If you assume that each system call is a potential vulnerability, and that less calls are inherently better and more secure, than the result is a foregone conclusion. But those are pretty big "ifs," and it seems like someone who was pro-Windows would do better to attack those premises, rather than trying to dispute the graph, if it's indeed representative of the true number of system calls.
You're right, the number of required calls is not necessarily an indicator of more vulnerabilities. But if you accept the standard metric that one bug happens, on average, for every twenty lines of code (that is, a 5% bug rate), then more calls implies more code, which implies more potential security vulnerabilities.
My understanding is that Microsoft's test suites are extremely vigorous, and I think it is for the above reason. Their defect rate may even be lower than the industry norm. But as someone who works with and writes software for a living, Microsoft's chart makes me uneasy. That's because the number of tests required as the number of entry points increases is not linear. There's a point at which Microsoft may not even have enough time to test for all of their bugs given the size of the codebase. So even if their bug rate is lower, they most likely have more code, and they thus have more bugs.
Apache works well for me and has had a much better security record than IIS. That's good enough for me.
It may not be the FSF's specialty, but it is certainly the EFF's. They've been working on the AT&T domestic spying case lately, but if you'd like them to spend some time in other areas, I'm sure a donation wouldn't hurt.
It's not really free. The whole point of free software is to allow people to do what they want with their machines. People may do unethical things with that software, and we may have a legitimate reason to stop that unethical behavior, but software's license should not be the tool to do that job. Software should just do it's job well, and allow us to modify it when we need to. It's like Stallman forgot why he got into this business in the first place.
"But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia." -- Theo de Raadt
I, too, work in a great place. I have a nice office, a comfortable wage, great coworkers, my boss gives me a great deal of freedom to make decisions, and so on. But I am under no illusion that the company's fiduciary responsibilities don't come first. Fortunately, I work in a private company where those pressures to perform are lessened by having no stockholders, but if I start making decisions that lose the company money, I would most certainly be worried about my job. The OP is right-- make your coworkers work harder (or worse, you boss), and you're out on your ass. Unfortunately, top management's granularity doesn't extend down to people-- it's departments. So when a department gets axed, often lots of good, smart people go with it.
Corporations are only charitable to their employees as long as their employees are making them money. Distance yourself from your job to protect yourself, or when something unexpected happens, you will take it personally, and that will hurt you.
Shit floats. In a big enough company, some serious turds accumulate at the top. Just expect idiocy to happen and you'll be better prepared for it when it does.
My point, which you obviously missed, is that your observation about the two being different classes of device is a tenuous distinction. Both devices have general-purpose CPUs, mass-storage devices, displays, and input and output ports. The nature of the I/O differs, but they are both COMPUTERS. So the law that allows DRM on one 'kind' of device and not the other 'kind', if based on device 'class', is flawed. We're not talking about a Walkman, we're talking about a device that can do this.
And if Steve Jobs walked down the street an started pissing on people's cats, you'd be all "Steve Jobs is a fucking amazing human being!" Gates has made a lot more peoples lives better than Torvalds or Jobs ever will.
Who said anything about Steve Jobs or Linus Torvalds?
Besides-- I hate cats. If Steve Jobs wants to piss on a cat, yes, I would cheer him on.
So Gates finally learned the trick that John D. Rockefeller, J.P. Morgan, and Andrew Carnegie figured out: philanthropy. You can be a convicted monopolist, you can pay your employees slave wages under brutal conditions, and then knowingly murder them when you send in the "strike breakers", but you throw a little money around here and there-- start a university or set up a charitable arm of your company-- and history will remember you as a great philanthropist.
I don't mean to belittle the charitable giving that Gates has done. I'm certain that he has had a direct influence on the course of poverty, ignorance, and disease, especially in places like India. But like those capitalists of old, Gates' company still merrily chugs along, willfully breaking the law, churning out a shitty product, and locking their customers in. Before we shower the guy with praise, let's remember what he did to amass all that wealth, and consider the fact that he's still doing it. He may not be a bastard to the degree that Rockefeller, Morgan, and Carnegie were, but he's still a bastard. The homemaker quoted in/.'s summary is an idiot.
The point is that these devices are not comparable to an iPod. They're a different class of device.
