And how do routers affect the maintenance of the DNS roots that are affected by SOPA? If you think software freedom would have stopped SOPA, I've got a bridge to sell you...
People who run around screaming and waving placards get attention, but they do NOT win supporters over to their cause, because the public just sees a bunch of ranting lunatics.
Freedom of Speech is the freedom to communicate, not to be an asshole. Society DOES have the right to demand standards of behaviour in public. You do NOT have the right to wave your placards in court. City council is free to evict you if you disrupt the proceedings of the meeting.
Society always has and always will put restrictions on what is valid and what is not when you make a "Freedom of Speech" claim. And guess what -- most of the time, society isn't going to agree with an outlandish interpretation of what constitutes "speech."
Think of it as art. Just because some guy squashed a rat with a brick and proclaimed it "art" does not mean the public agreed with him. In fact, the animal rights activists got right POd at his chosen "subject material." In the same way, your proclamation that you're exercising your right to free speech does NOT mean the public, the police, the courts, or the government have to accept your definition of what is and is not free speech by any means.
I'm just surprised no one at Occupy has claimed their freedom of speech has been violated because big media wouldn't give them airtime like they do a Presidential candidate. I guess that's not as motivating to someone who likes to view themselves as a victim as crying "police brutality" and "freedom of speech" without understanding what those terms mean.
Aside from that, there is no mention of what kind of web server technologies are to be used. I seriously doubt anyone can make many useful suggestions for how to secure an application when you don't even know what tools and languages are to be used to develop it.
Itemize your security requirements, then filter your tool options based on whether they have features to enable or support those requirements. Find out if it's possible to address any gaps through custom code.
Only then can you seriously think about getting a checklist together of guidelines for implementing security with the chosen tools.
Asking the security questions before selecting the toolkits is a bass-ackwards approach.
Yet there seem to be hundreds of "Slashdot Security Experts" willing to provide advice without understanding the question.
Well, then he's picking a poor example of web security given the banking industry's track record on break-ins and id theft.
If you want to see guidelines about what you have to provide for a secure system, check out Saskatchewan Health Information Protection Act for one region's take on what data protection means.
As to the technology of how to deploy that, there are no easy answers and checklist standards. New attack vectors and design oversights come out all the time, so web security is an ongoing battle, not something you just design for and "finish".
I didn't say you can't protest; I said you can't squat.
Feel free to come every day with your placards and your megaphones to speak to the public, as long as you're polite about it and sharing information and ideas, not ranting incoherencies.
To me, that's ALL "Freedom of Speech" guarantees. Most jurisdictions are very generous in allowing camps at all.
The right to speak does not mean you have the right to protest in any way you see fit, otherwise you could claim you were arrested for "Freedom of Speech" violations when you firebombed a consulate.
I am clueless of what is requires to create a web server that is as secure as, say, a banking account management system
You can't.
There is no way to provide the same level of security as an in-house application running on dedicated terminals and a dedicated network as with the banks' teller terminals and ATMs.
And that's because you have no control over the browser and it's plugins, so you can't stop them from mismanaging or misrepresenting the data, custom code in modified copies of open source browsers saving pieces of secure pages that you never meant to see a hard drive, etc.
And now that I've finished reading the article, I realize it says NOTHING about Stallman's software ideals. It's a misleading title for a rant piece that has nothing to do with software freedom.
It also conveniently neglects the fact that most of the internet infrastructure affected by SOPA is run on open source implementations, so the freedom of the software has done NOTHING to prevent governments from trying to abuse it.
How they make a connection from Stallman to the NDAA is completely beyond me. They certainly don't explain why they're related in the article.
I have yet to see a nation or government take the official stance that Occupy are terrorists. Squatters, freedom-of-speech-abusers, illegal encampments, yes, but not terrorists.
Peaceful protesters in Occupy movements all over the world have been labelled as terrorists by the authorities
While I decry the NDAA and SOPA as much as anyone, I'll not buy into the Occupy claims of victimization and persecution when they squatted for TWO MONTHS before the police were sent in to clear them out. You have a right to protest, to share your ideas, and to educate the public. You do NOT have the right to squat in public spaces until the world does things your way, or we'd still have grey-haired hippies camped out all across the nation demanding that you "free the weed."
I certainly won't buy any paranoid claims that they're going to be locked up as terrorists.
I disagree completely. The.com,.org, and.net TLDs are your public, global websites. They're available to anyone. But having them redirect to a.cc TLD is not difficult, unreasonable, or uncommon.
This is NOT censorship -- it's a nation telling you what you have to do if you want their business. You do NOT have the right to shove your advertising, your business, your website, or anything else down the throat of the world just because you have a.com.
I call it an American-dominant perspective because it's mostly American-owned companies that use and want the.coms broadcast to the globe. Well, guess what, the globe does not have to let you do that.
