used to prefix "long options" where more descriptive option names are used. This is a common feature of GNU software. The getopt function and program, and the getopts command are usually used for parsing command-line options."
If that's too far to go - try "man getopt" on your linux machine:
"
The parameters getopt is called with can be divided into two parts:
options which modify the way getopt will parse (options and
-o|--options optstring in the SYNOPSIS), and the parameters which are
to be parsed (parameters in the SYNOPSIS). The second part will start
at the first non-option parameter that is not an option argument, or
after the first occurrence of `--'. If no `-o' or `--options' option
is found in the first part, the first parameter of the second part is
used as the short options string.
"
man rm - and even rm --help on linux show it:
"
To remove a file whose name starts with a '-', for example '-foo', use
one of these commands:
rm -- -foo ...though without explaining the "--" in general...
"
man chown doesn't mention it, but refers to the full documentation in texinfo and how to access it - that one says under "Common options"
"
`--'
Delimit the option list. Later arguments, if any, are treated as
operands even if they begin with `-'. For example, `sort -- -r'
reads from the file named `-r'.
"
The information is there - and in _lots_ of places - but it DOES requ
Who does NOT use -- in their scripts, if they're safety conscious?
rm -i -- *
Problem solved?
Normal programs should stop processing options after a (standalone) "--" and take everything following it as regular parameters. getopt and similar libraries handle this automatically.
I really wouldn't class the "use of wildcards" as a security risk - the security risk is the developer that doesn't know what he's doing. /" as root immediately afterwards?
Would command line handling be a security risk, if someone would add a --superuser-rm option to his code and execute "rm -rf
Think about it this way - before Apple made their inroads into the phone market, the dominant players were companies you don't even hear much about as phone makers any more (Nokia, Ericsson, ...) and back then people thought, Apple wouldn't be able to make any significant inroads into that market either.
In fact, they pretty much disrupted the entire sector in the process - they may not be the market leader by market share, but they managed to build up and retain the "premium" brand image in the market - and keep the highest share of profits in that market.
As for Amazon - there are two things at play here: Sure, anyone can install amazon's app on the iphone - but it doesn't come pre-installed; the iTunes store does; so on the app side, they can only profit from people who go and install their app first - and somehow I can't see Jeff Bezos talking Apple into _please_ include the Amazon store into the default apps on the phone. Apple would probably rather start entering Amazon's business rather than allowing amazon to add an app to the base iOS which will be in part competition to the iTunes store.
Secondly, I would expect Apple to move more into the cloud market - which will be tied in nicely with iOS - and which might end up being a threat to Amazon's cloud services.
Amazon is large enough and has the technical background to try and successfully bring a new phone to the market - I'm not quite sure, though, whether they have something really new to bring to the table that others don't have and which would allow them to disrupt the market in a way large enough to make it pay off...
I think the problem is more that many (most?) people seem to think that being creative and being innovative is the same thing. It isn't.
Steve Jobs may not have been the most creative person on the planet - but he was possibly one of the most innovative.
It's all well and good if you think of an idea on how to beat cancer - but the idea is nothing if you can't realize it.
Maybe Xerox had the first graphical user interface - but they had fairly little idea on what to do with it - Jobs did - and while many people will happily point out that Xerox had a mouse and GUI before Apple got there (and they're right) - how many can honestly say they had heard of a mouse and graphical user interfaces BEFORE they had seen one on an Apple computer or one of the countless GUIs that followed?
How many phones today would have touch screens and controls that look eerily similar to the iPhone ones, if the iPhone wouldn't have shown it before? (it doesn't matter, if you know a single phone before that had a touch screen - physically having the touch screen is not the same as seeing how it was all put together first).
Tablets had been around before the iPad - but what kind of sales did they have before? And what kind of sales do they have now? And - those that are selling the best now, in terms of their usability, do they look a damn sight more like the iPad, or more like whatever tablets were there before?
All those are cases of INNOVATIONs brought by Apple and which ultimately massively changed the face of the markets that they went into.
Another pointer on how Apple did something great and something new?
Name the last Samsung product launched that had a significant number of other players in the industry immediately clamoring to make something similar or "better"? When was the last time LG did? Google? Google possibly did with gmail - but search engines were there before, even large and well known ones.
Jobs was great in seeing something and seeing how it could be made useful far beyond what their original creators might have done.