Sir, While I agree that Mac has not experienced the volume of attacks and exploits that other Operating Systems have, I have a few minor issues with your arguments. Not all of them, as I certainly give credit where credit is due. Just a few:
1)No command shell: I profess ignorance on this point, other than I've been told that OSX runs on some sort of Unix kernel. Maybe that isn't entirely accurate, but I've seen a shell on an OSX box.
2) Well if 1 above is true, then yes you have a root user on MAc now. Sorry if I don't understand how the Mac OSX system works, anyone else have any clues?
3) Yes but are C "strings" the number one way people break into systems? It's not how Lamo has been compromising these systems...and anyway, this point has nothing to do with the kind of vulnerabilities Lamo has been exploiting (if you'd even call them vulns...more like someone exploiting stupid user tricks.
4)Yes, this is mostly true. However if a Mac cgi script allows a user to do something he shouldn't, then I don't see how it matters whether or not it is executable on Apache or Mac or whatever. What I'm trying to say is that a shopping cart cgi doesn't properly check for proper input then a user can (usually) exploit said cgi script. Cross-site scripting is a good example of this.
5)Neither does Unix. It has to have the execute bit set, usually - not that that's hard to do, given the proper access. Still I guess it's easier to do things like set a trojan "ls" command (assuming root user is dumb enough to have a "." in his path), so ok. What if I write a shell script in a bash shell in OSX? Can't I just execute that? I doubt I need a special secondary file (like an inode?) for that...sorry if I don't understand Macspeak. 6)understood, assuming it's true. 7)No, fewer macs were hacked because the code wasn't open-source. OR not totally. Am I incorrect? That cash prize has been up for like 6 years now, and even when Macs had more than 3 percent of the market there weren't any takers. I guess that makes Mac more secure...?
I guess most of your points are valid, just not poignantly so. -Brotherben
Umm, I thought the whole point of luring the Russians into American was because our law did NOT hold up in Russia, so they had to get the Russians to come over here. So in other words, it isn't very ironic because neither Russian nor American law has total jurisdiction - the Americans simply went with "possession is 9/10s of the law," and grabbed the Russians. This is exactly what they did to Sklyarov, as well, except that it was Adobe who requested the arrest by filing charges. So, I guess America is really saying (through her actions) that we don't recognize International law, and we don't expect other countries to recognize our laws either (unless they agree to, like with extradition laws). Am I missing something?
Once when I was a kid my teacher gave me an F+. Even then I knew biting cynicism when I saw it. An F PLUS? If nary a fellow stundent had been around, I would have given her coffee mug a good ten-second dirty-dickin' and a Frisian Teabag to boot. Bitch (honest, I'm not bitter). Nonetheless (back OT) I don't see MS getting a C, maybe a C+ is better. I'm an AIX and BSD fan and I even think XP is a decent OS. I give them some credit for actually stablizing an OS for once... Secondly, botching.NET is a good thing to me, so I have to give them some credit for that. Once they dive head-first into DRM then I'll whip out the red marker.
Oh, I thought he said PEACEMAKER... So how long 'till I can don my leather chaps, shave my head into a mohawk, and scour the earth looking for ammo and fertile women? How long damn you!!!! HOW LONG?????
I tend to agree with the general sentiment that looking eccentric, or behaving raucously, is not mandatory for change. If you think of ALL the changes that have come about socially in this country, some occured without much struggle at all. After a certain point, things just *happen*, like to some degree the DRM debate. I think the real anger began when the record companies saw how many people began quietly but defiantly downloading music over Napster - and then when the record companies started complaining, people started asking why the hell music was so much different from a dozen other forms of artistic expression/media. However I do take issue with the comparison to the Civil Rights movement, albeit only slightly. I don't think it's insulting to compare the two...these are the battles we have to fight in this generation. We don't always get to pick our fights. Likewise, there are always people out there telling you that various issues aren't all THAT important. But what are the eventual consequences of "hard-line" DRM legislation? Why is it that the "big fight" of the 60s has to overshadow the battles of this generation? Civil Rights was the big topic of that day, and consumer rights are one of the big ones today. Besides, draconian control over consumer habits could lead to a social situation not entirely unlike an equally pernicious governmental situation. And no, I don't think the word "heros" applies to those gentlemen at the previous event. However I'm not sure anyone there is going to stop these measures (DRM) from advancing without some serious weight on his side.