I'd rather see the Belarusians allow the.com,.net, and.org TLDs as well, but I adamantly and absolutely defend their right to determine their own rules for doing business in their society. If that means no more twitter, no more google, and so on, so be it.
It's no easier to implement http://mydomain.com/cc than it is to register http://mydomain.cc/. Your cries of censorship are misguided and dictatorial to nations that want you to follow their rules. Who the hell are YOU to tell them how you are going to do business with them? THEY set the rules for their nation, not you.
You are, of course, free to skip serving their market.
So I guess you're in favour of dictating to the nations how they're going to do business with the world?
They have no right to demand you follow local law?
They have no right to demand you pay taxes on products or services sold in their markets?
They have no right to demand you open a local office?
You just register a.com and an offshore company somewhere, and you should be free to rape and pillage the globe as you see fit?
Pfft. Your blind acceptance of the American-dominant perspective that the US can do whatever they want is pathetic. The world does not have to do things your way, no matter where the DNS root servers reside.
Look, having a.com,.net,.org, or.edu does not mean you are legally entitled to do business everywhere in the world. There are still local laws you have to follow.
Mandating a country-code TLD registration and a local business presence is a perfectly valid requirement for doing business with the citizens and organizations of a country. And it provides a clear indicator to users of the internet as to whether a website owner IS complying with local law.
I'd MUCH rather see this approach become standard than SOPA or the Chinese approach to censorship.
Instead of trying to impose their bans on the entire world like SOPA tries to do, Belarus wants to mandate that you register a country-code TLD if you're going to do business with their citizens and industry. If any company violates their local laws, they can easily pull the domain registration and take them offline.
Without pissing off the entire world to do it.
Despite the bleating cries of "Censorship" on the Slashdot page discussing the idea, I don't see it as censorship at all. They're not saying you can't register a foreign business in Belarus and obtain a national TLD to server their market; they're just mandating that you open a local office and follow THEIR laws while doing business in THEIR country.
It's the first rational approach to the proliferation of.coms that think they're above any nation's laws that I've ever seen. I'm sure Belarus has other social problems people will flag, but don't throw out a good idea just because you don't like the source.
I don't see it that way. The way I see it, they're saying if you want to do business with our citizens, you must register your business nationally, abide by our laws, and use our TLD so people know your legally allowed to do business here.
Unless they're stopping foreign businesses from registering TLD sites or starting local offices that can register the TLDs, I see NOTHING like censorship in the proposal. The world is NOT America's oyster.
Censorship? How is it censorship? They're not preventing anyone from doing business, only setting the rules for doing business. That's well within their right.
The US-managed.com,.net, and.org spaces scare the shit out of a lot of people, especially with SOPA on the table.
I think this is a hell of an approach for a country to ensure that it's business world doesn't try to offshore and outsource it's services to evade taxation.
I think using a country TLD is also a source of national pride. The.com may be international, but not all businesses are international in nature.
I was going to register a.ca myself, but I soon learned it's far more expensive to get a.ca domain than a.com. A.ca will have to wait until I can afford it, in the meantime the http://domain.com/tld-code/ approach will work, particularly as the concern is more to provide language options that country/region options.
It's important to note I've never dealt with a business application where the batch processing components weren't the CORE of what the business needed. The GUI was a means to FEED that back-end processing the data it needed, not the core functionality of the application.
Don't get me wrong [xh]tml + java script might be a wonderfully flexible thing to develop your shell in but its not going to provide the rich experience users want out of an application.
It depends. Is your purpose to develop business form processing applications that let employees do a job, or is it on providing a more specialized application that won't work effectively without a custom GUI design?
Either way, I've always disagreed with the idea of making a pretty GUI before you write the application logic. Build the foundation and business logic layers FIRST, then write the GUI to use them. Data and logic define a business application model, not the GUI.
The best DBA I know was a fellow from Florida named Keith Grey who STARTED his tech career when he was in his fourties. He learned a little database and supported it for a small company, learned Oracle, enhanced the prototypes I'd written for them using Oracle a year earlier, and just kept going from there.
He's now one of the most experienced and skilled DBAs I know, riding herd over a clustered Oracle RAC installation with multiple data warehouses hanging from the main systems.
In other words, it's never too late to start a new career, much less resume an old one. The question is whether you have the skills, the dedication, and the willingness to learn it'll take to succeed. Personally, I'd much rather recommend someone with the "right attitude" and a background in business for a tech job than any of the impatient, inexperienced hot-shot kids whose resumes crossed my table over the past few years.
And how do routers affect the maintenance of the DNS roots that are affected by SOPA? If you think software freedom would have stopped SOPA, I've got a bridge to sell you...