That may be true for now, but with general-purpose computers rapidly nearing the size of emdedded computers of only 5-6 years ago, how long will that distinction hold? It seems like the limiting factor to the size of these devices in the future will be screens, tactile interfaces, and physical storage mechanisms (assuming that flash-based devices don't have a marked increase in capacity relatively soon). I would love to have a general-purpose machine the size of my iPod.
If fellow client nodes are calling themselves "Free Wi-Fi", then the world is a fucked up place, my friend. That is the whole point of the article. Can you read?
But because you're using his connection, all your traffic goes through his PC, so he can see everything you do online, including all the usernames and passwords you enter for financial and other Web sites.
While this is true for HTTP, which is in the clear, banking, financial, and e-commerce websites use SSL (or should, anyhow), which makes man-in-the-middle attacks impractical (though not impossible). I have seen these "hotspots" myself, in areas of Boston near hotels, and I've connected to them via my BSD laptop. I wasn't able to actually get any connectivity through them. I've been wondering if these were set up by someone maliciously, or if these are pwned machines. Kinda makes me want to walk around with netstumbler until I find these guys.
CD singles are still very common in radio/DJ community. In radio, a station will still get singles for radio play prior to the album release. In many cases, the label has still not finished the full album. Among DJs, particularly dance/club DJs, CD singles are popular for two reasons. 1) many dance artists do not produce full albums, and 2) the singles often contain so-called "B-sides", even though there really isn't a "B" side to a CD (although you are welcome to try playing the other side if you want). Vinyl is still an important medium in dance for the two previously mentioned reasons, but also because DJs like the tactile feel of vinyl records. There are still a few things you can't do with CD decks.
The article mentions that the subpoena was "[f]iled on the basis of the Digital Millennium Copyright Act". I was under the impression that the DMCA dealt with circumvention of copy-protection measures. If this was recorded off of 'the air', i.e., an antenna or cable, how does the DMCA apply? AFAIK there are no copy-protection measures on these analog services.
The nice thing about greylisting is that if spammers learn the "trick" of becoming RFC-compliant and thus retry their connections, the cost of their operation goes up. The cost may be small over several thousand messages per day, which is easily handled by a normal, behaving MTA, but for a spammer whose cost calculations depend on spewing out millions of emails per day, it may be a dealbreaker. Combine that with tarpitting and some way of feeding Bayes scores back to the tarpit/greylist (ala relaydb), and you have a really effective spam-prevention system. A spammer who lets himself get stuck in a tarpit is going to lose money. Spammers will have to work a little harder than simple RFC-compliance.
Hey, cool. Your project is not the one I had in mind. I've never seen this one before. Sorry, dude!
I was thinking about the the other one, which I've kept an eye on since I was in college. By no means did I mean to bash your hard work! Starflight fans are few and far between... so I should probably be a little nicer:^)
Thanks for the link. I'll have a look at it when I have some free time.
I remember drooling over the graphics for the original Wing Commander in some computer magazine... c. 1988, I think? Unfortunately, I did not own a machine powerful enough to play this game-- nor could I contemplate such a purchase on my meager allowance. My father thought I should just be happy with the 286 we had in posession. "Use the turbo button if you want it to go faster!", he would say. Yay, 12 MHz instead of 10!
I did manage to spring for the real AdLib sound card, though. What a difference!
Starflight II: Trade Routes of the Cloud Nebula is one of my all-time favorite games, and arguably better than the original. There was even a version made for Sega Genesis, IIRC (I had the Mac versions). I know that there have been some half-hearted attempts from fans to make another sequel, but they're obviously more caught up in dreaming about the ultimate sequel than actually doing any work. The original designers may be a bunch of old guys by now, but it would be great to have them on board with some younger programmers. They really understood how to make a great, open-ended game. If Sid Meier can still do it, these guys should be able to.
The versions of Starflight that I owned were EA titles. EA, if you're looking for a ground-breaking subject for future video games, look into your own back catalog!