I thought Nazism was facism with cool uniforms. I'm no polysci major, though... Well, come to think of it, facism is often a real advocate for cool uniforms. Look at Rome (forget all that republic crap, just think Empire...that IS where the term "facism" comes from, isn't it?)...COOL UNIFORMS. The REAL Empire...COOL UNIFORMS. The US Postal service...COOL UNIFORMS. Well, maybe not those facists but I think my point stands. I don't think facism gets enough credit for the uniform benefit; it might have something to do with that holocaust thing but I'm not sure. Still, cool uniforms sure beat a centralized distribution of wealth, workers' states (CRAPPY uniforms), equal rights (nothing special about a COOL UNIFORM that anyone can wear), vodka (real facists drink Mead), or sappy public art with lots of people in overalls (we want swords, battles, wolves, and of course COOL UNIFORMS in our sculptures).
"I think I'm experiencing what we Europeans call an Ugly American moment. "
Sigh. I for one (having visited Europe a number of times, as well as Korea, Australia, numerous litorals, etc.) understand what is often implied by the term "ugly American." I've seen them (us) on the trains and in cafes, shouting over everyone else and acting like we know everything. I understand that our informal attitudes and considerable lack of decorum are unsettling. But these prevalent flaws should NOT be used against us in matters as complex as world pollution. We have hordes of environmentalists in this country, as well as libraries of information from research concerning environmental pollution and similar subjects. So someone thinks we shouldn't be blamed for a problem that isn't entirely our own. Big deal. America takes the blame for so many complex, multi-faceted issues that it's almost laughable. Remember Kosovo? Why the hell were we suddenly expected to save the world from ethnic cleansing (the existence of which by the way is now being questioned - though I personally have few doubts that atrocities were committed)? And no, most Americans didn't know where Kosovo was much less understood the situation. Don't get me wrong, plenty of other nations were involved in said conflict, however after the UN TOTALLY dropped the ball in Bosnia the decade before that we were shoved into the driver's seat. Now we look as incompetent as the rest of Europe. So back to the point - the Environment is definately NOT an Entirely American issue and in fact America has developed (or at least produced and sold) some of the most innovative systems and products for improving the quality of our environment. That's because we have money...but other countries are given a pass due to economic squalor, or because we don't have the guts to face them (The Chinese, for example). You want UGLY? I say fuck the trees, let's support good 'ol NASA and find a new planet to RAPE. And while we're all blasting off with BIG AMERICAN FLAGS emblazoned on our hulls, we'll be flushing our pre-flight hour de vours out the shitter and onto your pristine little hedgerows or whatever the hell you grow. If I'm going to be ugly for expressing my opinion, might as well go out in style....
He's right...if any casualties are kept secret, the families would either 1) be kept in the dark about it as well, which is a HUGE incident waiting to occur or 2) the families of victims are debriefed and told to remain quiet. Anyone who has worked in sensitive fields of the mil/government knows that debreifings, though common, are usually administered for civillians who are working on the periphery of a classified operation - or some other mundane reason. Telling a family to keep quiet about a death would look AWEFULL suspicous during family gatherings at holdiays, etc.
Deaths of deep-cover operatives are, I think, kept on the hush because the events surrounding said death are usually very, very secret. However the deaths of DEA agents usually make it into the press in a reasonable amount of time (I am thinking of a DEA deep-cover who was tortured and killed in Mexico some time ago). ALSO, the CIA operative who was killed during the prison riot was immediately reported (when verified), and FWIW I remember those guys being quite calndestine during Somalia (in other words, their presence isn't USUALLY reported in mainstream news, for obvious reasons). So I am assuming most American deaths are being reported here.
I agree that the USA has had some serious problems with educational funding for public schools, however throwing more money at ANY public institution is rarely a guarantee that quality will increase...or even that the funds will be allocated properly. Allowing Universities to sell code is fraught with potential problems, however allowing them to make a buck off of something is not the worst of all evils. In fact it might give CS departments the prestige that many business colleges have (at my Alma, the business college was by far the wealthiest department, though the exact reason for that is a matter of conjecture) - those departments that make the most money tend to have larger staffs and better programs.
Having worked for the local public school system (in Cincinnati), I shudder when I hear the much-touted "we need more money for education." Bah! We need to actually SPEND our money on education instead of special-interest programs, babysitting solutions (security measures for students who should have been be booted years ago), drug programs that don't work, child care for the urban masses, etc. And yes,the mentality of the inner-city public-schools is slowly working its way into higher education (if it didn't start there).
However, I'm not sure allowing Unis to profit from student labor (which is basically what we're talking about, right?) will justify other, more serious implications. Will universities get to the point where students will have to sign NDAs and non-competes for after graduation? Will wealthier institutions pursue graduates who seem to have "borrowed" bits of code they worked on in CS101 during their freshman years? That kind of scares me...
Slashdot Mirror
Sir,
.