Shush. You were supposed to get all offended that they called you a "socialist" and walk away in a huff.
You weren't supposed to think about the "insult".
People who run around screaming and waving placards get attention, but they do NOT win supporters over to their cause, because the public just sees a bunch of ranting lunatics.
Freedom of Speech is the freedom to communicate, not to be an asshole. Society DOES have the right to demand standards of behaviour in public. You do NOT have the right to wave your placards in court. City council is free to evict you if you disrupt the proceedings of the meeting.
Society always has and always will put restrictions on what is valid and what is not when you make a "Freedom of Speech" claim. And guess what -- most of the time, society isn't going to agree with an outlandish interpretation of what constitutes "speech."
Think of it as art. Just because some guy squashed a rat with a brick and proclaimed it "art" does not mean the public agreed with him. In fact, the animal rights activists got right POd at his chosen "subject material." In the same way, your proclamation that you're exercising your right to free speech does NOT mean the public, the police, the courts, or the government have to accept your definition of what is and is not free speech by any means.
I'm just surprised no one at Occupy has claimed their freedom of speech has been violated because big media wouldn't give them airtime like they do a Presidential candidate. I guess that's not as motivating to someone who likes to view themselves as a victim as crying "police brutality" and "freedom of speech" without understanding what those terms mean.
Aside from that, there is no mention of what kind of web server technologies are to be used. I seriously doubt anyone can make many useful suggestions for how to secure an application when you don't even know what tools and languages are to be used to develop it.
Itemize your security requirements, then filter your tool options based on whether they have features to enable or support those requirements. Find out if it's possible to address any gaps through custom code.
Only then can you seriously think about getting a checklist together of guidelines for implementing security with the chosen tools.
Asking the security questions before selecting the toolkits is a bass-ackwards approach.
Yet there seem to be hundreds of "Slashdot Security Experts" willing to provide advice without understanding the question.
Well, then he's picking a poor example of web security given the banking industry's track record on break-ins and id theft.
If you want to see guidelines about what you have to provide for a secure system, check out Saskatchewan Health Information Protection Act for one region's take on what data protection means.
As to the technology of how to deploy that, there are no easy answers and checklist standards. New attack vectors and design oversights come out all the time, so web security is an ongoing battle, not something you just design for and "finish".
I didn't say you can't protest; I said you can't squat.
Feel free to come every day with your placards and your megaphones to speak to the public, as long as you're polite about it and sharing information and ideas, not ranting incoherencies.
To me, that's ALL "Freedom of Speech" guarantees. Most jurisdictions are very generous in allowing camps at all.
The right to speak does not mean you have the right to protest in any way you see fit, otherwise you could claim you were arrested for "Freedom of Speech" violations when you firebombed a consulate.
Could you please explain how the American NDAA would be used to arrest UK Occupy protesters?
I don't see how Freedom of Speech translates to Squatters Rights.
Go home with your placards and come back tomorrow. You're still free to speak.
You can't.
There is no way to provide the same level of security as an in-house application running on dedicated terminals and a dedicated network as with the banks' teller terminals and ATMs.
And that's because you have no control over the browser and it's plugins, so you can't stop them from mismanaging or misrepresenting the data, custom code in modified copies of open source browsers saving pieces of secure pages that you never meant to see a hard drive, etc.
And now that I've finished reading the article, I realize it says NOTHING about Stallman's software ideals. It's a misleading title for a rant piece that has nothing to do with software freedom.
It also conveniently neglects the fact that most of the internet infrastructure affected by SOPA is run on open source implementations, so the freedom of the software has done NOTHING to prevent governments from trying to abuse it.
How they make a connection from Stallman to the NDAA is completely beyond me. They certainly don't explain why they're related in the article.
I have yet to see a nation or government take the official stance that Occupy are terrorists. Squatters, freedom-of-speech-abusers, illegal encampments, yes, but not terrorists.
While I decry the NDAA and SOPA as much as anyone, I'll not buy into the Occupy claims of victimization and persecution when they squatted for TWO MONTHS before the police were sent in to clear them out. You have a right to protest, to share your ideas, and to educate the public. You do NOT have the right to squat in public spaces until the world does things your way, or we'd still have grey-haired hippies camped out all across the nation demanding that you "free the weed."
I certainly won't buy any paranoid claims that they're going to be locked up as terrorists.
I disagree completely. The .com, .org, and .net TLDs are your public, global websites. They're available to anyone. But having them redirect to a .cc TLD is not difficult, unreasonable, or uncommon.
This is NOT censorship -- it's a nation telling you what you have to do if you want their business. You do NOT have the right to shove your advertising, your business, your website, or anything else down the throat of the world just because you have a .com.
I call it an American-dominant perspective because it's mostly American-owned companies that use and want the .coms broadcast to the globe. Well, guess what, the globe does not have to let you do that.