I don't know if it is entirely clear that climate change was the main driving force behind the famine in Greenland, although it was certainly a factor. According to a PBS documentary I one watched (NOVA? I can't remember), the cause of Greenland's famine was more complex. After a wide variety of scientific disciplines worked together on the problem (like climate scientists, archaeologists, and even entomologists), it became clear that the famine was greatly exacerbated by the tithing required by the Catholic church. In order to pay this tithe, Greenland's colonists were thus forced to work the land in non-sustainable ways which caused damage to the soil (erosion, nutrient loss), the result being that they simply could not feed themselves any longer.
The same thing happened in Oklahoma-- the Homestead Act encouraged a number of non-sustainable activities that damaged the local environment. To this day, Oklahoma's prairies still have not recovered. If you want to see a particularly nasty example of this, check out the Burren sometime. Completely devastated.
Since I mainly use this for movies, I never bothered looking into the remote. In my case, I'd probably want some kind of RF remote. I don't have any experience with Linux in that regard, but if it's like other kinds of devices that aren't supported by default in your distro (and even some that are, like wireless), you're right, it's probably going to be a major PITA. My iMac at work came with a RF remote that works rather well, and controls all of the things I would need it to control at home, only my home machine does not have this feature.
Sound like you need a couple of these bad boys and a spool of Cat-5e. I have a pair that connects my computer in the den to our big, shiny TV in the living room. It's great. We can watch iTMS videos (like Lost) on our TV. We can watch streaming video on our TV. And when our DVD player broke, we used the computer to play the DVDs, too. For me, this also functions as an easy way to plug iTunes into my stereo system. In all, it was totally worth the investment. And no ugly, fire-breathing computer (9 fans, anyone?) in the living room.
It's funny-- I hear this now and then from people, and I agree: Word 5.1a for the Mac had the best WP interface that Microsoft ever put out. It was a nice balace of features and simplicity. Word 6 for the Mac added inline spellchecking, which was nice, but it came burdened with a number of other no-so-useful features, and if I recall, was also at a transition point in Mac architecture. It was slow and buggy. But 5.1a reminds me of a time when Microsoft's products were useful and were compelling for more reasons than eye-candy. I still have my Word 5.1a disks and every now and then I swear I'm going to start doing word processing in Basilisk...
As for Office 2007; we're holding off. We only purchased our Office 2002 site license three years ago, and for the most part, it works well. We are not prepared to spend time teaching our users a new UI for some dubious gains in productivity. Even Office 2003's UI-- really just a few cosmetic tweaks-- proved to be too confusing for some users. Being a book publisher, this is a WP-intensive environment (with a decidedly middle-aged crowd), and if Microsoft can't switch us, I don't think that bodes well for their product. They should at least offer the option to switch back to "classic mode".
The availability of the Idokorro SSH client for my BlackBerry is a killer feature on my phone. I'm a network engineer, so being able to check up on our boxes when I'm not in the office is essential. Why would Apple make such a big deal about having an embedded version of Mac OS X if that OS is hamstrung by not being able to run anything? Lame. It would have been a stretch to ask my company to pay for this anyhow...
Man, I hate Verizon. I have a long history with them both at work and at home. At work, we've moved our main connection to Cogent, and at home, I've been using Speakeasy for awhile now. Unfortunately, when things go wrong with Speakeasy, you can usually trace the problem back to Verizon, who owns the telephone lines in my town. Lately, Speakeasy has been real flaky, and despite the amazing tech support I get with them (they call ME when there's a problem!), I have to have a working connection. Now that there's 1xEV-DO Rev. A in my area, I'm going to be switching to that-- just ditch the wires; it doesn't have to be fast, but it has to work. Once again, my choice is between Verizon and Sprint for this service. Verizon can go fuck itself-- Sprint isn't great, but it's better than the abuse I've gotten as a Verizon customer over the years.
Star Trek for the TI-994A worked with the speech synthesizer module. That's definitely cheaper, and it was very entertaining at the time. I remember the looks of astonishment on my friends' faces when my computer would blurt out (in a completely mechanical and almost indecipherable) "Entering sector 2 point 2." It's too bad nothing interesting ever happened in that game except that there were more bad guys who went faster.
Alpiner, and Parsec, though, really put the speech synthesizer to work-- those were GREAT games!
Slashdot Mirror
It could, yes. It's impossible to know without being able to see the names in the bubbles on the graph.