While I agree that Mac has not experienced the volume of attacks and exploits that other Operating Systems have, I have a few minor issues with your arguments. Not all of them, as I certainly give credit where credit is due. Just a few:
1)No command shell: I profess ignorance on this point, other than I've been told that OSX runs on some sort of Unix kernel. Maybe that isn't entirely accurate, but I've seen a shell on an OSX box.
2) Well if 1 above is true, then yes you have a root user on MAc now. Sorry if I don't understand how the Mac OSX system works, anyone else have any clues?
3) Yes but are C "strings" the number one way people break into systems? It's not how Lamo has been compromising these systems...and anyway, this point has nothing to do with the kind of vulnerabilities Lamo has been exploiting (if you'd even call them vulns...more like someone exploiting stupid user tricks
4)Yes, this is mostly true. However if a Mac cgi script allows a user to do something he shouldn't, then I don't see how it matters whether or not it is executable on Apache or Mac or whatever. What I'm trying to say is that a shopping cart cgi doesn't properly check for proper input then a user can (usually) exploit said cgi script. Cross-site scripting is a good example of this.
5)Neither does Unix. It has to have the execute bit set, usually - not that that's hard to do, given the proper access. Still I guess it's easier to do things like set a trojan "ls" command (assuming root user is dumb enough to have a "." in his path), so ok. What if I write a shell script in a bash shell in OSX? Can't I just execute that? I doubt I need a special secondary file (like an inode?) for that...sorry if I don't understand Macspeak.
6)understood, assuming it's true.
7)No, fewer macs were hacked because the code wasn't open-source. OR not totally. Am I incorrect? That cash prize has been up for like 6 years now, and even when Macs had more than 3 percent of the market there weren't any takers. I guess that makes Mac more secure...?
I guess most of your points are valid, just not poignantly so.
-Brotherben
Umm, I thought the whole point of luring the Russians into American was because our law did NOT hold up in Russia, so they had to get the Russians to come over here. So in other words, it isn't very ironic because neither Russian nor American law has total jurisdiction - the Americans simply went with "possession is 9/10s of the law," and grabbed the Russians. This is exactly what they did to Sklyarov, as well, except that it was Adobe who requested the arrest by filing charges. So, I guess America is really saying (through her actions) that we don't recognize International law, and we don't expect other countries to recognize our laws either (unless they agree to, like with extradition laws). Am I missing something?
Once when I was a kid my teacher gave me an F+. Even then I knew biting cynicism when I saw it. An F PLUS? If nary a fellow stundent had been around, I would have given her coffee mug a good ten-second dirty-dickin' and a Frisian Teabag to boot. Bitch (honest, I'm not bitter). .NET is a good thing to me, so I have to give them some credit for that. Once they dive head-first into DRM then I'll whip out the red marker.
Nonetheless (back OT) I don't see MS getting a C, maybe a C+ is better. I'm an AIX and BSD fan and I even think XP is a decent OS. I give them some credit for actually stablizing an OS for once...
Secondly, botching
Oh, I thought he said PEACEMAKER...
So how long 'till I can don my leather chaps, shave my head into a mohawk, and scour the earth looking for ammo and fertile women? How long damn you!!!! HOW LONG?????
I tend to agree with the general sentiment that looking eccentric, or behaving raucously, is not mandatory for change. If you think of ALL the changes that have come about socially in this country, some occured without much struggle at all. After a certain point, things just *happen*, like to some degree the DRM debate. I think the real anger began when the record companies saw how many people began quietly but defiantly downloading music over Napster - and then when the record companies started complaining, people started asking why the hell music was so much different from a dozen other forms of artistic expression/media.
However I do take issue with the comparison to the Civil Rights movement, albeit only slightly. I don't think it's insulting to compare the two...these are the battles we have to fight in this generation. We don't always get to pick our fights. Likewise, there are always people out there telling you that various issues aren't all THAT important. But what are the eventual consequences of "hard-line" DRM legislation? Why is it that the "big fight" of the 60s has to overshadow the battles of this generation? Civil Rights was the big topic of that day, and consumer rights are one of the big ones today. Besides, draconian control over consumer habits could lead to a social situation not entirely unlike an equally pernicious governmental situation.
And no, I don't think the word "heros" applies to those gentlemen at the previous event. However I'm not sure anyone there is going to stop these measures (DRM) from advancing without some serious weight on his side.
I thought Nazism was facism with cool uniforms. I'm no polysci major, though...