I'd rather see the Belarusians allow the .com, .net, and .org TLDs as well, but I adamantly and absolutely defend their right to determine their own rules for doing business in their society. If that means no more twitter, no more google, and so on, so be it.
It's no easier to implement http://mydomain.com/cc than it is to register http://mydomain.cc/. Your cries of censorship are misguided and dictatorial to nations that want you to follow their rules. Who the hell are YOU to tell them how you are going to do business with them? THEY set the rules for their nation, not you.
You are, of course, free to skip serving their market.
So I guess you're in favour of dictating to the nations how they're going to do business with the world?
They have no right to demand you follow local law?
They have no right to demand you pay taxes on products or services sold in their markets?
They have no right to demand you open a local office?
You just register a .com and an offshore company somewhere, and you should be free to rape and pillage the globe as you see fit?
Pfft. Your blind acceptance of the American-dominant perspective that the US can do whatever they want is pathetic. The world does not have to do things your way, no matter where the DNS root servers reside.
Look, having a .com, .net, .org, or .edu does not mean you are legally entitled to do business everywhere in the world. There are still local laws you have to follow.
Mandating a country-code TLD registration and a local business presence is a perfectly valid requirement for doing business with the citizens and organizations of a country. And it provides a clear indicator to users of the internet as to whether a website owner IS complying with local law.
I'd MUCH rather see this approach become standard than SOPA or the Chinese approach to censorship.
Being intentionally obtuse while making no arguments won't win you any supporters.
Instead of trying to impose their bans on the entire world like SOPA tries to do, Belarus wants to mandate that you register a country-code TLD if you're going to do business with their citizens and industry. If any company violates their local laws, they can easily pull the domain registration and take them offline.
Without pissing off the entire world to do it.
Despite the bleating cries of "Censorship" on the Slashdot page discussing the idea, I don't see it as censorship at all. They're not saying you can't register a foreign business in Belarus and obtain a national TLD to server their market; they're just mandating that you open a local office and follow THEIR laws while doing business in THEIR country.
It's the first rational approach to the proliferation of .coms that think they're above any nation's laws that I've ever seen. I'm sure Belarus has other social problems people will flag, but don't throw out a good idea just because you don't like the source.
It's a hell of a lot more rational way of doing what SOPA tries to do.
I don't see it that way. The way I see it, they're saying if you want to do business with our citizens, you must register your business nationally, abide by our laws, and use our TLD so people know your legally allowed to do business here.
Unless they're stopping foreign businesses from registering TLD sites or starting local offices that can register the TLDs, I see NOTHING like censorship in the proposal. The world is NOT America's oyster.
Ah, the ad hominem attack. The favourite defense of someone with nothing useful to say.
Censorship? How is it censorship? They're not preventing anyone from doing business, only setting the rules for doing business. That's well within their right.
The US-managed .com, .net, and .org spaces scare the shit out of a lot of people, especially with SOPA on the table.
I think this is a hell of an approach for a country to ensure that it's business world doesn't try to offshore and outsource it's services to evade taxation.
I think using a country TLD is also a source of national pride. The .com may be international, but not all businesses are international in nature.
I was going to register a .ca myself, but I soon learned it's far more expensive to get a .ca domain than a .com. A .ca will have to wait until I can afford it, in the meantime the http://domain.com/tld-code/ approach will work, particularly as the concern is more to provide language options that country/region options.
It's important to note I've never dealt with a business application where the batch processing components weren't the CORE of what the business needed. The GUI was a means to FEED that back-end processing the data it needed, not the core functionality of the application.
It depends. Is your purpose to develop business form processing applications that let employees do a job, or is it on providing a more specialized application that won't work effectively without a custom GUI design?
Either way, I've always disagreed with the idea of making a pretty GUI before you write the application logic. Build the foundation and business logic layers FIRST, then write the GUI to use them. Data and logic define a business application model, not the GUI.
The open source world gave us a crappy rendering kit and we were too damned cheap and lazy to fix it, so our product failed. Damn you open source!
The best DBA I know was a fellow from Florida named Keith Grey who STARTED his tech career when he was in his fourties. He learned a little database and supported it for a small company, learned Oracle, enhanced the prototypes I'd written for them using Oracle a year earlier, and just kept going from there.
He's now one of the most experienced and skilled DBAs I know, riding herd over a clustered Oracle RAC installation with multiple data warehouses hanging from the main systems.
In other words, it's never too late to start a new career, much less resume an old one. The question is whether you have the skills, the dedication, and the willingness to learn it'll take to succeed. Personally, I'd much rather recommend someone with the "right attitude" and a background in business for a tech job than any of the impatient, inexperienced hot-shot kids whose resumes crossed my table over the past few years.