If you assume that each system call is a potential vulnerability, and that less calls are inherently better and more secure, than the result is a foregone conclusion. But those are pretty big "ifs," and it seems like someone who was pro-Windows would do better to attack those premises, rather than trying to dispute the graph, if it's indeed representative of the true number of system calls.
You're right, the number of required calls is not necessarily an indicator of more vulnerabilities. But if you accept the standard metric that one bug happens, on average, for every twenty lines of code (that is, a 5% bug rate), then more calls implies more code, which implies more potential security vulnerabilities.
My understanding is that Microsoft's test suites are extremely vigorous, and I think it is for the above reason. Their defect rate may even be lower than the industry norm. But as someone who works with and writes software for a living, Microsoft's chart makes me uneasy. That's because the number of tests required as the number of entry points increases is not linear. There's a point at which Microsoft may not even have enough time to test for all of their bugs given the size of the codebase. So even if their bug rate is lower, they most likely have more code, and they thus have more bugs.
Apache works well for me and has had a much better security record than IIS. That's good enough for me.
It may not be the FSF's specialty, but it is certainly the EFF's. They've been working on the AT&T domestic spying case lately, but if you'd like them to spend some time in other areas, I'm sure a donation wouldn't hurt.
It's not really free. The whole point of free software is to allow people to do what they want with their machines. People may do unethical things with that software, and we may have a legitimate reason to stop that unethical behavior, but software's license should not be the tool to do that job. Software should just do it's job well, and allow us to modify it when we need to. It's like Stallman forgot why he got into this business in the first place.
"But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia." -- Theo de Raadt
I agree with the OP.
I, too, work in a great place. I have a nice office, a comfortable wage, great coworkers, my boss gives me a great deal of freedom to make decisions, and so on. But I am under no illusion that the company's fiduciary responsibilities don't come first. Fortunately, I work in a private company where those pressures to perform are lessened by having no stockholders, but if I start making decisions that lose the company money, I would most certainly be worried about my job. The OP is right-- make your coworkers work harder (or worse, you boss), and you're out on your ass. Unfortunately, top management's granularity doesn't extend down to people-- it's departments. So when a department gets axed, often lots of good, smart people go with it.
Corporations are only charitable to their employees as long as their employees are making them money. Distance yourself from your job to protect yourself, or when something unexpected happens, you will take it personally, and that will hurt you.
Shit floats. In a big enough company, some serious turds accumulate at the top. Just expect idiocy to happen and you'll be better prepared for it when it does.
My point, which you obviously missed, is that your observation about the two being different classes of device is a tenuous distinction. Both devices have general-purpose CPUs, mass-storage devices, displays, and input and output ports. The nature of the I/O differs, but they are both COMPUTERS. So the law that allows DRM on one 'kind' of device and not the other 'kind', if based on device 'class', is flawed. We're not talking about a Walkman, we're talking about a device that can do this.
And if Steve Jobs walked down the street an started pissing on people's cats, you'd be all "Steve Jobs is a fucking amazing human being!" Gates has made a lot more peoples lives better than Torvalds or Jobs ever will.
Who said anything about Steve Jobs or Linus Torvalds?
Besides-- I hate cats. If Steve Jobs wants to piss on a cat, yes, I would cheer him on.
So Gates finally learned the trick that John D. Rockefeller, J.P. Morgan, and Andrew Carnegie figured out: philanthropy. You can be a convicted monopolist, you can pay your employees slave wages under brutal conditions, and then knowingly murder them when you send in the "strike breakers", but you throw a little money around here and there-- start a university or set up a charitable arm of your company-- and history will remember you as a great philanthropist.
/.'s summary is an idiot.
I don't mean to belittle the charitable giving that Gates has done. I'm certain that he has had a direct influence on the course of poverty, ignorance, and disease, especially in places like India. But like those capitalists of old, Gates' company still merrily chugs along, willfully breaking the law, churning out a shitty product, and locking their customers in. Before we shower the guy with praise, let's remember what he did to amass all that wealth, and consider the fact that he's still doing it. He may not be a bastard to the degree that Rockefeller, Morgan, and Carnegie were, but he's still a bastard. The homemaker quoted in
The point is that these devices are not comparable to an iPod. They're a different class of device.