Well, come to think of it, facism is often a real advocate for cool uniforms. Look at Rome (forget all that republic crap, just think Empire...that IS where the term "facism" comes from, isn't it?)...COOL UNIFORMS. The REAL Empire...COOL UNIFORMS. The US Postal service...COOL UNIFORMS. Well, maybe not those facists but I think my point stands.
I don't think facism gets enough credit for the uniform benefit; it might have something to do with that holocaust thing but I'm not sure. Still, cool uniforms sure beat a centralized distribution of wealth, workers' states (CRAPPY uniforms), equal rights (nothing special about a COOL UNIFORM that anyone can wear), vodka (real facists drink Mead), or sappy public art with lots of people in overalls (we want swords, battles, wolves, and of course COOL UNIFORMS in our sculptures).
"I think I'm experiencing what we Europeans call an Ugly American moment. "
Sigh. I for one (having visited Europe a number of times, as well as Korea, Australia, numerous litorals, etc.) understand what is often implied by the term "ugly American." I've seen them (us) on the trains and in cafes, shouting over everyone else and acting like we know everything. I understand that our informal attitudes and considerable lack of decorum are unsettling. But these prevalent flaws should NOT be used against us in matters as complex as world pollution. We have hordes of environmentalists in this country, as well as libraries of information from research concerning environmental pollution and similar subjects. So someone thinks we shouldn't be blamed for a problem that isn't entirely our own. Big deal. America takes the blame for so many complex, multi-faceted issues that it's almost laughable.
Remember Kosovo? Why the hell were we suddenly expected to save the world from ethnic cleansing (the existence of which by the way is now being questioned - though I personally have few doubts that atrocities were committed)? And no, most Americans didn't know where Kosovo was much less understood the situation. Don't get me wrong, plenty of other nations were involved in said conflict, however after the UN TOTALLY dropped the ball in Bosnia the decade before that we were shoved into the driver's seat. Now we look as incompetent as the rest of Europe.
So back to the point - the Environment is definately NOT an Entirely American issue and in fact America has developed (or at least produced and sold) some of the most innovative systems and products for improving the quality of our environment. That's because we have money...but other countries are given a pass due to economic squalor, or because we don't have the guts to face them (The Chinese, for example). You want UGLY? I say fuck the trees, let's support good 'ol NASA and find a new planet to RAPE. And while we're all blasting off with BIG AMERICAN FLAGS emblazoned on our hulls, we'll be flushing our pre-flight hour de vours out the shitter and onto your pristine little hedgerows or whatever the hell you grow. If I'm going to be ugly for expressing my opinion, might as well go out in style....
He's right...if any casualties are kept secret, the families would either 1) be kept in the dark about it as well, which is a HUGE incident waiting to occur or 2) the families of victims are debriefed and told to remain quiet. Anyone who has worked in sensitive fields of the mil/government knows that debreifings, though common, are usually administered for civillians who are working on the periphery of a classified operation - or some other mundane reason. Telling a family to keep quiet about a death would look AWEFULL suspicous during family gatherings at holdiays, etc.
Deaths of deep-cover operatives are, I think, kept on the hush because the events surrounding said death are usually very, very secret. However the deaths of DEA agents usually make it into the press in a reasonable amount of time (I am thinking of a DEA deep-cover who was tortured and killed in Mexico some time ago). ALSO, the CIA operative who was killed during the prison riot was immediately reported (when verified), and FWIW I remember those guys being quite calndestine during Somalia (in other words, their presence isn't USUALLY reported in mainstream news, for obvious reasons). So I am assuming most American deaths are being reported here.
I agree that the USA has had some serious problems with educational funding for public schools, however throwing more money at ANY public institution is rarely a guarantee that quality will increase...or even that the funds will be allocated properly. Allowing Universities to sell code is fraught with potential problems, however allowing them to make a buck off of something is not the worst of all evils. In fact it might give CS departments the prestige that many business colleges have (at my Alma, the business college was by far the wealthiest department, though the exact reason for that is a matter of conjecture) - those departments that make the most money tend to have larger staffs and better programs.
Having worked for the local public school system (in Cincinnati), I shudder when I hear the much-touted "we need more money for education." Bah! We need to actually SPEND our money on education instead of special-interest programs, babysitting solutions (security measures for students who should have been be booted years ago), drug programs that don't work, child care for the urban masses, etc. And yes,the mentality of the inner-city public-schools is slowly working its way into higher education (if it didn't start there).
However, I'm not sure allowing Unis to profit from student labor (which is basically what we're talking about, right?) will justify other, more serious implications. Will universities get to the point where students will have to sign NDAs and non-competes for after graduation? Will wealthier institutions pursue graduates who seem to have "borrowed" bits of code they worked on in CS101 during their freshman years? That kind of scares me...