It would also help validate the perception of GPL works as legally risky propositions for downstream users.
Well, if you don't want to abide by the GPL, then using that source is no different than stealing code from someone else with any other license. It's the same risk.
Thanks for the fun citations, AC:D
The important thing to me is that I'd get a major chewing if the ground circuit was anything other than a wire of the proper gauge, all the way to the panel; The panel is then grounded by a heavy wire to a ground rod sunk very deep (was 10 or 12 feet?) into the ground. A pain to drive by hand.
In commercial applications, the steel conduit can be used for ground, but only if the connectors are all set screw type. Compression fittings mean running another wire. Ah conduit, that brought up other concerns such as matching the number of circuits per phase to avoid extra heat load in the pipe.
Have you even watched the show? I have; I have toddler children and I love PBS. I've only seen him eat cookies. And things that look like cookies.
Elmo OTOH, yeah, dead on.
Isn't this the same thing they use when talking about budget cuts in the US govt? They aren't cutting spending, they just cut the rate of increase of spending.:(
But the point in the articles is that something exists to prevent this - Ken Thompson did not have to contend with git. To make that attack work you have to get malicious code into the tree for a while - long enough to infect the hosts that compile kernels for others... and then remove the original code.
Git would raise the alarm long before that, thanks to the cryptographic nature that it uses to identify the source chain.
It's a theoretical attack on one system, but for it to work, Linus would have to do it to himself, and *then* everyone else in the world would have to use *binaries* that *he* created. Even if he infected his own system, the uploaded code, once stripped of the malicious parts (because his compiled kernel now has the code injection)... that doesn't infect the compiler farm at redhat or ubuntu, or debian... and their kernels would continue to produce *correct* compilations of the *correct* kernel code.
The distributed nature of the Linux source development pretty much kills off this old hack. Clever in its day, but simply not possible anymore.
No, but git contains the complete history in a local copy, so all that needs to be done is for Linus (or anyone else with a local copy ) to write a script that unpacks every tagged version and compares it with what's on the server. Because git is decentralized, everyone who works on the kernel has a complete copy of every version, so it's very easy to verify the other forms of distribution.
Slashdot Mirror
... and the weather app on my phone says "no data available" half the time. That may not be acceptable for this app.
Except stupid people without a moral compass that end up in congress...
It would also help validate the perception of GPL works as legally risky propositions for downstream users.
Well, if you don't want to abide by the GPL, then using that source is no different than stealing code from someone else with any other license. It's the same risk.
... and you think Microsoft would go to court to "validate" the GPL for us???? ROFL
Mark for deletion, not noteworthy
but they are glossy, the matt finish is extra
Odd that.
You must be new here...
not air mail?
Huh? Seriously, I don't get it. Why would that be the smart?
It is a standard procedure to limit wildlife disease. Deer, fish...
Hell, in Linux a simple rootkit can work just by editing the system commands like ls.
That is as simple to detect as installing TripWire.
If it is a kernel rootkit, tripwire won't find it unless your boot to a readonly medium to run the scan...
Thanks for the fun citations, AC :D
The important thing to me is that I'd get a major chewing if the ground circuit was anything other than a wire of the proper gauge, all the way to the panel; The panel is then grounded by a heavy wire to a ground rod sunk very deep (was 10 or 12 feet?) into the ground. A pain to drive by hand.
In commercial applications, the steel conduit can be used for ground, but only if the connectors are all set screw type. Compression fittings mean running another wire. Ah conduit, that brought up other concerns such as matching the number of circuits per phase to avoid extra heat load in the pipe.
Meh. Make it 10,000
electricians like to ground to steel beams instead of running a ground line back to power box and putting to ground their
Citation please? That is quite contrary to code, and any building inspector would yank the electrician's license if they did that.
He's always done that. But that still doesn't refute the veggie thing.
Have you even watched the show? I have; I have toddler children and I love PBS. I've only seen him eat cookies. And things that look like cookies. Elmo OTOH, yeah, dead on.
mods have no sense of humor....
The point is to *improve* javascript, not make it worse.
Is this the same Casio that sold sub-par music keyboards?
Tell that to python. It seems to have maintained a pretty good success with that. (for the record, I don't like python)
Isn't this the same thing they use when talking about budget cuts in the US govt? They aren't cutting spending, they just cut the rate of increase of spending. :(
this is the best insight of the whole thread....
Git would raise the alarm long before that, thanks to the cryptographic nature that it uses to identify the source chain.
It's a theoretical attack on one system, but for it to work, Linus would have to do it to himself, and *then* everyone else in the world would have to use *binaries* that *he* created. Even if he infected his own system, the uploaded code, once stripped of the malicious parts (because his compiled kernel now has the code injection) ... that doesn't infect the compiler farm at redhat or ubuntu, or debian... and their kernels would continue to produce *correct* compilations of the *correct* kernel code.
The distributed nature of the Linux source development pretty much kills off this old hack. Clever in its day, but simply not possible anymore.
The files are in a git repository. That's what matters, not what you wrap around it to provide for requests.
So http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.0.4.tar.bz2 gets pulled dynamically from git?
No, but git contains the complete history in a local copy, so all that needs to be done is for Linus (or anyone else with a local copy ) to write a script that unpacks every tagged version and compares it with what's on the server. Because git is decentralized, everyone who works on the kernel has a complete copy of every version, so it's very easy to verify the other forms of distribution.
Look at what one disaster regarding one non functioning oil well in the gulf did to oil prices. If Exxon stopped, there would be an impact on prices.
I would go a step further and say that fossil fuel extraction is the most important sector of the economy,
If Apple just stopped existing, would it hurt Exxon? Probably not. If Exxon suddenly stopped, would Apple notice? Most certainly...