That may be true for now, but with general-purpose computers rapidly nearing the size of emdedded computers of only 5-6 years ago, how long will that distinction hold? It seems like the limiting factor to the size of these devices in the future will be screens, tactile interfaces, and physical storage mechanisms (assuming that flash-based devices don't have a marked increase in capacity relatively soon). I would love to have a general-purpose machine the size of my iPod.
If fellow client nodes are calling themselves "Free Wi-Fi", then the world is a fucked up place, my friend. That is the whole point of the article. Can you read?
But because you're using his connection, all your traffic goes through his PC, so he can see everything you do online, including all the usernames and passwords you enter for financial and other Web sites.
While this is true for HTTP, which is in the clear, banking, financial, and e-commerce websites use SSL (or should, anyhow), which makes man-in-the-middle attacks impractical (though not impossible). I have seen these "hotspots" myself, in areas of Boston near hotels, and I've connected to them via my BSD laptop. I wasn't able to actually get any connectivity through them. I've been wondering if these were set up by someone maliciously, or if these are pwned machines. Kinda makes me want to walk around with netstumbler until I find these guys.
CD singles are still very common in radio/DJ community. In radio, a station will still get singles for radio play prior to the album release. In many cases, the label has still not finished the full album. Among DJs, particularly dance/club DJs, CD singles are popular for two reasons. 1) many dance artists do not produce full albums, and 2) the singles often contain so-called "B-sides", even though there really isn't a "B" side to a CD (although you are welcome to try playing the other side if you want). Vinyl is still an important medium in dance for the two previously mentioned reasons, but also because DJs like the tactile feel of vinyl records. There are still a few things you can't do with CD decks.
The article mentions that the subpoena was "[f]iled on the basis of the Digital Millennium Copyright Act". I was under the impression that the DMCA dealt with circumvention of copy-protection measures. If this was recorded off of 'the air', i.e., an antenna or cable, how does the DMCA apply? AFAIK there are no copy-protection measures on these analog services.
The nice thing about greylisting is that if spammers learn the "trick" of becoming RFC-compliant and thus retry their connections, the cost of their operation goes up. The cost may be small over several thousand messages per day, which is easily handled by a normal, behaving MTA, but for a spammer whose cost calculations depend on spewing out millions of emails per day, it may be a dealbreaker. Combine that with tarpitting and some way of feeding Bayes scores back to the tarpit/greylist (ala relaydb), and you have a really effective spam-prevention system. A spammer who lets himself get stuck in a tarpit is going to lose money. Spammers will have to work a little harder than simple RFC-compliance.
Hey, cool. Your project is not the one I had in mind. I've never seen this one before. Sorry, dude!
:^)
I was thinking about the the other one, which I've kept an eye on since I was in college. By no means did I mean to bash your hard work! Starflight fans are few and far between... so I should probably be a little nicer
Thanks for the link. I'll have a look at it when I have some free time.
You don't think that the drunk driving example is even slightly complicated by the fact that drunk drivers often crash into (and kill) other drivers?
But yeah, suing MySpace because your kid is stupid is just laughable.
I remember drooling over the graphics for the original Wing Commander in some computer magazine... c. 1988, I think? Unfortunately, I did not own a machine powerful enough to play this game-- nor could I contemplate such a purchase on my meager allowance. My father thought I should just be happy with the 286 we had in posession. "Use the turbo button if you want it to go faster!", he would say. Yay, 12 MHz instead of 10!
I did manage to spring for the real AdLib sound card, though. What a difference!
Starflight II: Trade Routes of the Cloud Nebula is one of my all-time favorite games, and arguably better than the original. There was even a version made for Sega Genesis, IIRC (I had the Mac versions). I know that there have been some half-hearted attempts from fans to make another sequel, but they're obviously more caught up in dreaming about the ultimate sequel than actually doing any work. The original designers may be a bunch of old guys by now, but it would be great to have them on board with some younger programmers. They really understood how to make a great, open-ended game. If Sid Meier can still do it, these guys should be able to.
The versions of Starflight that I owned were EA titles. EA, if you're looking for a ground-breaking subject for future video games, look into your own back catalog!
I don't know if it is entirely clear that climate change was the main driving force behind the famine in Greenland, although it was certainly a factor. According to a PBS documentary I one watched (NOVA? I can't remember), the cause of Greenland's famine was more complex. After a wide variety of scientific disciplines worked together on the problem (like climate scientists, archaeologists, and even entomologists), it became clear that the famine was greatly exacerbated by the tithing required by the Catholic church. In order to pay this tithe, Greenland's colonists were thus forced to work the land in non-sustainable ways which caused damage to the soil (erosion, nutrient loss), the result being that they simply could not feed themselves any longer.
The same thing happened in Oklahoma-- the Homestead Act encouraged a number of non-sustainable activities that damaged the local environment. To this day, Oklahoma's prairies still have not recovered. If you want to see a particularly nasty example of this, check out the Burren sometime. Completely devastated.
Since I mainly use this for movies, I never bothered looking into the remote. In my case, I'd probably want some kind of RF remote. I don't have any experience with Linux in that regard, but if it's like other kinds of devices that aren't supported by default in your distro (and even some that are, like wireless), you're right, it's probably going to be a major PITA. My iMac at work came with a RF remote that works rather well, and controls all of the things I would need it to control at home, only my home machine does not have this feature.
Sound like you need a couple of these bad boys and a spool of Cat-5e. I have a pair that connects my computer in the den to our big, shiny TV in the living room. It's great. We can watch iTMS videos (like Lost) on our TV. We can watch streaming video on our TV. And when our DVD player broke, we used the computer to play the DVDs, too. For me, this also functions as an easy way to plug iTunes into my stereo system. In all, it was totally worth the investment. And no ugly, fire-breathing computer (9 fans, anyone?) in the living room.
It's funny-- I hear this now and then from people, and I agree: Word 5.1a for the Mac had the best WP interface that Microsoft ever put out. It was a nice balace of features and simplicity. Word 6 for the Mac added inline spellchecking, which was nice, but it came burdened with a number of other no-so-useful features, and if I recall, was also at a transition point in Mac architecture. It was slow and buggy. But 5.1a reminds me of a time when Microsoft's products were useful and were compelling for more reasons than eye-candy. I still have my Word 5.1a disks and every now and then I swear I'm going to start doing word processing in Basilisk...
As for Office 2007; we're holding off. We only purchased our Office 2002 site license three years ago, and for the most part, it works well. We are not prepared to spend time teaching our users a new UI for some dubious gains in productivity. Even Office 2003's UI-- really just a few cosmetic tweaks-- proved to be too confusing for some users. Being a book publisher, this is a WP-intensive environment (with a decidedly middle-aged crowd), and if Microsoft can't switch us, I don't think that bodes well for their product. They should at least offer the option to switch back to "classic mode".
The availability of the Idokorro SSH client for my BlackBerry is a killer feature on my phone. I'm a network engineer, so being able to check up on our boxes when I'm not in the office is essential. Why would Apple make such a big deal about having an embedded version of Mac OS X if that OS is hamstrung by not being able to run anything? Lame. It would have been a stretch to ask my company to pay for this anyhow...
Man, I hate Verizon. I have a long history with them both at work and at home. At work, we've moved our main connection to Cogent, and at home, I've been using Speakeasy for awhile now. Unfortunately, when things go wrong with Speakeasy, you can usually trace the problem back to Verizon, who owns the telephone lines in my town. Lately, Speakeasy has been real flaky, and despite the amazing tech support I get with them (they call ME when there's a problem!), I have to have a working connection. Now that there's 1xEV-DO Rev. A in my area, I'm going to be switching to that-- just ditch the wires; it doesn't have to be fast, but it has to work. Once again, my choice is between Verizon and Sprint for this service. Verizon can go fuck itself-- Sprint isn't great, but it's better than the abuse I've gotten as a Verizon customer over the years.
Star Trek for the TI-994A worked with the speech synthesizer module. That's definitely cheaper, and it was very entertaining at the time. I remember the looks of astonishment on my friends' faces when my computer would blurt out (in a completely mechanical and almost indecipherable) "Entering sector 2 point 2." It's too bad nothing interesting ever happened in that game except that there were more bad guys who went faster.
Alpiner, and Parsec, though, really put the speech synthesizer to work-- those were GREAT games!